laravel-saml2
laravel-saml2 copied to clipboard
24Slides
[Laravel 5.4+] An integration to add SSO to your service via SAML2 protocol based on OneLogin toolkit with support of multiple Identity Providers
As the title suggests, I think it might be a good idea to change the expected env var for attaching the sp certifitcate to be `SAML2_SP_CERT_X509` (The X uppercase), since...
I configured my IDP and followed the instructions given in the Readme section. When I call https://url-of-my-website/saml2/{uuid}/login I see the SSO page of my IDP. After successfully logging in I...
Firstly, according to the documentation, "By logging out of the global SSO Session. In this case the IdP will notify you on `/saml2/{uuid}/slo` endpoint (already provided)." however an `/slo` endpoint...
In the documentation there is a comment about [replay attacks](https://github.com/24Slides/laravel-saml2#authentication-events): $messageId = $event->getAuth()->getLastMessageId(); // your own code preventing reuse of a $messageId to stop replay attacks What do we need...
Hi, there seems to be a bug in the console script for manipulating/deleting tenants. Specifing either an ID or a UUID leads to a SQL query syntax error. The value...
Currently when actions are executed on the tenant, they are carried out on the default database. Add new variable in the saml configuration to use a different connection driver than...
I believe this is the `x509certMulti` settings in OneLogin. **From their docs:** IdP with multiple certificates In some scenarios the IdP uses different certificates for signing/encryption, or is under key...
For the first case, call Saml2Auth::logout(); or redirect the user to the route saml.logout which does just that. Do not close the session immediately as you need to receive a...
Hello, The are some cases which don't work here: - If there is already logged user & it's email != saml->user->email, then make logged-in user logout first. - If there...
