PHPackages marketredesign/laravel-saml2 - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. marketredesign/laravel-saml2 ActiveLibrary[Authentication & Authorization](/categories/authentication) marketredesign/laravel-saml2 ============================ A Laravel package for Saml2 integration as a SP (service provider) based on OneLogin toolkit, with support for multiple IDPs, forked from aacotroneo/laravel-saml2. 1.1.0(7y ago)0202MITPHPPHP >=5.4.0 Since Feb 4Pushed 7y ago6 watchersCompare [ Source](https://github.com/marketredesign/laravel-saml2)[ Packagist](https://packagist.org/packages/marketredesign/laravel-saml2)[ Docs](https://github.com/marketredesign/laravel-saml2)[ RSS](/packages/marketredesign-laravel-saml2/feed)WikiDiscussions master Synced yesterday READMEChangelog (1)Dependencies (4)Versions (18)Used By (0) Forked from aacotroneo/laravel-saml2. This fork aims to provide support for multiple IDPs. It is based on the [fork](https://github.com/nirajp/laravel-saml2) by [@nirajp](https://github.com/nirajp). Laravel 5 - Saml2 ----------------- [](#laravel-5---saml2) [![Build Status](https://camo.githubusercontent.com/678b7252e9cba4f99a83d506078764bff2ba9765297b14c9388f04a137aeb026/68747470733a2f2f7472617669732d63692e6f72672f6d61726b6574726564657369676e2f6c61726176656c2d73616d6c322e737667)](https://travis-ci.org/marketredesign/laravel-saml2) \[check [https://github.com/marketredesign/laravel-saml2/tree/remove\_mcrypt](https://github.com/marketredesign/laravel-saml2/tree/remove_mcrypt) for a mcrypt free version \] A Laravel package for Saml2 integration as a SP (service provider) based on [OneLogin](https://github.com/onelogin/php-saml) toolkit, which is much lighter and easier to install than simplesamlphp SP. It doesn't need separate routes or session storage to work! The aim of this library is to be as simple as possible. We won't mess with Laravel users, auth, session... We prefer to limit ourselves to a concrete task. Ask the user to authenticate at the IDP and process the response. Same case for SLO requests. Installation - Composer ----------------------- [](#installation---composer) You can install the package via composer: ``` composer require marketredesign/laravel-saml2 ``` If you are using Laravel 5.5 and up, the service provider will automatically get registered. For older versions of Laravel (<5.5), you have to add the service provider and alias to config/app.php: ``` 'providers' => [ ... Aacotroneo\Saml2\Saml2ServiceProvider::class, ] 'alias' => [ ... 'Saml2' => Aacotroneo\Saml2\Facades\Saml2Auth::class, ] ``` Then publish the config files with `php artisan vendor:publish --provider="Aacotroneo\Saml2\Saml2ServiceProvider"`. This will add the files `app/config/saml2_settings.php` and `app/config/saml2/test_idp_settings.php`. This config is handled almost directly by [OneLogin](https://github.com/onelogin/php-saml) so you may get further references there, but will cover here what's really necessary. There are some other config about routes you may want to check, they are pretty straightforward. ### Configuration [](#configuration) Define names of all IDPs you want to configure in `saml2_settings.php`. Keep `test` as the first IDP, and add real IDPs after that. You'll need to create a separate config file for each IDP in the `app/config/saml2` folder. Use `test_idp_settings.php` as the starting point. The only real difference between this config and the one that OneLogin uses, is that the SP entityId, assertionConsumerService url and singleLogoutService URL are injected by the library. They are taken from routes 'saml\_metadata', 'saml\_acs' and 'saml\_sls' respectively. Remember that you don't need to implement those routes, but you'll need to add them to your IDP configuration. For example, if you use simplesamlphp, add the following to /metadata/sp-remote.php ``` $metadata['http://laravel_url/saml2/metadata'] = array( 'AssertionConsumerService' => 'http://laravel_url/saml2/acs', 'SingleLogoutService' => 'http://laravel_url/saml2/sls', //the following two affect what the $Saml2user->getUserId() will return 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', 'simplesaml.nameidattribute' => 'uid' ); ``` You can check that metadata if you actually navigate to 'http://laravel\_url/saml2/metadata' ### Usage [](#usage) When you want your user to login, just call `Saml2Auth::login()` or redirect to route 'saml2\_login'. Just remember that it does not use any session storage, so if you ask it to login it will redirect to the IDP whether the user is logged in or not. For example, you can change your authentication middleware. ``` public function handle($request, Closure $next) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return Saml2::login(URL::full()); //return redirect()->guest('auth/login'); } } return $next($request); } ``` Since Laravel 5.3, you can change your unauthenticated method in `app/Exceptions/Handler.php`. ``` protected function unauthenticated($request, AuthenticationException $exception) { if ($request->expectsJson()) { return response()->json(['error' => 'Unauthenticated.'], 401); } return Saml2Auth::login(); } ``` The Saml2::login will redirect the user to the IDP and will came back to an endpoint the library serves at /saml2/acs. That will process the response and fire an event when ready. The next step for you is to handle that event. You just need to login the user or refuse. ``` Event::listen('Aacotroneo\Saml2\Events\Saml2LoginEvent', function (Saml2LoginEvent $event) { $messageId = $event->getSaml2Auth()->getLastMessageId(); // your own code preventing reuse of a $messageId to stop replay attacks $user = $event->getSaml2User(); $userData = [ 'id' => $user->getUserId(), 'attributes' => $user->getAttributes(), 'assertion' => $user->getRawSamlAssertion() ]; $laravelUser = //find user by ID or attribute //if it does not exist create it and go on or show an error message Auth::login($laravelUser); }); ``` ### Auth persistence [](#auth-persistence) Becarefull about necessary Laravel middleware for Auth persistence in Session. For exemple, it can be: ``` # in App\Http\Kernel protected $middlewareGroups = [ 'web' => [ ... ], 'api' => [ ... ], 'saml' => [ \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, ], ``` And in `config/saml2_settings.php` : ``` /** * which middleware group to use for the saml routes * Laravel 5.2 will need a group which includes StartSession */ 'routesMiddleware' => ['saml'], ``` ### Log out [](#log-out) Now there are two ways the user can log out. - 1 - By logging out in your app: In this case you 'should' notify the IDP first so it closes global session. - 2 - By logging out of the global SSO Session. In this case the IDP will notify you on /saml2/slo endpoint (already provided) For case 1 call `Saml2Auth::logout();` or redirect the user to the route 'saml\_logout' which does just that. Do not close the session inmediately as you need to receive a response confirmation from the IDP (redirection). That response will be handled by the library at /saml2/sls and will fire an event for you to complete the operation. For case 2 you will only receive the event. Both cases 1 and 2 receive the same event. Note that for case 2, you may have to manually save your session to make the logout stick (as the session is saved by middleware, but the OneLogin library will redirect back to your IDP before that happens) ``` Event::listen('Aacotroneo\Saml2\Events\Saml2LogoutEvent', function ($event) { Auth::logout(); Session::save(); }); ``` That's it. Feel free to ask any questions, make PR or suggestions, or open Issues. ### Health Score 32 — LowBetter than 72% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity13 Limited adoption so far Community21 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 65.5% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~105 days Recently: every ~146 days Total 15 Last Release 2638d ago Major Versions 0.11.1 → 1.0.02018-11-08 ### Community Maintainers ![](https://www.gravatar.com/avatar/c29223f7ac7727b7769e5ad60fcfb6b21adf78ac330026fa41083c388278ab73?d=identicon)[marmel](/maintainers/marmel) --- Top Contributors [![aacotroneo](https://avatars.githubusercontent.com/u/10578291?v=4)](https://github.com/aacotroneo "aacotroneo (91 commits)")[![marijnvanderhorst](https://avatars.githubusercontent.com/u/7057618?v=4)](https://github.com/marijnvanderhorst "marijnvanderhorst (10 commits)")[![RobertBoes](https://avatars.githubusercontent.com/u/2871897?v=4)](https://github.com/RobertBoes "RobertBoes (7 commits)")[![danmichaelo](https://avatars.githubusercontent.com/u/434495?v=4)](https://github.com/danmichaelo "danmichaelo (4 commits)")[![omitobi](https://avatars.githubusercontent.com/u/16482234?v=4)](https://github.com/omitobi "omitobi (3 commits)")[![soltmar](https://avatars.githubusercontent.com/u/14175459?v=4)](https://github.com/soltmar "soltmar (3 commits)")[![BrendanTWhite](https://avatars.githubusercontent.com/u/2833789?v=4)](https://github.com/BrendanTWhite "BrendanTWhite (2 commits)")[![matijakovacevic](https://avatars.githubusercontent.com/u/2469719?v=4)](https://github.com/matijakovacevic "matijakovacevic (2 commits)")[![perifer](https://avatars.githubusercontent.com/u/34488?v=4)](https://github.com/perifer "perifer (2 commits)")[![s3sam](https://avatars.githubusercontent.com/u/25058465?v=4)](https://github.com/s3sam "s3sam (2 commits)")[![snipe](https://avatars.githubusercontent.com/u/197404?v=4)](https://github.com/snipe "snipe (2 commits)")[![axis80](https://avatars.githubusercontent.com/u/6088477?v=4)](https://github.com/axis80 "axis80 (1 commits)")[![CWDN](https://avatars.githubusercontent.com/u/1649191?v=4)](https://github.com/CWDN "CWDN (1 commits)")[![olivM](https://avatars.githubusercontent.com/u/855?v=4)](https://github.com/olivM "olivM (1 commits)")[![darynmitchell](https://avatars.githubusercontent.com/u/3178872?v=4)](https://github.com/darynmitchell "darynmitchell (1 commits)")[![Technowl](https://avatars.githubusercontent.com/u/76045592?v=4)](https://github.com/Technowl "Technowl (1 commits)")[![QuentinBontemps](https://avatars.githubusercontent.com/u/4568504?v=4)](https://github.com/QuentinBontemps "QuentinBontemps (1 commits)")[![Cyrille37](https://avatars.githubusercontent.com/u/368965?v=4)](https://github.com/Cyrille37 "Cyrille37 (1 commits)")[![garethellis36](https://avatars.githubusercontent.com/u/6451455?v=4)](https://github.com/garethellis36 "garethellis36 (1 commits)")[![HughVolpe](https://avatars.githubusercontent.com/u/7957245?v=4)](https://github.com/HughVolpe "HughVolpe (1 commits)") --- Tags laravelsamlSAML2onelogin ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/marketredesign-laravel-saml2/health.svg) ``` [![Health](https://phpackages.com/badges/marketredesign-laravel-saml2/health.svg)](https://phpackages.com/packages/marketredesign-laravel-saml2) ``` ### Alternatives [aacotroneo/laravel-saml2 A Laravel package for Saml2 integration as a SP (service provider) for multiple IdPs, based on OneLogin toolkit which is much more lightweight than simplesamlphp. 5704.4M](/packages/aacotroneo-laravel-saml2)[scaler-tech/laravel-saml2 SAML2 Service Provider integration for Laravel applications, based on OneLogin toolkit 2737.5k](/packages/scaler-tech-laravel-saml2) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)