I'm new to this SimpleSamlPhp. I setup the SimpleSamlPhp as requirement from 3rd party for SSO. We've exchanged the metadata. For now, I can successfully login through the SSO, but I can't figure out how to logout. I have tried some suggestions from the internet but still fail. After logout, I'm still able to access the page. The problem is, it seems the cookies not cleared when I run this code:
$as = new SimpleSAML_Auth_Simple('default-sp');
$as = \SimpleSAML\Session::getSessionFromRequest();
$as->logout(array(
'ReturnTo' => '[3rd party home page]',
'ReturnStateParam' => 'LogoutState',
'ReturnStateStage' => 'MyLogoutState',
));
SimpleSAML_Session::getSessionFromRequest()->cleanup();
Here is my setup:
saml20-idp-remote.php
$metadata['https://[mydomain]/simplesaml/saml2/idp/metadata.php'] = [
'metadata-set' => 'saml20-idp-remote',
'entityid' => 'https://[mydomain]/simplesaml/saml2/idp/metadata.php',
'SingleSignOnService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://[mydomain]/simplesaml/saml2/idp/SSOService.php',
],
],
'SingleLogoutService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://[mydomain]/simplesaml/saml2/idp/SingleLogoutService.php',
],
],
'certData' => '[somerandomkey]',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
'contacts' => [
[
'emailAddress' => 'myemail#gmail.com',
'contactType' => 'technical',
'givenName' => 'myname',
],
],
];
saml20-sp-remote.php
$metadata['https://[3rdparty domain]/module.php/saml/sp/metadata.php/default-sp'] = [
'entityid' => 'https://[3rdparty domain]/module.php/saml/sp/metadata.php/default-sp',
'contacts' => [
[
'contactType' => 'technical',
'givenName' => 'Administrator',
'emailAddress' => [
'support#3rdpartydomain.com',
],
],
],
'metadata-set' => 'saml20-sp-remote',
'AssertionConsumerService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://[3rdparty domain]/module.php/saml/sp/saml2-acs.php/default-sp',
'index' => 0,
],
[
'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post',
'Location' => 'https://[3rdparty domain]/module.php/saml/sp/saml1-acs.php/default-sp',
'index' => 1,
],
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
'Location' => 'https://[3rdparty domain]/module.php/saml/sp/saml2-acs.php/default-sp',
'index' => 2,
],
[
'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:artifact-01',
'Location' => 'https://[3rdparty domain]/module.php/saml/sp/saml1-acs.php/default-sp/artifact',
'index' => 3,
],
],
'SingleLogoutService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
'Location' => 'https://[3rdparty domain]/module.php/saml/sp/saml2-logout.php/default-sp',
],
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
'Location' => 'https://[3rdparty domain]/module.php/saml/sp/saml2-logout.php/default-sp',
],
],
];
authsources.php
'default-sp' => [
'saml:SP',
'entityID' => 'https://[3rdparty domain]/module.php/saml/sp/metadata.php/default-sp',
'idp' => 'https://[mydomain]/simplesaml/saml2/idp/',
'discoURL' => null,
],
I'm guessing, I make some wrong setup in this authsources.php, but I don't know which one, cause I'm still very very new to this saml. I need your help guys, please bear with me.
Thanks.
Related
I'm having a tough time figuring out how to properly code sequenced SOAP requests to the Bing Ads API. Prefer not to use their SDK, which I have used in the past.
The parameters 'Scope', 'Time', 'Filter', and 'Sort' do not affect the result. The entire account keywords are returned instead. For 'Scope', I am using the Adgroups param to select keywords in that Adgroup. Any help is greatly appreciated.
