doumengmian1180
2018-03-27 04:50 阅读 108
已采纳

如何在php中反序列化SAML请求 - 无法安装LightSAML

I am trying to install LightSAML https://packagist.org/packages/lightsaml/lightsaml, into a Laravel app, to do some very basic deserialization of a HTTP POST request, but getting errors:

 Your requirements could not be resolved to an installable set of packages.

 Problem 1
 - Conclusion: don't install lightsaml/lightsaml 1.3.6
 .....

Installation failed, reverting ./composer.json to its original content.

It does seem a little old so not sure if I can make it work at all - if not, can anyone suggest even simpler means of deserializing and accessing the individual attributes of a SAML request?

I have also seen https://github.com/onelogin/php-saml, however it looks like it does more than I need - I don't need to do the actual auth part using SAML, I merely need to accept a SAML http post and use that data for my own bespoke auth token creation.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

3条回答 默认 最新

  • 已采纳
    douyin8623 douyin8623 2018-03-27 21:52

    Sorry I had to add this to composer and update:

    "repositories": [
        {
            "type": "vcs",
            "url": "https://github.com/frostieDE/lightSAML"
        }
    ],
    
    点赞 评论 复制链接分享
  • duanguanye4124 duanguanye4124 2018-03-27 05:49

    I think that the solution is in error: Your requirements could not be resolved to an installable set of packages. I guess that in your libs must be a conflict with LightSaml. Just incompatible.

    Perhaps there's a composer.lock file in /Users/user/.composer or other place that hinders the update.

    Try that steps:

    1. got inside global composer folder (C:\Users\your_name\AppData\Roaming\Composer)
    2. edited the composer.json (added to require : "your_package" : "number.*" )
    3. in command line: composer global update.

    As you wrote, solution might be adding:

    "repositories": [
        {
            "type": "vcs",
            "url": "https://github.com/frostieDE/lightSAML"
        }
    ],
    

    Good luck

    点赞 评论 复制链接分享
  • dongqiao1888 dongqiao1888 2018-04-08 22:16

    If the idea is just to decode the SAMLResponse data that's being POST'ed to your endpoint, then you can achieve that easily (as long as it's not encrypted).

    The SAMLResponse is base64 encoded, so you just have to decode it. In the controller method where you're receiving the data, you'll do something like:

    // Decode the data into the original XML document
    $xmlPayload = base64_decode($request->get('SAMLResponse'));
    

    Now, the XML data you've just decoded, needs to be parsed. Given the document is small, using DOMDocument should be enough:

    // Load the XML document
    $doc = new DOMDocument();
    $doc->loadXML($xmlPayload);
    
    // Traverse User elements
    foreach ($doc->getElementsByTagName('Attribute') as $attribute) {
        var_dump($attribute->nodeName.'[@'.$attribute->getAttribute('Name').'] -> '.$attribute->nodeValue);
    }
    

    That will output something like:

    string(34) "saml2:Attribute[@firstName] -> Ray"
    string(37) "saml2:Attribute[@lastName] -> Charles"
    string(48) "saml2:Attribute[@email] -> ray.charles@music.com"
    string(48) "saml2:Attribute[@login] -> ray.charles@music.com"
    string(44) "saml2:Attribute[@id] -> 11uboeg2g0bKNxyk01z7"
    

    This is just an example, since the attributes will probably change (depending on how your Single Sign On IdP is set).

    I tested with a payload from Okta.

    点赞 评论 复制链接分享

相关推荐