/** * Attempt to log in using the given username and password. * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * * @param string $username The username the user wrote. * @param string $password The password the user wrote. * @return array Associative array with the users attributes. */ protected function login($username, $password) { assert('is_string($username)'); assert('is_string($password)'); $file = @fopen(Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . "/index.php/service/syntarsus/login?username={$username}&password={$password}", "r"); if (!$file) { throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } $line = fgets($file, 1024); fclose($file); $text = json_decode($line); if ($text === NULL or $text === false) { throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } if ($text->login == false) { throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } else { foreach ($text->attr as $key => $value) { $result[$key] = array($value); } return $result; } }
<?php /** * SAML 2.0 remote SP metadata for simpleSAMLphp. * * See: https://simplesamlphp.org/docs/stable/simplesamlphp-reference-sp-remote */ /* * Example simpleSAMLphp SAML 2.0 SP */ $metadata['https://saml2sp.example.org'] = array('AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp', 'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp'); $metadata[Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/'] = array('AssertionConsumerService' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/module.php/saml/sp/saml2-acs.php/default-sp', 'SingleLogoutService' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/module.php/saml/sp/saml2-logout.php/default-sp'); /* * This example shows an example config that works with Google Apps for education. * What is important is that you have an attribute in your IdP that maps to the local part of the email address * at Google Apps. In example, if your google account is foo.com, and you have a user that has an email john@foo.com, then you * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'. */ $metadata['google.com'] = array('AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', 'simplesaml.nameidattribute' => 'uid', 'simplesaml.attributes' => FALSE);
<?php /** * SAML 2.0 remote IdP metadata for simpleSAMLphp. * * Remember to remove the IdPs you don't use from this file. * * See: https://simplesamlphp.org/docs/stable/simplesamlphp-reference-idp-remote */ /* * Guest IdP. allows users to sign up and register. Great for testing! */ $metadata['https://openidp.feide.no'] = array('name' => array('en' => 'Feide OpenIdP - guest users', 'no' => 'Feide Gjestebrukere'), 'description' => 'Here you can login with your account on Feide RnD OpenID. If you do not already have an account on this identity provider, you can create a new one by following the create new account link and follow the instructions.', 'SingleSignOnService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php', 'SingleLogoutService' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php', 'certFingerprint' => 'c9ed4dfb07caf13fc21e0fec1572047eb8a7a4cb'); /* $metadata['http://localhost:5100'] = array( 'SingleSignOnService' => 'http://localhost:5100/saml/saml2/idp/SSOService.php', 'SingleLogoutService' => 'http://localhost:5100/saml/saml2/idp/SingleLogoutService.php', 'certFingerprint' => 'afe71c28ef740bc87425be13a2263d37971da1f9', ); */ //$metadata[RaptorSAML::getBaseName().'/SSO/simplesamlphp/www/saml2/idp/metadata.php'] = array ( $metadata[Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/metadata.php'] = array('metadata-set' => 'saml20-idp-remote', 'entityid' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/metadata.php', 'SingleSignOnService' => array(0 => array('Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/SSOService.php')), 'SingleLogoutService' => array(0 => array('Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', 'Location' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/saml2/idp/SingleLogoutService.php')), 'certData' => 'MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo', 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient');
<?php /* * The configuration of SimpleSAMLphp * */ $config = array('baseurlpath' => Raptor2\SyntarsusBundle\Saml\SAMLConfig::getBaseUrl() . '/SSO/SAML/', 'certdir' => 'cert/', 'loggingdir' => 'log/', 'datadir' => 'data/', 'tempdir' => '/tmp/simplesaml', 'debug' => true, 'showerrors' => true, 'errorreporting' => true, 'debug.validatexml' => false, 'auth.adminpassword' => '123', 'admin.protectindexpage' => false, 'admin.protectmetadata' => false, 'secretsalt' => 'defaultsecretsalt', 'technicalcontact_name' => 'Administrator', 'technicalcontact_email' => '*****@*****.**', 'timezone' => null, 'logging.level' => SimpleSAML_Logger::DEBUG, 'logging.handler' => 'file', 'logging.facility' => defined('LOG_LOCAL5') ? constant('LOG_LOCAL5') : LOG_USER, 'logging.processname' => 'simplesamlphp', 'logging.logfile' => 'simplesamlphp.log', 'statistics.out' => array(), 'enable.saml20-idp' => true, 'enable.shib13-idp' => false, 'enable.adfs-idp' => false, 'enable.wsfed-sp' => false, 'enable.authmemcookie' => false, 'session.duration' => 8 * (60 * 60), 'session.datastore.timeout' => 4 * 60 * 60, 'session.state.timeout' => 60 * 60, 'session.cookie.name' => 'SimpleSAMLSessionID', 'session.cookie.lifetime' => 0, 'session.cookie.path' => '/', 'session.cookie.domain' => null, 'session.cookie.secure' => false, 'session.disable_fallback' => false, 'enable.http_post' => false, 'session.phpsession.cookiename' => null, 'session.phpsession.savepath' => null, 'session.phpsession.httponly' => false, 'session.authtoken.cookiename' => 'SimpleSAMLAuthToken', 'session.rememberme.enable' => false, 'session.rememberme.checked' => false, 'session.rememberme.lifetime' => 14 * 86400, 'language.available' => array('en', 'no', 'nn', 'se', 'da', 'de', 'sv', 'fi', 'es', 'fr', 'it', 'nl', 'lb', 'cs', 'sl', 'lt', 'hr', 'hu', 'pl', 'pt', 'pt-br', 'tr', 'ja', 'zh', 'zh-tw', 'ru', 'et', 'he', 'id', 'sr', 'lv', 'ro', 'eu'), 'language.rtl' => array('ar', 'dv', 'fa', 'ur', 'he'), 'language.default' => 'en', 'language.parameter.name' => 'language', 'language.parameter.setcookie' => true, 'language.cookie.name' => 'language', 'language.cookie.domain' => null, 'language.cookie.path' => '/', 'language.cookie.lifetime' => 60 * 60 * 24 * 900, 'attributes.extradictionary' => null, 'theme.use' => 'default', 'default-wsfed-idp' => 'urn:federation:pingfederate:localhost', 'idpdisco.enableremember' => true, 'idpdisco.rememberchecked' => true, 'idpdisco.validate' => true, 'idpdisco.extDiscoveryStorage' => null, 'idpdisco.layout' => 'dropdown', 'shib13.signresponse' => true, 'authproc.idp' => array(30 => 'core:LanguageAdaptor', 45 => array('class' => 'core:StatisticsWithAttribute', 'attributename' => 'realm', 'type' => 'saml20-idp-SSO'), 50 => 'core:AttributeLimit', 99 => 'core:LanguageAdaptor'), 'authproc.sp' => array(90 => 'core:LanguageAdaptor'), 'metadata.sources' => array(array('type' => 'flatfile')), 'store.type' => 'phpsession', 'store.sql.dsn' => 'sqlite:/path/to/sqlitedatabase.sq3', 'store.sql.username' => null, 'store.sql.password' => null, 'store.sql.prefix' => 'simpleSAMLphp', 'memcache_store.servers' => array(array(array('hostname' => 'localhost'))), 'memcache_store.expires' => 36 * (60 * 60), 'metadata.sign.enable' => false, 'metadata.sign.privatekey' => null, 'metadata.sign.privatekey_pass' => null, 'metadata.sign.certificate' => null, 'proxy' => null, 'trusted.url.domains' => null);