Reference: https://learn.microsoft.com/en-us/advertising/reporting-service/keywordperformancereportrequest?view=bingads-13
WSDL: https://reporting.api.bingads.microsoft.com/Api/Advertiser/Reporting/V13/ReportingService.svc?singleWsdl
$request = [
'ReportRequest' => new SoapVar(
[
'Format' => 'Csv',
'ReportName' => 'Bing Keyword Performance Report',
'ReturnOnlyCompleteData' => false,
'Aggregation' => 'Daily',
'Sort' => array('SortColumn' => 'Clicks','SortOrder' => 'Ascending'),
'Scope' => ['AdGroups' => array(array('AccountId' => $bClientId,
'AdGroupId' => $apiDBIdGroupBing,
'CampaignId' => $apiDBIdCampaignBing,
))],
'Time' => [
'CustomDateRangeStart' =>
array('Day' => $startDay,'Month' => $startMonth,'Year' => $startYear),
'CustomDateRangeEnd' =>
array('Day' => $endDay,'Month' => $endMonth,'Year' => $endYear)
],
'Filter' => ['Keywords' => array($criteriaValue)],
'Columns' => [
"TimePeriod",
"Spend",
"Clicks",
"CurrentMaxCpc",
"Impressions",
"AdGroupName"
]
],
SOAP_ENC_OBJECT,
'KeywordPerformanceReportRequest',
"https://bingads.microsoft.com/Reporting/v13"
)];
Solved:
$request = [
'ReportRequest' => new SoapVar(
[
'Format' => 'Csv',
'ReportName' => 'Bing Keyword Performance Report',
'ReturnOnlyCompleteData' => false,
'Aggregation' => 'Monthly',
'Sort' => array('SortColumn' => 'Clicks','SortOrder' => 'Ascending'),
'Scope' => ['AccountIds' => [$bClientId]],
'MaxRows' => '9000000',
'Time' => ['PredefinedTime' => $reportTimeFrame],
'Columns' => [
"Keyword",
"Spend",
"CampaignId",
"AdGroupId",
"AveragePosition",
"CurrentMaxCpc",
"KeywordId",
"BidMatchType",
"Impressions",
"Clicks",
"TimePeriod",
"QualityScore",
"ExpectedCtr",
"AdRelevance",
"LandingPageExperience",
"CampaignStatus",
"AdGroupStatus",
"KeywordStatus",
"AccountName",
"CampaignName",
"AdGroupName",
"BidStrategyType",
]
],
SOAP_ENC_OBJECT,
'KeywordPerformanceReportRequest',
"https://bingads.microsoft.com/Reporting/v13"
)];
$response = $SoapClient->SubmitGenerateReport($request);
I am having issues when sending documents for a recipient to sign it. The documents should be prefilled using the data from my database which works fine. I know this because when I var_dump $this->textTabs I can see the data. $global is false.
The issue I am having is that when the recipient receives an email to sign the document, the fields which should be prefilled are blank. The Data Label matches the tabLabel in the code below and image
$this->textTabs = [
[
'tabLabel' => 'RegisteredName',
'value' => $contactData->company->name,
'global' => $global,
],
[
'tabLabel' => 'NumberOfEmployees',
'value' => $contactData->company->employee_size,
'global' => $global,
],
[
'tabLabel' => 'RegisteredNumber',
'value' => $contactData->company->reg_no,
'global' => $global,
],
[
'tabLabel' => 'SupplyAddress',
'value' => $supplyAddress_1 . $supplyAddress_2 . $supplyCity . $supplyTown . $supplyCounty . $supplyPostcode,
'global' => $global,
],
[
'tabLabel' => 'SicCode',
'value' => $contactData->company->gapSite->scat_code,
'global' => $global,
],
[
'tabLabel' => 'Recipient_UserTitle',
'value' => $title,
'global' => $global,
],
[
'tabLabel' => 'Recipient_UserName',
'value' => $title . $firstName . $lastName,
'global' => $global,
],
[
'tabLabel' => 'Recipient_Email',
'value' => $contactData->email,
'global' => $global,
],
[
'tabLabel' => 'ContactTelephone',
'value' => $contactData->telephone,
'global' => $global,
],
];
private function send(string $status): ?array
{
try {
return Docusign::createEnvelope([
'templateId' => $this->templateId,
'emailSubject' => $this->emailSubject,
'status' => $status,
'templateRoles' => [
[
'name' => $this->recipient['name'],
'email' => $this->recipient['email'],
'roleName' => 'Client',
'tabs' => [
'textTabs' => $this->textTabs,
/* 'signHereTabs' => [
[
"xPosition" => 400,
"yPosition" => 263,
"documentId" => 1,
"pageNumber" => 6
]
],
*/
]
]
],
'eventNotification' => [
'url' => 'https://webhook.site/697fabec-145a-491f-87ce-1d62be82b298',
'LoggingEnabled' => true,
'RequireAcknowledgment' => true,
'UseSoapInterface' => false,
'IncludeCertificateWithSoap' => false,
'SignMessageWithX509Cert' => false,
'includeDocuments' => true,
'includeEnvelopeVoidReason' => true,
'includeTimeZone' => true,
'includeSenderAccountAsCustomField' => true,
'includeDocumentFields' => true,
'includeCertificateOfCompletion' => true,
'envelopeEventStatusCode' => $this->getRecipientEvents(),
'recipientEvents' => $this->getEventNotification(),
]
]);
} catch (\Exception $e) {
}
}
The fact That recipient receives the email to sign the document, already eliminate any issue to do with my code but why is it not prefilling with the data?
