Allow SP's to determine assertion encryption

codegreencreative · Aug 26, 2022 · c0dcc98 · c0dcc98
1 parent e1363e6
commit c0dcc98
Show file tree

Hide file tree

Showing 7 changed files with 289 additions and 85 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,14 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+indent_size = 4
+trim_trailing_whitespace = true
+max_line_length = 120
+quote_type = "single"
+
+[*.md]
+trim_trailing_whitespace = false
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,5 @@
 composer.phar
 composer.lock
 vendor
-.DS_Store
+.DS_Store
+node_modules
diff --git a/README.md b/README.md
@@ -95,10 +95,16 @@ return [
             'destination' => 'https://example.com/saml/acs',
             // Simple Logout URL of the Service Provider
             'logout' => 'https://example.com/saml/sls',
-        ]
+            // SP certificate
+            // 'certificate' => '',
+            // Turn off auto appending of the idp query param
+            // 'query_params' => false,
+            // Turn off the encryption of the assertion per SP
+            // 'encrypt_assertion' => false
+        ],
     ],
     // List of guards saml idp will catch Authenticated, Login and Logout events (thanks @abublihi)
-    'guards' => ['web']
+    'guards' => ['web'],
 ];
 ```
 
@@ -133,7 +139,6 @@ return [
     'sp_slo_redirects' => [
         'mysp.com' => 'https://mysp.com',
     ],
-
 ];
 ```
 
@@ -187,7 +192,6 @@ class SamlAssertionAttributes
             ->addAttribute(new Attribute(ClaimTypes::NAME, auth()->user()->name));
     }
 }
-
 ```
 
 ## Digest Algorithm (optional)

diff --git a/config/samlidp.php b/config/samlidp.php
@@ -1,7 +1,6 @@
 <?php
 
 return [
-
     /*
     |--------------------------------------------------------------------------
     | SAML idP configuration file
@@ -37,8 +36,12 @@
         //     // Your destination is the ACS URL of the Service Provider
         //     'destination' => 'https://myfacebookworkplace.facebook.com/work/saml.php',
         //     'logout' => 'https://myfacebookworkplace.facebook.com/work/sls.php',
+        //    // SP certificate
         //     'certificate' => '',
-        //     'query_params' => false
+        //    // Turn off auto appending of the idp query param
+        //     'query_params' => false,
+        //    // Turn off the encryption of the assertion per SP
+        //     'encrypt_assertion' => false
         // ]
     ],
 
@@ -51,17 +54,11 @@
     // All of the Laravel SAML IdP event / listener mappings.
     'events' => [
         'CodeGreenCreative\SamlIdp\Events\Assertion' => [],
-        'Illuminate\Auth\Events\Logout' => [
-            'CodeGreenCreative\SamlIdp\Listeners\SamlLogout',
-        ],
-        'Illuminate\Auth\Events\Authenticated' => [
-            'CodeGreenCreative\SamlIdp\Listeners\SamlAuthenticated',
-        ],
-        'Illuminate\Auth\Events\Login' => [
-            'CodeGreenCreative\SamlIdp\Listeners\SamlLogin',
-        ],
+        'Illuminate\Auth\Events\Logout' => ['CodeGreenCreative\SamlIdp\Listeners\SamlLogout'],
+        'Illuminate\Auth\Events\Authenticated' => ['CodeGreenCreative\SamlIdp\Listeners\SamlAuthenticated'],
+        'Illuminate\Auth\Events\Login' => ['CodeGreenCreative\SamlIdp\Listeners\SamlLogin'],
     ],
 
     // List of guards saml idp will catch Authenticated, Login and Logout events
-    'guards' => ['web']
+    'guards' => ['web'],
 ];
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -0,0 +1,7 @@
+{
+    "private": true,
+    "devDependencies": {
+        "@prettier/plugin-php": "^0.18.9",
+        "prettier": "^2.7.1"
+    }
+}