PHPackages                             salihkiraz/simplesamlphp-module-expirychecker - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. salihkiraz/simplesamlphp-module-expirychecker

ActiveSimplesamlphp-module[Authentication &amp; Authorization](/categories/authentication)

salihkiraz/simplesamlphp-module-expirychecker
=============================================

simpleSAMLphp module for warning users that their password will expire soon or has already expired.

3.2(3y ago)02LGPL-2.1PHPPHP &gt;=7.2

Since Jul 7Pushed 3y agoCompare

[ Source](https://github.com/salihkiraz/simplesamlphp-module-expirychecker)[ Packagist](https://packagist.org/packages/salihkiraz/simplesamlphp-module-expirychecker)[ RSS](/packages/salihkiraz-simplesamlphp-module-expirychecker/feed)WikiDiscussions develop Synced today

READMEChangelog (2)Dependencies (7)Versions (23)Used By (0)

ExpiryChecker simpleSAMLphp Module
==================================

[](#expirychecker-simplesamlphp-module)

A simpleSAMLphp module for warning users that their password will expire soon or that it has already expired.

**NOTE:** This module does *not* prevent the user from logging in. It merely shows a warning page (if their password is about to expire), with the option to change their password now or later, or it tells the user that their password has already expired, with the only option being to go change their password now. Both of these pages will be bypassed (for varying lengths of time) if the user has recently seen one of those two pages, in order to allow the user to get to the change-password website (assuming it is also behind this IdP). If the user should not be allowed to log in at all, the simpleSAMLphp Auth. Source should consider the credentials provided by the user to be invalid.

The expirychecker module is implemented as an Authentication Processing Filter, or AuthProc. That means it can be configured in the global config.php file or the SP remote or IdP hosted metadata.

It is recommended to run the expirychecker module at the IdP, and configure the filter to run before all the other filters you may have enabled.

How to use the module
---------------------

[](#how-to-use-the-module)

Simply include `simplesamlphp/composer-module-installer` and this module as required in your `composer.json` file. The `composer-module-installer` package will discover this module and copy it into the `modules` folder within `simplesamlphp`.

You will then need to set filter parameters in your config. We recommend adding them to the `'authproc'` array in your `metadata/saml20-idp-hosted.php` file, but you are also able to put them in the `'authproc.idp'` array in your `config/config.php` file.

Example (in `metadata/saml20-idp-hosted.php`):

```
'authproc' => [
    10 => [
        // Required:
        'class' => 'expirychecker:ExpiryDate',
        'accountNameAttr' => 'cn',
        'expiryDateAttr' => 'schacExpiryDate',
        'passwordChangeUrl' => 'https://idm.example.com/pwdmgr/',

        // Optional:
        'warnDaysBefore' => 14,
        'originalUrlParam' => 'originalurl',
        'dateFormat' => 'm.d.Y', // Use PHP's date syntax.
        'loggerClass' => '\\Sil\\Psr3Adapters\\Psr3SamlLogger',
        'dateType'=>'FILETIME'  // FILETIME: for ldap,activedriectory
    ],

    // ...
],

```

The `accountNameAttr` parameter represents the SAML attribute name which has the user's account name stored in it. In certain situations, this will be displayed to the user, as well as being used in log messages.

The `expiryDateAttr` parameter represents the SAML attribute name which has the user's expiry date, which must be formated as YYYYMMDDHHMMSSZ (e.g. `20111011235959Z`). Those two attributes need to be part of the attribute set returned when the user successfully authenticates.

The `warnDaysBefore` parameter should be an integer representing how many days before the expiry date the "about to expire" warning will be shown to the user.

The `dateFormat` parameter specifies how you want the date to be formatted, using PHP `date()` syntax. See .

The `loggerClass` parameter specifies the name of a PSR-3 compatible class that can be autoloaded, to use as the logger within ExpiryDate.

Contributing
------------

[](#contributing)

To contribute, please submit issues or pull requests at

Acknowledgements
----------------

[](#acknowledgements)

This is adapted from the `ssp-iidp-expirycheck` and `expirycheck` modules. Thanks to Alex Mihičinac, Steve Moitozo, and Steve Bagwell for the initial work they did on those two modules.

###  Health Score

28

—

LowBetter than 54% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity2

Limited adoption so far

Community10

Small or concentrated contributor base

Maturity68

Established project with proven stability

 Bus Factor1

Top contributor holds 85% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~112 days

Recently: every ~88 days

Total

17

Last Release

1433d ago

Major Versions

0.1.0 → 1.0.02017-07-14

1.0.1 → 2.0.02017-07-24

2.0.4 → 3.0.02019-05-23

PHP version history (2 changes)0.1.0PHP &gt;=7.0

3.0.1PHP &gt;=7.2

### Community

Maintainers

![](https://www.gravatar.com/avatar/251de906d1bd4de4859a3ce9a717c065040ca2c90329c471429d127fc6dd3c68?d=identicon)[salihkiraz](/maintainers/salihkiraz)

---

Top Contributors

[![forevermatt](https://avatars.githubusercontent.com/u/6233204?v=4)](https://github.com/forevermatt "forevermatt (147 commits)")[![briskt](https://avatars.githubusercontent.com/u/3172830?v=4)](https://github.com/briskt "briskt (19 commits)")[![salihkiraz](https://avatars.githubusercontent.com/u/7440402?v=4)](https://github.com/salihkiraz "salihkiraz (6 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (1 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/salihkiraz-simplesamlphp-module-expirychecker/health.svg)

```
[![Health](https://phpackages.com/badges/salihkiraz-simplesamlphp-module-expirychecker/health.svg)](https://phpackages.com/packages/salihkiraz-simplesamlphp-module-expirychecker)
```

###  Alternatives

[drupalauth/simplesamlphp-module-drupalauth

A SimpleSAMLphp module adding support for Drupal as the authentication source.

25305.4k1](/packages/drupalauth-simplesamlphp-module-drupalauth)[simplesamlphp/simplesamlphp-module-webauthn

A PHP implementation of a FIDO2 / WebAuthn authentication agent

181.4k](/packages/simplesamlphp-simplesamlphp-module-webauthn)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)