Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
simpleSAMLphp SP API reference
==============================
This document describes the SimpleSAML_Auth_Simple API.
This is the preferred API for integrating simpleSAMLphp with other applications.
Constructor
-----------
new SimpleSAML_Auth_Simple(string $authSource)
The constructor initializes a SimpleSAML_Auth_Simple object.
### Parameters
It has a single parameter, which is the ID of the authentication source that should be used.
This authentication source must exist in `config/authsources.php`.
### Example
$auth = new SimpleSAML_Auth_Simple('default-sp');
`isAuthenticated`
-----------------
bool isAuthenticated()
Check whether the user is authenticated with this authentication source.
`TRUE` is returned if the user is authenticated, `FALSE` if not.
### Example
if (!$auth->isAuthenticated()) {
/* Show login link. */
print('<a href="/login">Login</a>');
}
`requireAuth`
-------------
void requireAuth(array $params = array())
Make sure that the user is authenticated.
This function will only return if the user is authenticated.
If the user isn't authenticated, this function will start the authentication process.
### Parameters
`$params` is an associative array with named parameters for this function.
See the documentation for the `login`-function for a description of the parameters.
### Example 1
$auth->requireAuth();
print("Hello, authenticated user!");
### Example 2
/*
* Return the user to the frontpage after authentication, don't post
* the current POST data.
*/
$auth->requireAuth(array(
'ReturnTo' => 'https://sp.example.org/',
'KeepPost' => FALSE,
));
print("Hello, authenticated user!");
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
`login`
-------------
void login(array $params = array())
Start a login operation.
This function will always start a new authentication process.
### Parameters
The following global parameters are supported:
`ErrorURL` (`string`)
: An URL to a page which will receive errors that may occur during authentication.
`KeepPost` (`bool`)
: If set to `TRUE`, the current POST data will be submitted again after authentication.
The default is `TRUE`.
`ReturnTo` (`string`)
: The URL the user should be returned to after authentication.
The default is to return the user to the current page.
The [`saml:SP`](https://rnd.feide.no/content/saml-service-provider-configuration-reference) authentication source also defines some parameters.
### Example
# Send a passive authentication request.
$auth->login(array(
'saml:IsPassive' => TRUE,
'ErrorURL' => 'https://.../error_handler.php',
));
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
`logout`
--------
void logout(string $url = NULL)
Log the user out, and return to the given URL.
If the user isn't authenticated, the user will be redirected to the URL.
If the user is authenticated with an IdP, the user will be sent to the IdP for logout.
This function never returns.
### Parameters
`$url`
: The URL the user should be sent to after logout.
The default is the URL of the current page.
### Example
$auth->logout('https://sp.example.org/');
`getAttributes`
---------------
array getAttributes()
Retrieve the attributes of the current user.
If the user isn't authenticated, an empty array will be returned.
The attributes will be returned as an associative array with the name of the attribute as the key and the value as an array of one or more strings:
array(
'uid' => array('testuser'),
'eduPersonAffiliation' => array('student', 'member'),
)
### Example
$attrs = $auth->getAttributes();
if (!isset($attrs['displayName'][0])) {
throw new Exception('displayName attribute missing.');
}
$name = $attrs['displayName'][0];
print('Hello, ' . htmlspecialchars($name));
`getLoginURL`
-------------
string getLoginURL(string $returnTo = NULL)
Retrieve an URL that can be used to start authentication.
### Parameters
`$returnTo`
: The URL the user should be returned to after authentication.
The default is the current page.
### Example
$url = $auth->getLoginURL();
print('<a href="' . htmlspecialchars($url) . '">Login</a>');
### Note
The URL returned by this function is static, and will not change.
You can easily create your own links without using this function.
The URL should be:
.../simplesaml/module.php/core/as_login.php?AuthId=<authentication source>&ReturnTo=<return URL>
`getLogoutURL`
--------------
string getLogoutURL(string $returnTo = NULL)
Retrieve an URL that can be used to trigger logout.
### Parameters
`$returnTo`
: The URL the user should be returned to after logout.
The default is the current page.
### Example
$url = $auth->getLogoutURL();
print('<a href="' . htmlspecialchars($url) . '">Logout</a>');
### Note
The URL returned by this function is static, and will not change.
You can easily create your own links without using this function.
The URL should be:
.../simplesaml/module.php/core/as_logout.php?AuthId=<authentication source>&ReturnTo=<return URL>