Skip to content

gfaust-qb/saml2

BranchesTags
 
 

Repository files navigation

SimpleSAMLphp SAML2 library

[Build Status] (https://travis-ci.org/simplesamlphp/saml2) [Coverage Status] (https://coveralls.io/r/simplesamlphp/saml2)

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp, used by OpenConext. This library is a collaboration between UNINETT and SURFnet.

Before you use it

DO NOT USE THIS LIBRARY UNLESS YOU ARE INTIMATELY FAMILIAR WITH THE SAML2 SPECIFICATION.

If you are not familiar with the SAML2 specification and are simply looking to connect your application using SAML2, you should probably use SimpleSAMLphp.

While this library is tagged as stable it is currently not very developer friendly and it's API is likely to change significantly in the future. It is however a starting point for collaboration between parties. So let us know what you would like to see in a PHP SAML2 library.

Note that the HTTP Artifact Binding and SOAP client do not work outside of SimpleSAMLphp.

Usage

  • Install with Composer, run the following command in your project:
composer require simplesamlphp/saml2

  • Provide the required external dependencies by extending and implementing the SAML2_Compat_AbstractContainer then injecting it in the ContainerSingleton (see example below).

  • Make sure you've read the security section below

  • Use at will. Example:

    // Use Composers autoloading
    require 'vendor/autoload.php';

    // Implement the Container interface (out of scope for example)
    require 'container.php';
    SAML2_Compat_ContainerSingleton::setContainer($container);

    // Set up an AuthnRequest
    $request = new SAML2_AuthnRequest();
    $request->setId($container->generateId());
    $request->setIssuer('https://sp.example.edu');
    $request->setDestination('https://idp.example.edu');

    // Send it off using the HTTP-Redirect binding
    $binding = new SAML2_HTTPRedirect();
    $binding->send($request);

Security

  • Ensure that before calling any code from this library you have called libxml_disable_entity_loader(true); this is required to prevent the XXE Processing Vulnerability, see also this websec.io page

  • Should you need to create a DOMDocument instance, use the SAML2_DOMDocumentFactory to create DOMDocuments from either a string (SAML2_DOMDocumentFactory::fromString($theXmlAsString)), a file (SAML2_DOMDocumentFactory::fromFile($pathToTheFile)) or just a new instance (SAML2_DOMDocumentFactory::create())

License

This library is licensed under the LGPL license version 2.1. For more details see LICENSE.

About

SimpleSAMLphp low-level SAML2 PHP library

www.simplesamlphp.org

Resources

Readme

License

LGPL-2.1 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

53 tags

Packages

No packages published

Languages

  • PHP 100.0%