{"id":37006628,"url":"https://github.com/asasmoyo/yii2-saml","last_synced_at":"2026-01-14T00:45:44.081Z","repository":{"id":3253428,"uuid":"48831407","full_name":"asasmoyo/yii2-saml","owner":"asasmoyo","description":"Connect Yii 2 application to a Saml Identity Provider for Single Sign on","archived":true,"fork":false,"pushed_at":"2024-08-19T09:02:57.000Z","size":110,"stargazers_count":35,"open_issues_count":6,"forks_count":22,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-10-02T09:23:43.441Z","etag":null,"topics":["php","saml2","yii2"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/asasmoyo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-12-31T03:31:13.000Z","updated_at":"2024-11-04T02:44:25.000Z","dependencies_parsed_at":"2024-11-15T23:26:19.121Z","dependency_job_id":"dd264779-4983-46b2-9bcb-26fcdb7a2dcd","html_url":"https://github.com/asasmoyo/yii2-saml","commit_stats":{"total_commits":92,"total_committers":11,"mean_commits":8.363636363636363,"dds":0.4782608695652174,"last_synced_commit":"04c9a5b2df5b368764073eca6c300ad53ad946f8"},"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/asasmoyo/yii2-saml","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asasmoyo%2Fyii2-saml","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asasmoyo%2Fyii2-saml/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asasmoyo%2Fyii2-saml/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asasmoyo%2Fyii2-saml/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/asasmoyo","download_url":"https://codeload.github.com/asasmoyo/yii2-saml/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/asasmoyo%2Fyii2-saml/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28406535,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-13T21:51:37.118Z","status":"ssl_error","status_checked_at":"2026-01-13T21:45:14.585Z","response_time":56,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["php","saml2","yii2"],"created_at":"2026-01-14T00:45:43.355Z","updated_at":"2026-01-14T00:45:44.075Z","avatar_url":"https://github.com/asasmoyo.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"Yii 2 Saml\n==========\n\n[![Build Status](https://travis-ci.org/asasmoyo/yii2-saml.svg?branch=master)](https://travis-ci.org/asasmoyo/yii2-saml)\n\nConnect Yii 2 application to a Saml Identity Provider for Single Sign On\n\nInstallation\n------------\n\nThe preferred way to install this extension is through [composer](http://getcomposer.org/download/).\n\nEither run\n\n```\nphp composer.phar require --prefer-dist asasmoyo/yii2-saml \"*\"\n```\n\nor add\n\n```\n\"asasmoyo/yii2-saml\": \"*\"\n```\n\nto the require section of your `composer.json` file.\n\nConfiguration\n-------------\n\nRegister ``asasmoyo\\yii2saml\\Saml`` to your components in ``config/web.php``.\n\n```php\n'components' =\u003e [\n    'saml' =\u003e [\n        'class' =\u003e 'asasmoyo\\yii2saml\\Saml',\n        'configFileName' =\u003e '@app/config/saml.php', // OneLogin_Saml config file (Optional)\n    ]\n]\n```\n\nThis component requires a ``OneLogin_Saml`` configuration stored in a php file. The default value for ``configFileName`` is ``@app/config/saml.php`` so make sure to create this file before. This file must returns the ``OneLogin_Saml`` configuration. See this [link](https://github.com/onelogin/php-saml/blob/master/settings_example.php) for example configuration.\n\n```php\n\u003c?php\n\n$urlManager = Yii::$app-\u003eurlManager;\n$spBaseUrl = $urlManager-\u003egetHostInfo() . $urlManager-\u003egetBaseUrl();\n\nreturn [\n    'sp' =\u003e [\n        'entityId' =\u003e $spBaseUrl.'/saml/metadata',\n        'assertionConsumerService' =\u003e [\n            'url' =\u003e $spBaseUrl.'/saml/acs',\n        ],\n        'singleLogoutService' =\u003e [\n            'url' =\u003e $spBaseUrl.'/saml/sls',\n        ],\n        'NameIDFormat' =\u003e 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',\n    ],\n    'idp' =\u003e [\n        'entityId' =\u003e 'identity-provider',\n        'singleSignOnService' =\u003e [\n            'url' =\u003e 'https://idp.com/sso',\n        ],\n        'singleLogoutService' =\u003e [\n            'url' =\u003e 'https://idp.com/sls',\n        ],\n        'x509cert' =\u003e '\u003cx509cert string\u003e',\n    ],\n];\n```\n\n**NOTE : As of version 1.6.0 you can directly put your configuration into your component. For example:**\n\n```php\n\u003c?php\n\n$urlManager = Yii::$app-\u003eurlManager;\n$spBaseUrl = $urlManager-\u003egetHostInfo() . $urlManager-\u003egetBaseUrl();\n\n$config = [\n    // some other configuration here\n\n    'components' =\u003e [\n        'saml' =\u003e [\n            'class' =\u003e 'asasmoyo\\yii2saml\\Saml',\n            'config' =\u003e [\n                'sp' =\u003e [\n                    'entityId' =\u003e $spBaseUrl.'/saml/metadata',\n                    'assertionConsumerService' =\u003e [\n                        'url' =\u003e $spBaseUrl.'/saml/acs',\n                    ],\n                    'singleLogoutService' =\u003e [\n                        'url' =\u003e $spBaseUrl.'/saml/sls',\n                    ],\n                    'NameIDFormat' =\u003e 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',\n                ],\n                'idp' =\u003e [\n                    'entityId' =\u003e 'identity-provider',\n                    'singleSignOnService' =\u003e [\n                        'url' =\u003e 'https://idp.com/sso',\n                    ],\n                    'singleLogoutService' =\u003e [\n                        'url' =\u003e 'https://idp.com/sls',\n                    ],\n                    'x509cert' =\u003e '\u003cx509cert string\u003e',\n                ],\n            ],\n        ]\n    ],\n\n    // some other configuration here\n];\n\nreturn $config;\n\n```\n\nUsage\n-----\n\nThis extension provides 4 actions:\n\n1. LoginAction\n\n    This actions will initiate login process to Identity Provider specified in config file. To use this action, just register this action to your actions in your controller.