a-menshchikov
commented
1 year ago @quentint hi! You look for something like a just-in-time user provisioning, right? (Without user persistence in database.)
Open quentint opened 1 year ago
a-menshchikov
commented
1 year ago @quentint hi! You look for something like a just-in-time user provisioning, right? (Without user persistence in database.)
quentint
commented
1 year ago Well, it could be, but I don't want to create new users, but rather load one (or none) based on the SAML attributes. Is that compatible?
a-menshchikov
commented
1 year ago It looks like you need just User Provider, without any User Factory. If you load users from database, you can use EntityUserProvider and use SAML attributes injection.
quentint
commented
1 year ago I've also considered this feature. But if I'm correct, it will inject SAML attributes in a User instance, which would have previously been loaded by the user provider. But what I'm looking for is a bit different: loading a user using the received SAML attributes 😉
a-menshchikov
commented
1 year ago If you wish use multiple attributes for user loading I have no ideas for you, sorry.
But if you have the only one attribute that may be used as identifier, you can use the identifier_attribute option.
Hi and thanks for your work on this bundle! I'm currently in the process of integrating it inside a new Symfony site.
In my use-case I don't want the user provider to create users on SAML success, but rather:
I used to use
aerialship/saml-sp-bundlewhich had a handyUserManagerInterfacewithloadUserBySamlInfo(SamlSpInfo $samlInfo): UserInterface. The user provider could implement this interface, and that method would be called on SAML auth success. See the docs for a little more details.Note: It also has a
createUserFromSamlInfo(SamlSpInfo $samlInfo): UserInterfacebut I'm currently not interested in this feature 😉Is something similar currently possible (maybe listening to an event)? If not, do you think it could improve the bundle?
Thanks!