/**
* Attempt to log in using the given username and password.
*
* On a successful login, this function should return the users attributes. On failure,
* it should throw an exception. If the error was caused by the user entering the wrong
* username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown.
*
* Note that both the username and the password are UTF-8 encoded.
*
* @param string $username The username the user wrote.
* @param string $password The password the user wrote.
* @return array Associative array with the users attributes.
*/
protected function login($username, $password)
{
assert('is_string($username)');
assert('is_string($password)');
$file = @fopen(Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . "/index.php/service/syntarsus/login?username={$username}&password={$password}", "r");
if (!$file) {
throw new SimpleSAML_Error_Error('WRONGUSERPASS');
}
$line = fgets($file, 1024);
fclose($file);
$text = json_decode($line);
if ($text === NULL or $text === false) {
throw new SimpleSAML_Error_Error('WRONGUSERPASS');
}
if ($text->login == false) {
throw new SimpleSAML_Error_Error('WRONGUSERPASS');
} else {
foreach ($text->attr as $key => $value) {
$result[$key] = array($value);
}
return $result;
}
}
<?php
/**
* SAML 2.0 remote SP metadata for simpleSAMLphp.
*
* See: https://simplesamlphp.org/docs/stable/simplesamlphp-reference-sp-remote
*/
/*
* Example simpleSAMLphp SAML 2.0 SP
*/
$metadata['https://saml2sp.example.org'] = array('AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp', 'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp');
$metadata[Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/'] = array('AssertionConsumerService' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/module.php/saml/sp/saml2-acs.php/default-sp', 'SingleLogoutService' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/module.php/saml/sp/saml2-logout.php/default-sp');
/*
* This example shows an example config that works with Google Apps for education.
* What is important is that you have an attribute in your IdP that maps to the local part of the email address
* at Google Apps. In example, if your google account is foo.com, and you have a user that has an email john@foo.com, then you
* must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
*/
$metadata['google.com'] = array('AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', 'simplesaml.nameidattribute' => 'uid', 'simplesaml.attributes' => FALSE);
<?php
/**
* SAML 2.0 remote IdP metadata for simpleSAMLphp.
*
* Remember to remove the IdPs you don't use from this file.
*
* See: https://simplesamlphp.org/docs/stable/simplesamlphp-reference-idp-remote
*/
/*
* Guest IdP. allows users to sign up and register. Great for testing!
*/
$metadata['https://openidp.feide.no'] = array('name' => array('en' => 'Feide OpenIdP - guest users', 'no' => 'Feide Gjestebrukere'), 'description' => 'Here you can login with your account on Feide RnD OpenID. If you do not already have an account on this identity provider, you can create a new one by following the create new account link and follow the instructions.', 'SingleSignOnService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php', 'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php', 'certFingerprint' => 'c9ed4dfb07caf13fc21e0fec1572047eb8a7a4cb');
/*
$metadata['http://localhost:5100'] = array(
'SingleSignOnService' => 'http://localhost:5100/saml/saml2/idp/SSOService.php',
'SingleLogoutService' => 'http://localhost:5100/saml/saml2/idp/SingleLogoutService.php',
'certFingerprint' => 'afe71c28ef740bc87425be13a2263d37971da1f9',
);
*/
//$metadata[RaptorSAML::getBaseName().'/SSO/simplesamlphp/www/saml2/idp/metadata.php'] = array (
