I have the following minimal code for an index page:
<?php // index.php
require_once('../simplesamlphp/lib/_autoload.php');
$authService = new SimpleSAML_Auth_Simple('default-sp');
//$authService->requireAuth(); // commented out
$attributes = $authService->getAttributes();
// render page....I don't want to use requireAuth here because it is quite acceptable for the user to view the index page without having to login. If I use requireAuth it will force the user to login, right.
BUT, if I have already logged in using another SP (by the way, the other SP also authenticates against the same IdP as this SP does). If I load this page, it doesn't fetch the attributes from the IdP. I have to uncomment requireAuth THEN it will fetch the attributes. This is fine if the user has already logged into the IdP. But if not, and they haven't logged in, requireAuth will force them to. I don't want this. I only want to fetch attributes - if they exist, otherwise it's fine for now (no login required for this page).
Is it possible to get attributes for a current session from IdP, but if the user hasn't yet logged in - don't force them - can I do this? I'm sure I can do something hacky to acheive this but it seems like a feature that would be desirable even if not implemented yet ( $authService->getAttributes(true) - where true might instruct authService to fetch from IdP )
I've been looking at the documentation for SP API reference but can't see anything that allows for this. I previously assumed that getAttributes did this but looking at my IdP/SPs in dev I can see that's not the case.
https://simplesamlphp.org/docs/1.8/simplesamlphp-sp-apiCan anyone tell me how I should be doing this, perhaps I'm not using the API correctly. Thanks