Calling authentication page from SimpleSAML_Auth_Source
37 views
Skip to first unread message
Young, Joe
Mar 7, 2018, 6:23:37 PM3/7/18
to simple...@googlegroups.com
How do I implement calling the login page from a authsource that uses SimpleSAML_Auth_Source? I want to use a barcode to login and not a username/password.
I working from a example that alters the exampleauth:Static module. It replaces the authenticate function that reads $_POST['barcode'];
When I test my work, I get a blank webpage. How do I get the login page to show..
Here is code so far.
<?php
/**
* Example authentication source.
*
* This class is an example authentication source which will always return a user with
* a static set of attributes.
*
* @author Olav Morken, UNINETT AS.
* @package SimpleSAMLphp
*/
class sspmod_exampleauth_Auth_Source_Static extends SimpleSAML_Auth_Source {
/**
* The attributes we return.
*/
private $attributes;
/**
* Constructor for this authentication source.
*
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
public function __construct($info, $config) {
assert('is_array($info)');
assert('is_array($config)');
// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);
// Parse attributes
try {
$this->attributes = SimpleSAML\Utils\Attributes::normalizeAttributesArray($config);
} catch(Exception $e) {
throw new Exception('Invalid attributes for authentication source ' .
$this->authId . ': ' . $e->getMessage());
}
}
/**
* Log in using static attributes.
*
* @param array &$state Information about the current authentication.
*/
public function authenticate(&$state) {
$user = $_POST['barcode'];
if ($user) {
$attributes = loadAttributesForUser($user);
$state['Attributes'] = $attributes;
} else {
throw new Exception('No user found');
}
}
public function authenticate2(&$state) {
assert('is_array($state)');
$state['Attributes'] = $this->attributes;
}
}
Peter Schober
Mar 8, 2018, 7:58:45 AM3/8/18
to simple...@googlegroups.com
* Young, Joe <joe....@orecity.k12.or.us> [2018-03-08 00:23]:
If I had to guess then there is no HTTP POST and you'd always run into
the 'No user found' exception.
-peter
> When I test my work, I get a blank webpage.
Have you checked your logs (both SSP and the webserver's)?
If I had to guess then there is no HTTP POST and you'd always run into
the 'No user found' exception.
-peter
Young, Joe
Mar 12, 2018, 6:09:31 PM3/12/18
to simple...@googlegroups.com
In the "exampleauth" module, what does the "External" source mean? I have hacked together my authentication and www page using it. I had just edited the "authpage.php" to present a QR code reader and to check it against a list at posting time. Since I was never the server, should I have used some other scheme? I could not use the sspmod_core_Auth_UserPassBase because I was only pulling the QR code as the identify.
Joe Young
--
This is a mailing list for users of SimpleSAMLphp, not a support service. If you are willing to buy commercial support, please take a look here:
https://simplesamlphp.org/support
Before sending your question, make sure it is related to SimpleSAMLphp, and not your web server's configuration or any other third-party software. This mailing list cannot help with software that uses SimpleSAMLphp, only regarding SimpleSAMLphp itself.
Make sure to read the documentation:
https://simplesamlphp.org/docs/stable/
If you have an issue with SimpleSAMLphp that you cannot resolve and reading the documentation doesn't help, you are more than welcome to ask here for help. Subscribe to the list and send an email with your question. However, you will be expected to comply with some minimum, common sense standards in your questions. Please read this carefully:
http://catb.org/~esr/faqs/smart-questions.html
---
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlphp+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Patrick Radtke
Mar 13, 2018, 2:26:47 PM3/13/18
to SimpleSAMLphp
Your authenticate method should save state and then redirect the user to your www page where you display the barcode.
When you submit from your barcode page you do your processing and then call SimpleSAML_Auth_Source::completeAuth
to complete the authentication.
This describes how you need to build it
The authwindowslive module shows how to save state and redirect somewhere; and then how to resume the authentication flow after the browser submits data back.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
Young, Joe
Mar 14, 2018, 3:28:47 PM3/14/18
to simple...@googlegroups.com
Thank you, Patrick!
Ok. I can see the differences between the authwindowslive module and
the exampleauth:external module. I think that as long as I can copy
the authwindowslive module method and redirect the browser to a PHP
file in the www folder and back, then I think that I good to go.
Joe Young
Ok. I can see the differences between the authwindowslive module and
the exampleauth:external module. I think that as long as I can copy
the authwindowslive module method and redirect the browser to a PHP
file in the www folder and back, then I think that I good to go.
Joe Young
Reply all
Reply to author
Forward
0 new messages