search

lightSAML / SpBundle

SAML2 SP Symfony Bundle based on LightSAML
https://www.lightsaml.com/SP-Bundle/
MIT License
66 stars 70 forks source link

Update user #81

Open katerina-n opened 4 years ago

katerina-n commented 4 years ago

Could you please assist me one more time? Is there any way to update a logged in user info if his name/phone/title were changed? I haven't found any other option except of override AuthenticationSuccessHandlerInterface and put it there. But I suppose that is not the best solution

frostieDE commented 4 years ago

One way is to provide a custom SamlSpTokenFactory which then dispatches a custom AuthenticationEvent. See my implementation (SamlSpTokenFactory.php, AuthenticationEvent.php).

Do not forget to configure the custom Factory inside your security.yaml:

...
       secured:
            pattern: ^/
            light_saml_sp:
                provider: database
                user_creator: App\Security\User\UserCreator
                login_path: /saml/login
                check_path: /saml/login_check
                token_factory: App\Security\SamlSpTokenFactory

I don't know if it is the best way to do this, but it works for us :smile:

I am not sure why we are not using Symfony's security events. This should be a better way to do this :-) You may fetch the current SamlSpResponseToken which has a method getResponse() which should return the SAML Response.