SAML client and authorization grants about oauth2-server-php HOT 9 OPEN

This would be great! I know many companies still rely on SAML Assertion for their authorization, and it would be awesome to support it.

We can have the SamlGrantType implement ClientAssertionType, and then the token controller will use it for authorization as well, which is the logic that allows the JWT tokens to do this, so I do not believe any enhancement is necessary here.

from oauth2-server-php.

Hi, Any updates on this one? I'm interested. I may take a look.

from oauth2-server-php.

@aacotroneo Unfortunately, no. Would love to see a PR if you're interested! 😄

from oauth2-server-php.

@F21 Of course! :) I haven't even started, but It shouldn't take long (I hope). I'll start by reading the draft!

from oauth2-server-php.

@aacotroneo that would be amazing

from oauth2-server-php.

Well, I'm working on it!

Much of the validation the oauth2-server needs to do is pretty similar to what a saml service provider does. So, I thought about making an adapter to use onelogin/php-saml which handles all the hard xml validation stuff and has lots of unit tests.

I'm dealing with saml configuration right now. I'll try to make a simple case work, and then see how we can refactor it.

from oauth2-server-php.

Even if you have a demo app and enough material to add a cookbook article to the docs, that would also be immensely helpful

from oauth2-server-php.

#510

from oauth2-server-php.

@bshaffer Here is a sample implementation of your server using Slim framework (i saw a request for that). You'll see that it also implements the saml2-bearer grant type, but there's not much to see there. It just adds the grant type with a proper configuration array. I'll see if I find a way to make a test client without needing to setup a real IDP.

Edit: here = https://github.com/aacotroneo/saml2-bearer-server

from oauth2-server-php.