search

kingstarter / laravel-saml

A laravel 5.4 / 5.5 SAML plugin that transforms laravel into an IDP.
MIT License
55 stars 29 forks source link

Confusing documentation #7

Closed xkovacikm closed 6 years ago

xkovacikm commented 6 years ago

Hi,

sorry for disturbing, but i am little bit confused how to correctly implement SSO with this package. I did all the steps from tutorial, but i am stucked now.

I think, that tutorial covered the IDP's part. But I don't know how to implement SP.

Could you please give me an advice how to implement SP?

Sorry if I'm wrong and didn't get the idea of this package correctly. Thank you so much.

steve-ks commented 6 years ago

Dear @xkovacikm, yes, you are right, the package is only covering the IDPs part. For laravel itself, it uses a simple add-in to let the login-controller work as both an SAML IDP when an SAML-Request message is given and as a normal login controller in case no SAML-Request is given.

For implementing an SP, first of all you need have any kind of webapplication having an SP implemented. There are several, for testing reasons to check your laravel IDP setup is working you could try simplesamlphp which easily can implement both a SP and an IDP application. You would need only the SP application though and let it make a request against your laravel application. There are also other saml-test applications.

Beside, any webapp could be converted into an SP. Depending of an already implemented SAML controller, an add-on or any do-it-yourself hack it is kind of easy or difficult. So far I do know that the laravel-saml add-on is used successfully against following webapps:

Probably also against some others that I do not know about. Hope this helps.

Greetings, Steve

tjallingt commented 6 years ago

Laravel-SAML adds SAML support to make a laravel application to both a SAML identity provider (IDP) and a SAML service provider (SP).

I think what @xkovacikm means is that the documentation is concerned with setting up laravel as an IDP but does not cover settings up a laravel application as a service provider even though the first line of the readme claims this is covered by this package.

From a cursory glance at the code this package does not implement anything to easily set up a laravel application as a SAML service provider so maybe the readme should be adjusted to make that more clear?

steve-ks commented 6 years ago

Good point, this definitely was wrong. I will modify the readme.

steve-ks commented 6 years ago

Updated README

tjallingt commented 6 years ago

just for reference: https://github.com/lightSAML/SpBundle is a package for symphony but is an implementation of lightsaml as a service provider. It would be interesting to port this over to laravel 😄.

An existing laravel package that implements saml in laravel for service providers is https://github.com/aacotroneo/laravel-saml2 but after attempting to clean up its code a bit i still think it is a bit messy because of the underlying saml library: https://github.com/onelogin/php-saml

Mathi05 commented 5 years ago

Hi @tjallingt,

Did you found anything implementing Service Provider in Laravel? Even I don't want to use https://github.com/aacotroneo/laravel-saml2.

Thanks, Mathi

tjallingt commented 5 years ago

hey,

i took a stab at cleaning it up but its in a very rough state https://github.com/tjallingt/laravel-saml2 maybe it is useful to you but again the underlying one-login library makes a clean port to laravel quite tricky 😕