This repository has been archived by the owner on Jun 24, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
48 additions
and
36 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,35 +1,37 @@ | ||
# subject-identifier-attrs module | ||
|
||
![Build Status](https://github.com/simplesamlphp/simplesamlphp-module-subjectidattrs/workflows/CI/badge.svg?branch=master) | ||
[![Coverage Status](https://codecov.io/gh/simplesamlphp/simplesamlphp-module-subjectidattrs/branch/master/graph/badge.svg)](https://codecov.io/gh/simplesamlphp/simplesamlphp-module-subjectidattrs) | ||
[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/simplesamlphp/simplesamlphp-module-subjectidattrs/badges/quality-score.png?branch=master)](https://scrutinizer-ci.com/g/simplesamlphp/simplesamlphp-module-subjectidattrs/?branch=master) | ||
[![Type Coverage](https://shepherd.dev/github/simplesamlphp/simplesamlphp-module-subjectidattrs/coverage.svg)](https://shepherd.dev/github/simplesamlphp/simplesamlphp-module-subjectidattrs) | ||
[![Psalm Level](https://shepherd.dev/github/simplesamlphp/simplesamlphp-module-subjectidattrs/level.svg)](https://shepherd.dev/github/simplesamlphp/simplesamlphp-module-subjectidattrs) | ||
|
||
subject-identifier-attrs module | ||
=============================== | ||
|
||
This module provides authproc-filters for releasing the attributes defined in the SAML V2.0 Subject Identifier Attributes Profile. | ||
See https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
This module provides authproc-filters for releasing the attributes defined | ||
in the [SAML V2.0 Subject Identifier Attributes Profile][specification]. | ||
|
||
Installation | ||
------------ | ||
## Installation | ||
|
||
Once you have installed SimpleSAMLphp, installing this module is very simple. Just execute the following | ||
command in the root of your SimpleSAMLphp installation: | ||
Once you have installed SimpleSAMLphp, installing this module is very simple. | ||
Just execute the following command in the root of your SimpleSAMLphp | ||
installation: | ||
|
||
``` | ||
```bash | ||
composer.phar require simplesamlphp/simplesamlphp-module-subjectidattrs:dev-master | ||
``` | ||
|
||
where `dev-master` instructs Composer to install the `master` branch from the Git repository. See the | ||
[releases](https://github.com/simplesamlphp/simplesamlphp-module-subjectidattrs/releases) available if you | ||
want to use a stable version of the module. | ||
where `dev-master` instructs Composer to install the `master` branch from the | ||
Git repository. See the [releases][releases] | ||
available if you want to use a stable version of the module. | ||
|
||
Next thing you need to do is to enable the module: in | ||
`config.php`, search for the `module.enable` key and set `subjectidattrs` to true: | ||
Next thing you need to do is to enable the module: in `config.php`, | ||
search for the `module.enable` key and set `subjectidattrs` to true: | ||
|
||
```php | ||
'module.enable' => [ | ||
'subjectidattrs' => true, | ||
… | ||
], | ||
``` | ||
|
||
```php | ||
'module.enable' => [ | ||
'subjectidattrs' => true, | ||
… | ||
], | ||
``` | ||
[specification]: https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
[releases]: https://github.com/simplesamlphp/simplesamlphp-module-subjectidattrs/releases |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,28 @@ | ||
`subjectidattrs:PairwiseID` | ||
=================== | ||
|
||
Filter to insert a pairwise-id that complies with the following specification; | ||
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
Filter to insert a pairwise-id that complies with the | ||
[SAML V2.0 Subject Identifier Attributes Profile][specification]. | ||
|
||
This filter will take an attribute and a scope as input and transforms this into a anonymized and scoped | ||
identifier that is globally unique for a given user & service provider combination. | ||
[specification]: http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
|
||
This filter will take an attribute and a scope as input and transforms this | ||
into a anonymized and scoped identifier that is globally unique for a given | ||
user & service provider combination. | ||
|
||
Note: | ||
Since the subject-id is specified as single-value attribute, only the first value of `identifyingAttribute` | ||
and `scopeAttribute` are considered. | ||
Since the subject-id is specified as single-value attribute, only the first | ||
value of `identifyingAttribute` and `scopeAttribute` are considered. | ||
|
||
Examples | ||
-------- | ||
|
||
```php | ||
'authproc' => [ | ||
50 => [ | ||
'class' => 'subjectidattrs:PairwiseID', | ||
'identifyingAttribute' => 'uid', | ||
'scopeAttribute' => 'scope', | ||
], | ||
], | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,31 @@ | ||
`subjectidattrs:SubjectID` | ||
=================== | ||
|
||
Filter to insert a subject-id that complies with the following specification; | ||
http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
Filter to insert a subject-id that complies with the | ||
[SAML V2.0 Subject Identifier Attributes Profile][specification]. | ||
|
||
This filter will take an attribute and a scope as input and transforms this into a scoped identifier that is globally unique for a given user. | ||
[specification]: http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/saml-subject-id-attr-v1.0.pdf | ||
|
||
Note: | ||
----- | ||
If privacy is of your concern, you may want to use the PairwiseID-filter instead. | ||
This filter will take an attribute and a scope as input and transforms this | ||
into a scoped identifier that is globally unique for a given user. | ||
|
||
Note: | ||
Since the subject-id is specified as single-value attribute, only the first value of `identifyingAttribute` | ||
and `scopeAttribute` are considered. | ||
**Note** | ||
If privacy is of your concern, you may want to use the PairwiseID-filter | ||
instead. | ||
|
||
**Note** | ||
Since the subject-id is specified as single-value attribute, only the first | ||
value of `identifyingAttribute` and `scopeAttribute` are considered. | ||
|
||
Examples | ||
-------- | ||
|
||
```php | ||
'authproc' => [ | ||
50 => [ | ||
'class' => 'subjectidattrs:SubjectID', | ||
'identifyingAttribute' => 'uid', | ||
'scopeAttribute' => 'scope', | ||
], | ||
], | ||
``` |