$metadata[Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/metadata.php'] = array('metadata-set' => 'saml20-idp-remote', 'entityid' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/metadata.php', 'SingleSignOnService' => array(0 => array('Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/SSOService.php')), 'SingleLogoutService' => array(0 => array('Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/SingleLogoutService.php')), 'certData' => 'MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient');
<?php
/*
* The configuration of SimpleSAMLphp
*
*/
$config = array('baseurlpath' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/', 'certdir' => 'cert/', 'loggingdir' => 'log/', 'datadir' => 'data/', 'tempdir' => '/tmp/simplesaml', 'debug' => true, 'showerrors' => true, 'errorreporting' => true, 'debug.validatexml' => false, 'auth.adminpassword' => '123', 'admin.protectindexpage' => false, 'admin.protectmetadata' => false, 'secretsalt' => 'defaultsecretsalt', 'technicalcontact_name' => 'Administrator', 'technicalcontact_email' => '*****@*****.**', 'timezone' => null, 'logging.level' => SimpleSAML_Logger::DEBUG, 'logging.handler' => 'file', 'logging.facility' => defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER, 'logging.processname' => 'simplesamlphp', 'logging.logfile' => 'simplesamlphp.log', 'statistics.out' => array(), 'enable.saml20-idp' => true, 'enable.shib13-idp' => false, 'enable.adfs-idp' => false, 'enable.wsfed-sp' => false, 'enable.authmemcookie' => false, 'session.duration' => 8 * (60 * 60), 'session.datastore.timeout' => 4 * 60 * 60, 'session.state.timeout' => 60 * 60, 'session.cookie.name' => 'SimpleSAMLSessionID', 'session.cookie.lifetime' => 0, 'session.cookie.path' => '/', 'session.cookie.domain' => null, 'session.cookie.secure' => false, 'session.disable_fallback' => false, 'enable.http_post' => false, 'session.phpsession.cookiename' => null, 'session.phpsession.savepath' => null, 'session.phpsession.httponly' => false, 'session.authtoken.cookiename' => 'SimpleSAMLAuthToken', 'session.rememberme.enable' => false, 'session.rememberme.checked' => false, 'session.rememberme.lifetime' => 14 * 86400, 'language.available' => array('en', 'no', 'nn', 'se', 'da', 'de', 'sv', 'fi', 'es', 'fr', 'it', 'nl', 'lb', 'cs', 'sl', 'lt', 'hr', 'hu', 'pl', 'pt', 'pt-br', 'tr', 'ja', 'zh', 'zh-tw', 'ru', 'et', 'he', 'id', 'sr', 'lv', 'ro', 'eu'), 'language.rtl' => array('ar', 'dv', 'fa', 'ur', 'he'), 'language.default' => 'en', 'language.parameter.name' => 'language', 'language.parameter.setcookie' => true, 'language.cookie.name' => 'language', 'language.cookie.domain' => null, 'language.cookie.path' => '/', 'language.cookie.lifetime' => 60 * 60 * 24 * 900, 'attributes.extradictionary' => null, 'theme.use' => 'default', 'default-wsfed-idp' => 'urn:federation:pingfederate:localhost', 'idpdisco.enableremember' => true, 'idpdisco.rememberchecked' => true, 'idpdisco.validate' => true, 'idpdisco.extDiscoveryStorage' => null, 'idpdisco.layout' => 'dropdown', 'shib13.signresponse' => true, 'authproc.idp' => array(30 => 'core:LanguageAdaptor', 45 => array('class' => 'core:StatisticsWithAttribute', 'attributename' => 'realm', 'type' => 'saml20-idp-SSO'), 50 => 'core:AttributeLimit', 99 => 'core:LanguageAdaptor'), 'authproc.sp' => array(90 => 'core:LanguageAdaptor'), 'metadata.sources' => array(array('type' => 'flatfile')), 'store.type' => 'phpsession', 'store.sql.dsn' => 'sqlite:/path/to/sqlitedatabase.sq3', 'store.sql.username' => null, 'store.sql.password' => null, 'store.sql.prefix' => 'simpleSAMLphp', 'memcache_store.servers' => array(array(array('hostname' => 'localhost'))), 'memcache_store.expires' => 36 * (60 * 60), 'metadata.sign.enable' => false, 'metadata.sign.privatekey' => null, 'metadata.sign.privatekey_pass' => null, 'metadata.sign.certificate' => null, 'proxy' => null, 'trusted.url.domains' => null);
