I am trying to install LightSAML https://packagist.org/packages/lightsaml/lightsaml, into a Laravel app, to do some very basic deserialization of a HTTP POST request, but getting errors:
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Conclusion: don't install lightsaml/lightsaml 1.3.6
.....
Installation failed, reverting ./composer.json to its original content.
It does seem a little old so not sure if I can make it work at all - if not, can anyone suggest even simpler means of deserializing and accessing the individual attributes of a SAML request?
I have also seen https://github.com/onelogin/php-saml, however it looks like it does more than I need - I don't need to do the actual auth part using SAML, I merely need to accept a SAML http post and use that data for my own bespoke auth token creation.
我正在尝试安装LightSAML https://packagist.org/packages/lightsaml/lightsaml ,进入Laravel应用程序,对HTTP POST请求进行一些非常基本的反序列化,但收到错误:
您的要求无法解析为可安装的软件包。
问题1
- 结论:不要安装lightsaml / lightsaml 1.3.6
... ..
安装失败,将./composer.json恢复为原始内容。
它看起来有点旧,所以不确定我是否可以制作它 完全工作 - 如果没有,任何人都可以建议更简单的反序列化方法和访问SAML请求的各个属性吗?
我还看到 https://github.com/onelogin/php-saml ,但它看起来比我需要的更多 - 我不需要 这样做 使用SAML的实际身份验证部分,我只需要接受SAML http帖子并将该数据用于我自己的定制身份验证令牌创建。
Sorry I had to add this to composer and update:
微信扫一扫"repositories": [
{
"type": "vcs",
"url": "https://github.com/frostieDE/lightSAML"
}
],
I think that the solution is in error: Your requirements could not be resolved to an installable set of packages. I guess that in your libs must be a conflict with LightSaml. Just incompatible.
Perhaps there's a composer.lock file in /Users/user/.composer or other place that hinders the update.
Try that steps:
As you wrote, solution might be adding:
"repositories": [
{
"type": "vcs",
"url": "https://github.com/frostieDE/lightSAML"
}
],
Good luck
If the idea is just to decode the SAMLResponse data that's being POST'ed to your endpoint, then you can achieve that easily (as long as it's not encrypted).
The SAMLResponse is base64 encoded, so you just have to decode it. In the controller method where you're receiving the data, you'll do something like:
// Decode the data into the original XML document
$xmlPayload = base64_decode($request->get('SAMLResponse'));
Now, the XML data you've just decoded, needs to be parsed. Given the document is small, using DOMDocument should be enough:
// Load the XML document
$doc = new DOMDocument();
$doc->loadXML($xmlPayload);
// Traverse User elements
foreach ($doc->getElementsByTagName('Attribute') as $attribute) {
var_dump($attribute->nodeName.'[@'.$attribute->getAttribute('Name').'] -> '.$attribute->nodeValue);
}
That will output something like:
string(34) "saml2:Attribute[@firstName] -> Ray"
string(37) "saml2:Attribute[@lastName] -> Charles"
string(48) "saml2:Attribute[@email] -> ray.charles@music.com"
string(48) "saml2:Attribute[@login] -> ray.charles@music.com"
string(44) "saml2:Attribute[@id] -> 11uboeg2g0bKNxyk01z7"
This is just an example, since the attributes will probably change (depending on how your Single Sign On IdP is set).
I tested with a payload from Okta.