Skip to content
Advertisement

Single sign on using SimpleSamlPhp wrapper on Laravel

Implementing single sign on in my laravel application. I have decided to use this plugin https://github.com/aacotroneo/laravel-saml2 which is basically a wrapper on famous SimpleSamlPhp.

I downloaded the code via composer and as per given information Remember that you don't need to implement those routes, but you'll need to add them to your IDP configuration. For example, if you use simplesamlphp, add the following to /metadata/sp-remote.php

$metadata['http://laravel_url/saml/metadata'] = array(
 'AssertionConsumerService' => 'http://laravel_url/saml/acs',
 'SingleLogoutService' => 'http://laravel_url/saml/sls',
 //the following two affect what the $Saml2user->getUserId() will return
 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
 'simplesaml.nameidattribute' => 'uid'  
);

I can’t find metadata/sp-remote.php, any idea? and as far as http://laravel_url/saml/acs is concerned, do I need to deploy saml on the server? because at the moment the plugin code is in vendors in laravel core architecture code hierarchy.

Advertisement

Answer

I hope this will help others. I added saml2_settings.php in the config folder.

Updated the routes:

'logoutRoute' => '/logout',
'loginRoute' => '/homepage',
'errorRoute' => '/error',

updated x509cert (publickey.cer) and privateKey

Updated 'entityId', added the url of metadata xml. Updated singleLogoutService and rest of the required details in the saml2_settings.php file.

Added two listeners 1) for login event 2) for logout event

Updated the routes file like this:

IlluminateSupportFacadesEvent::listen('AacotroneoSaml2EventsSaml2LogoutEvent', function ($event) {
    IlluminateSupportFacadesAuth::logout();
    IlluminateSupportFacadesSession::save();
    return redirect("login");
});

IlluminateSupportFacadesEvent::listen('AacotroneoSaml2EventsSaml2LoginEvent', function (AacotroneoSaml2EventsSaml2LoginEvent $event) {

    $user = $event->getSaml2User();
    $userData = [
        'id' => $user->getUserId(),
        'attributes' => $user->getAttributes(),
        'assertion' => $user->getRawSamlAssertion()
    ];


      // add the login for auto login based on your settings
    /// REDIRECT the user to homepage
    }
});
User contributions licensed under: CC BY-SA
7 People found this is helpful
Advertisement