diff --git a/docs/simplesamlphp-sp-api.txt b/docs/simplesamlphp-sp-api.txt index e73102bc84529700514aced3424eb53221d40411..fafc8d2ec2e6490dd72af325596e02e173b39442 100644 --- a/docs/simplesamlphp-sp-api.txt +++ b/docs/simplesamlphp-sp-api.txt @@ -40,7 +40,7 @@ Check whether the user is authenticated with this authentication source. `requireAuth` ------------- - void requireAuth(array $options = array()) + void requireAuth(array $params = array()) Make sure that the user is authenticated. This function will only return if the user is authenticated. @@ -48,18 +48,9 @@ If the user isn't authenticated, this function will start the authentication pro ### Parameters -`$options` is an associative array with named parameters for this function. -The following named parameters are supported: +`$params` is an associative array with named parameters for this function. +See the documentation for the `login`-function for a description of the parameters. -`KeepPost` (`bool`) - -: If set to `TRUE`, the current POST data will be submittet again after authentication. - The default is `TRUE`. - -`ReturnTo` (`string`) - -: The URL the user should be returned to after authentication. - The default is to return the user to the current page. ### Example 1 @@ -79,6 +70,43 @@ The following named parameters are supported: print("Hello, authenticated user!"); +`login` +------------- + + void login(array $params = array()) + +Start a login operation. +This function will always start a new authentication process. + +### Parameters + +The following global parameters are supported: + +`ErrorURL` (`string`) + +: An URL to a page which will receive errors that may occur during authentication. + +`KeepPost` (`bool`) + +: If set to `TRUE`, the current POST data will be submitted again after authentication. + The default is `TRUE`. + +`ReturnTo` (`string`) + +: The URL the user should be returned to after authentication. + The default is to return the user to the current page. + +The [`saml:SP`](https://rnd.feide.no/content/saml-service-provider-configuration-reference) authentication source also defines some parameters. + + +### Example + + # Send a passive authentication request. + $auth->login(array( + 'saml:IsPassive' => TRUE, + 'ErrorURL' => 'https://.../error_handler.php', + )); + `logout` -------- diff --git a/modules/saml/docs/sp.txt b/modules/saml/docs/sp.txt index f89440bfd6ed6d5a45d1708b58203c29b8972ba9..72eb70136992a320cfa427bd823c9af7dfa50c96 100644 --- a/modules/saml/docs/sp.txt +++ b/modules/saml/docs/sp.txt @@ -9,11 +9,12 @@ Metadata The metadata for your SP will be available from the federation page on your simpleSAMLphp installation. -Options + +Parameters ------- -These are options that can be used at runtime to control the authentication. -All these options override the equivalent option from the configuration. +These are parameters that can be used at runtime to control the authentication. +All these parameters override the equivalent option from the configuration. `saml:AuthnContextClassRef` : The AuthnContextClassRef that will be sent in the login request. @@ -27,10 +28,10 @@ All these options override the equivalent option from the configuration. : *Note*: SAML 2 specific. `saml:idp` -: The entity ID this SP should connect to. +: The entity ID of the IdP we should send an authentication request to. `saml:IsPassive` -: IsPassive allows you to enable passive authentication by default for this SP. +: Send a passive authentication request. : *Note*: SAML 2 specific. @@ -82,10 +83,12 @@ Here we will list some examples for this authentication source. ), -### Requesting passive authentication +### Requesting a specific authentication method. -$auth = new SimpleSAML_Auth_Simple('default-sp'); -$auth->login(array('saml:IsPassive' => TRUE)); + $auth = new SimpleSAML_Auth_Simple('default-sp'); + $auth->login(array( + 'saml:AuthnContextClassRef' => 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password', + )); Options