jj1987 Posted February 27, 2019 Share Posted February 27, 2019 Good Morning, I'm developing a custom login handler using OneLogin's PHP SAML library. The way that saml works is the user clicks a button to login -> redirected to the login page -> login page realizes user needs to login, builds a SAML request and redirects to the Identity Provider (IDP) -> User Logs in -> User is redirected back to an "assertion consumer" page which consumes either HTTP POST or GET XML containing the login information. I have the button handler setup and the login redirect is working thanks to the documentation Invision provides. My question is how do I create a custom Assertion Consumer URL (Example: https://mysite.com/AssertionConsumer) that can decrypt the SAML assertion? It almost seems as if I need a separate php page that loads the invision session information, but I wasn't sure. My current assumption is that I'll need to create a plugin (or maybe application since it's not extending any existing app functionality?), but I wanted to ask before I went down that path. Link to comment Share on other sites More sharing options...
bfarber Posted February 28, 2019 Share Posted February 28, 2019 What I've done in the past is use the PHP simplesamlphp library to handle reading/decrypting the SAML response. A plugin is then used to invoke the library during session initialization. SAML isn't exactly the simplest route for SSO/unified login, but this approach works fine for our clients using it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.