PHPackages smindel/saml - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. smindel/saml AbandonedLibrary[Authentication & Authorization](/categories/authentication) smindel/saml ============ PHP SAML 2.0 Adapter 1.0.0(7y ago)01.4k1[1 issues](https://github.com/smindel/saml/issues)MITPHP Since Mar 15Pushed 3y ago1 watchersCompare [ Source](https://github.com/smindel/saml)[ Packagist](https://packagist.org/packages/smindel/saml)[ RSS](/packages/smindel-saml/feed)WikiDiscussions master Synced 4d ago READMEChangelog (1)Dependencies (3)Versions (3)Used By (0) PHP SAML 2.0 Adapter ==================== [](#php-saml-20-adapter) This library helps creating AuthnRequest and LogoutRequest objects and validating identity provider (IdP) responses. It is designed to be used in a MVC framework to implement a SAML 2.0 service provider (SP). Standard -------- [](#standard) As a first step the library is aiming at, but not yet complying to OASIS SAML 2.0 SP Lite conformance. () - Web SSO, , HTTP redirect: check - Web SSO, , HTTP POST: check - Web SSO, , HTTP artifact - Artifact Resolution, SOAP - Enhanced Client/Proxy SSO, PAOS - Single Logout (IdP-initiated) – HTTP redirect - Single Logout (SP-initiated) – HTTP redirect: check Security Features ----------------- [](#security-features) - Schema validation - Signature validation Usage ----- [](#usage) ### Request Authentication [](#request-authentication) This goes in a controller action: ``` if (isset($_POST['SAMLResponse'])) { $requestID = $_SESSION['SAML.AuthnRequest.ID']; $raw = base64_decode($_POST['SAMLResponse']); $samlResponse = \Smindel\SAML\IdentityProvider\Response::fromXML($raw); $idpId = [IDP_ID]; if ($samlResponse->validate($requestID, $idpId)) { $_SESSION['SAML.ID'] = $samlResponse->getSubjectId(); var_dump($samlResponse->getSubject()); } else { $_SESSION['SAML.ID'] = null; $_SESSION['SAML.AuthnRequest.ID'] = null; var_dump($samlResponse->getValidationError());die; } } if (!$_SESSION['SAML.ID']) { $idpUrl = [IDP_LOGIN_URL]; $acs = Director::absoluteUrl($this->link()); $samlRequest = \Smindel\SAML\ServiceProvider\AuthnRequest::create($idpUrl, $acs, $requestID); $_SESSION['SAML.AuthnRequest.ID'] = $samlRequest['ID']; $url = $idpUrl . '?' . http_build_query(['SAMLRequest' => $samlRequest->deflate()]); return $this->redirect($url); } var_dump('logged id'); ``` Reads ----- [](#reads) - [https://en.wikipedia.org/wiki/SAML\_2.0](https://en.wikipedia.org/wiki/SAML_2.0) - - [https://www.owasp.org/index.php/SAML\_Security\_Cheat\_Sheet](https://www.owasp.org/index.php/SAML_Security_Cheat_Sheet) - - - Tools / Validators ------------------ [](#tools--validators) - [https://www.samltool.com/validate\_authn\_req.php](https://www.samltool.com/validate_authn_req.php) - todos ----- [](#todos) - Validation - verify certificate - SSL - For how long do we store request ids to prevent replay??? - Logout response - Tests - MetadataProvider ### Health Score 30 — LowBetter than 64% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity15 Limited adoption so far Community10 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 93.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 2859d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/b3af0d4229ff65ac8966233498950c36ab641258a22af299112926b4625c3163?d=identicon)[smindel](/maintainers/smindel) --- Top Contributors [![smindel](https://avatars.githubusercontent.com/u/238436?v=4)](https://github.com/smindel "smindel (14 commits)")[![andreaspiening](https://avatars.githubusercontent.com/u/24401847?v=4)](https://github.com/andreaspiening "andreaspiening (1 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/smindel-saml/health.svg) ``` [![Health](https://phpackages.com/badges/smindel-saml/health.svg)](https://phpackages.com/packages/smindel-saml) ``` ### Alternatives [litesaml/lightsaml SAML 2.0 PHP library 1055.5M18](/packages/litesaml-lightsaml)[simplesamlphp/simplesamlphp-module-oidc A SimpleSAMLphp module adding support for the OpenID Connect protocol 5016.9k1](/packages/simplesamlphp-simplesamlphp-module-oidc)[italia/spid-php-lib PHP package for SPID authentication 2916.5k1](/packages/italia-spid-php-lib) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)