PHPackages fillup/zfauthsaml - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. fillup/zfauthsaml ActiveLibrary[Authentication & Authorization](/categories/authentication) fillup/zfauthsaml ================= Zend\\Authentication SAML adapter. Uses existing simpleSAMLphp install. 0.4.1(12y ago)63.7k2[1 issues](https://github.com/fillup/zfauthsaml/issues)GPL-2.0+PHPPHP >=5.3.3 Since Jun 17Pushed 12y ago1 watchersCompare [ Source](https://github.com/fillup/zfauthsaml)[ Packagist](https://packagist.org/packages/fillup/zfauthsaml)[ Docs](https://github.com/fillup/zfauthsaml)[ RSS](/packages/fillup-zfauthsaml/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependencies (3)Versions (7)Used By (0) zfauthsaml ========== [](#zfauthsaml) Goal ---- [](#goal) The goal of this project is to provide a Zend\\Authentication adapter that wraps simpleSAMLphp to provide SAML authentication. At this point I'm not sure if simpleSAMLphp can be used strictly as a library or if it requires you to use its defined configuration files and such. Initially I'm working on the adapter to use an existing configured instance of simpleSAMLphp and then hope to refactor to wrap the library itself to be fully inclusive and support standard ZF application configuration strategies. Todo ---- [](#todo) - Implement support for an existing simpleSAMLphp install and use APIs to check if user is authenticated and persist identity information if so. - Implement support for BjyAuthorize to grant/deny access based on groups returned by SAML - Move return url path to config file and enable dynamic return url based on originally requested url - Refactor user entity to actually be populated based on SAML data - Implement local account provisioning on successful first login - Find better way to manage role list/config to prevent error when SAML returns a group/role not already configured. Perhaps support pulling from a RESTful API? - Further abstract user entity and mapper classes to support user defined entity models that can be persisted Needs ----- [](#needs) If you have expertise with simpleSAMLphp or writing extensions/adapters/customizations for ZfcUser I would love some help, connect with me through github. Setup ----- [](#setup) 1. Update your composer to require these modules (if not already requiring them): ``` "require": { "php": ">=5.3.3", "zendframework/zendframework": "~2.2", "zf-commons/zfc-user": "dev-master", "bjyoungblood/bjy-authorize": "~1.2", "fillup/zfauthsaml": "dev-master" } ``` 2. Copy `vendor/zf-commons/zfc-user/config/zfcuser.global.php.dist` to `config/autoload/zfcuser.global.php` 3. Change two settings within zfcuser.global.php: ``` $settings = array( 'user_entity_class' => 'ZfAuthSaml\Entity\User', 'auth_adapters' => array( 100 => 'ZfAuthSaml\Authentication\Adapter' ), ); ``` 4. Copy `vendor/bjyoungblood/bjy-authorize/config/module.config.php` to `config/autoload/module.bjyauthorize.global.php` 5. Change four settings in module.bjyauthorize.global.php: ``` return array( 'identity_provider' => 'ZfAuthSaml\Provider\Identity\SamlIdentityProvider', 'role_providers' => array( // format: user_role(role_id(varchar), parent(varchar)) 'BjyAuthorize\Provider\Role\Config' => array( 'guest' => array(), 'user' => array(), // List any groups that from SMAL that you want to identify with // in your application. You could also load them from a database. // The SamlIdentityProvider will only return roles that are defined // here and are part of the user's identity from the IdP ), ), 'guards' => array( // Setup your rules for various controllers/actions, these are just some examples. 'BjyAuthorize\Guard\Controller' => array( array('controller' => 'Application\Controller\Index', 'roles' => array('users')), array('controller' => 'zfauthsaml', 'roles' => array('users')), // Make sure you allow guests access to these two actions so they can actually login: array('controller' => 'zfauthsaml', 'action' => array('login','return'), 'roles' => array('guest')), ), ), 'unauthorized_strategy' => 'ZfAuthSaml\View\RedirectionStrategy', ); ``` 6. Enable modules in `config/application.config.php`: ``` return array( 'modules' => array( //... 'ZfcBase', 'ZfcUser', 'BjyAuthorize', 'ZfAuthSaml', ); ); ``` 7. Update your init\_autoloader.php to autoload simpleSAMLphp. For my dev area this looks like: ``` // simpleSAMLphp autoloading if (file_exists('vendor/simplesamlphp/lib/_autoload.php')) { $loader = include_once 'vendor/simplesamlphp/lib/_autoload.php'; } ``` 8. Apply schema changes to your user table. This assumes you created the initial user table defined with ZfcUser. Schema file located at `data/schema.sql` That should be it, users who are not logged in and do not have access to requested resources should be redirected to /login which will redirect them to the IdP you have configured to login. After login they will come back to simplesaml which will them redirect them to /return on your application which will load their identity into persistence and create a local user one does not already exist. ### Health Score 28 — LowBetter than 54% of packages Maintenance17 Infrequent updates — may be unmaintained Popularity24 Limited adoption so far Community9 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 6 Last Release 4715d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/a5e188393958c4505bb06d9e79ed99a47d1cd42551142f02ef364d8268449ef8?d=identicon)[fillup](/maintainers/fillup) --- Top Contributors [![fillup](https://avatars.githubusercontent.com/u/556105?v=4)](https://github.com/fillup "fillup (19 commits)") --- Tags SSOsamlsingle sign onsimplesamlphpzend authzend authentication ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/fillup-zfauthsaml/health.svg) ``` [![Health](https://phpackages.com/badges/fillup-zfauthsaml/health.svg)](https://phpackages.com/packages/fillup-zfauthsaml) ``` ### Alternatives [league/oauth2-client OAuth 2.0 Client Library 3.8k118.6M1.2k](/packages/league-oauth2-client)[league/oauth1-client OAuth 1.0 Client Library 99898.8M106](/packages/league-oauth1-client)[onelogin/php-saml PHP SAML Toolkit 1.3k44.0M107](/packages/onelogin-php-saml)[humanmade/wp-simple-saml WordPress Simple SAML plugin 124284.7k2](/packages/humanmade-wp-simple-saml)[hslavich/oneloginsaml-bundle OneLogin SAML Bundle for Symfony 1482.5M1](/packages/hslavich-oneloginsaml-bundle)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)