search

aacotroneo / laravel-saml2

A Laravel 5 package for Saml2 integration as a SP (service provider) based on the simple OneLogin toolkit
MIT License
567 stars 238 forks source link

No example provided on how to handle the assertion #227

Closed MrToxy closed 4 years ago

MrToxy commented 4 years ago

My Idp is redirecting to /sso/reply and I'm not able to change this to match to the pre-defined routes of the package. on the controller, I'm doing:

    public function reply(Request $request)
    {
        // SAMLResponse is available in the request
        // $request->SAMLResponse;
        $saml2Auth = new Saml2Auth(Saml2Auth::loadOneLoginAuthFromIpdConfig('test'));

        $user = $saml2Auth->getSaml2User();

        event(new Saml2LoginEvent('test', $user, $saml2Auth));
    }

However on the event listener, the user doesn't have any attributes and $messageId = $event->getSaml2Auth()->getLastMessageId(); always comes back as null.

Where is an example of how to programmatically parse the saml response and treat its data?

danmichaelo commented 4 years ago

Do you mean that the IDP, after veryifying the user, redirects back to /sso/reply on your site instead of {idp}/acs? If so, you should be able to manually create a route that points to Saml2Controller@acs ála the default one:

https://github.com/aacotroneo/laravel-saml2/blob/master/src/routes.php#L23-L26

Something along the lines of this:

Route::middleware(config('saml2_settings.routesMiddleware'))
    ->group(function() {
        $saml2_controller = config('saml2_settings.saml2_controller', 'Aacotroneo\Saml2\Http\Controllers\Saml2Controller');

        Route::post('/sso/reply', array(
            'as' => 'saml2_acs',
            'uses' => $saml2_controller.'@acs',
        ));

    });

You might need to manually bind idpName if not provided in the URI

MrToxy commented 4 years ago

I was able to solve it