\n\n    ```php\n    \u003c?php\n\n    namespace app\\controllers;\n\n    use Yii;\n    use yii\\web\\Controller;\n    use yii\\helpers\\Url;\n\n\n    class SamlController extends Controller {\n\n        // Remove CSRF protection\n        public $enableCsrfValidation = false;\n\n        public function actions() {\n            return [\n                'login' =\u003e [\n                    'class' =\u003e 'asasmoyo\\yii2saml\\actions\\LoginAction',\n                    'returnTo' =\u003e Yii::app()-\u003euser-\u003ereturnUrl\n                ]\n            ];\n        }\n\n    }\n    ```\n\n    The login method can receive seven optional parameters:\n\n    * `$returnTo` - The target URL the user should be returned to after login..\n    * `$parameters` - An array of parameters that will be added to the `GET` in the HTTP-Redirect.\n    * `$forceAuthn` - When true the `AuthNRequest` will set the `ForceAuthn='true'`\n    * `$isPassive` - When true the `AuthNRequest` will set the `Ispassive='true'`\n    * `$strict` - True if we want to stay (returns the url string) False to redirect\n    * `$setNameIdPolicy` - When true the AuthNRequest will set a nameIdPolicy element.\n    * `$nameIdValueReq` - Indicates to the IdP the subject that should be authenticated.\n\n    Now you can login to your Identity Provider by visiting ``saml/login``.\n\n2. AcsAction\n\n    This action will process saml response sent by Identity Provider after succesfull login. You can register a callback to do some operation like read the attributes sent by Identity Provider and create a new user from that attributes. To use this action just register this action to you controllers's actions.\n\n    ```php\n    \u003c?php\n\n    namespace app\\controllers;\n\n    use Yii;\n    use yii\\web\\Controller;\n    use yii\\helpers\\Url;\n\n\n    class SamlController extends Controller {\n\n        // Remove CSRF protection\n        public $enableCsrfValidation = false;\n\n        public function actions() {\n            return [\n                ...\n                'acs' =\u003e [\n                    'class' =\u003e 'asasmoyo\\yii2saml\\actions\\AcsAction',\n                    'successCallback' =\u003e [$this, 'callback'],\n                    'successUrl' =\u003e Url::to('site/welcome'),\n                ]\n            ];\n        }\n\n        /**\n         * @param array $param has 'attributes', 'nameId' , 'sessionIndex', 'nameIdNameQualifier' and 'nameIdSPNameQualifier' from response\n         */\n        public function callback($param) {\n            // do something\n            //\n            // if (isset($_POST['RelayState'])) {\n            // $_POST['RelayState'] - should be returnUrl from login action\n            // }\n        }\n    }\n    ```\n\n    **NOTE: Make sure to register the acs action's url to ``AssertionConsumerService`` and the sls actions's url to ``SingleLogoutService`` (if supported) in the Identity Provider.**\n\n3. MetadataAction\n\n    This action will show metadata of you application in xml. To use this action, just register the action to your controller's action.\n\n    ```php\n    \u003c?php\n\n        public function actions() {\n            return [\n                ...\n                'metadata' =\u003e [\n                    'class' =\u003e 'asasmoyo\\yii2saml\\actions\\MetadataAction'\n                ]\n            ];\n        }\n    ```\n\n4. LogoutAction\n\n    This action will initiate SingleLogout process to Identity Provider. To use this action, just register this action to your controller's actions.\n\n    ```php\n    \u003c?php\n        $session = Yii::$app-\u003esession;\n        public function actions() {\n            return [\n                ...\n                'logout' =\u003e [\n                    'class' =\u003e 'asasmoyo\\yii2saml\\actions\\LogoutAction',\n                    'returnTo' =\u003e Url::to('site/bye'),\n                    'parameters' =\u003e [],\n                    'nameId' =\u003e $session-\u003eget('nameId'),\n                    'sessionIndex' =\u003e $session-\u003eget('sessionIndex'),\n                    'stay' =\u003e false,\n                    'nameIdFormat' =\u003e null,\n                    'nameIdNameQualifier' =\u003e $session-\u003eget('nameIdNameQualifier'),\n                    'nameIdSPNameQualifier' =\u003e $session-\u003eget('nameIdSPNameQualifier'),\n                    'logoutIdP' =\u003e false, // if you don't want to logout on idp\n                ]\n            ];\n        }\n    ```\n\n5. SlsAction\n\n    This action will process saml logout request/response sent by Identity Provider. To use this action just register this action to you controllers's actions.\n\n    ```php\n    \u003c?php\n\n        public function actions() {\n            ...\n\n            return [\n                ...\n                'sls' =\u003e [\n                    'class' =\u003e 'asasmoyo\\yii2saml\\actions\\SlsAction',\n                    'successUrl' =\u003e Url::to('site/bye'),\n                    'logoutIdP' =\u003e false, // if you don't want to logout on idp\n                ]\n            ]\n        }\n    ```\n\nUsage\n-----\n\nIf the SAMLResponse is rejected, add to the SAML settings the parameter\n```\n'debug' =\u003e true,\n```\nand the reason will be prompted.\n\n\nLICENCE\n-------\n\nMIT Licence\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasasmoyo%2Fyii2-saml","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fasasmoyo%2Fyii2-saml","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fasasmoyo%2Fyii2-saml/lists"}