After a while, I decided to create a new docusign account and this seems to have solved the issue. I believe my account was bugger or maybe some technical issue on docusign,
I'm simply using the official realurl conf on the tx_news documentation. That caused a duplicate slash in my url. It would look like that:
domain.com/post//post-title
To fix it, I found out that I either have to remove or place the following lines after the tx_newspil[news] inside the fixedPostVars:
Before:
'fixedPostVars' => [
'newsDetailConfiguration' => [
[
'GETvar' => 'tx_news_pi1[action]',
'valueMap' => [
'' => 'detail',
],
'noMatch' => 'bypass'
],
[
'GETvar' => 'tx_news_pi1[controller]',
'valueMap' => [
'' => 'detail',
],
'noMatch' => 'bypass'
],
[
'GETvar' => 'tx_news_pi1[news]',
'lookUpTable' => [
'table' => 'tx_news_domain_model_news',
'id_field' => 'uid',
'alias_field' => 'IF(path_segment!="",path_segment,title)',
'addWhereClause' => ' AND NOT deleted',
'useUniqueCache' => 1,
'languageGetVar' => 'L',
'languageExceptionUids' => '',
'languageField' => 'sys_language_uid',
'transOrigPointerField' => 'l10n_parent',
'expireDays' => 180,
'enable404forInvalidAlias' => true
]
]
]
]
After:
'fixedPostVars' => [
'newsDetailConfiguration' => [
[
'GETvar' => 'tx_news_pi1[news]',
'lookUpTable' => [
'table' => 'tx_news_domain_model_news',
'id_field' => 'uid',
'alias_field' => 'IF(path_segment!="",path_segment,title)',
'addWhereClause' => ' AND NOT deleted',
'useUniqueCache' => 1,
'languageGetVar' => 'L',
'languageExceptionUids' => '',
'languageField' => 'sys_language_uid',
'transOrigPointerField' => 'l10n_parent',
'expireDays' => 180,
'enable404forInvalidAlias' => true
]
],
[
'GETvar' => 'tx_news_pi1[action]',
'valueMap' => [
'' => 'detail',
],
'noMatch' => 'bypass'
],
[
'GETvar' => 'tx_news_pi1[controller]',
'valueMap' => [
'' => 'detail',
],
'noMatch' => 'bypass'
]
]
]
Either switching them or simply deleting the controller / action parts fixed the duplicate slash. Now I'd like to understand why that is so, since im a PHP beginner I don't really get it.
I appreciate all the help!
** Just tested, only the action part had to be moved or deleted in order to resolve the duplicate slash
This happens because the REALURL configuration gets parameters in the order you add.
Let's take the first REALURL configuration from your post. Within this configuration I expect my URL be so: /page/action/controller/post-title.
What happens there is that you have the news plugin with action and controller params set in the post page and then you don't pass the action and controller in the URL, that's why you have double slashes there, because action and controller are empty.
Default parameters (e.q controller name, action name, etc), parameters where the value is not required, must be at the end of the configuration, like your last configuration.
I am trying to implement the suggest function of elasticsearch-php client in my API to suggest people some already existing problems.
I have made index for my problems
'index' => 'newproblemindex',
'body' => [
'settings' => [
'number_of_shards' => 3,
'number_of_replicas' => 2
],
'mappings' => [
'newproblems' => [ // type of index
'_source' => [
'enabled' => true
],
'properties' => [
'title' => [
'type' => 'text',
'analyzer' => 'standard'
],
'description' => [
'type' => 'text',
'analyzer' => 'standard'
], 'suggest' => [
'type' => 'completion'
]
]
]
]
]
But I am unable to find which param fields to use to implement suggest function
'index' => 'newproblemindex',
'body' => [
'try' => [
'text' => $request->search_key,
'completion' => [ 'text' => 'suggest' ]
]
],
I am using laravel and taking search_key as request param but I am getting "invalid_type_name_exception" and when I tried to give the type name, it is again giving me some error.
"suggest" => [
"song-suggest" => [
"prefix" => $request->search_key,
"completion" => ["field" => "suggest"]
]
]
I am getting error "suggest is not a valid param ". Please help
and Thanks in advance.
I am trying to configure rbac with phpmanager in my project using the Yii2 advance app version. But \Yii::$app->user->can is not returning the expected.
I wrote the RbacController and executed sucessfully yii rbac/init
That updated common/components/items.php as shown
<?php
return [
'user' => [ 'type' => 1, 'children' => [ 'createX', ], ],
'createX' => [ 'type' => 2, 'description' => 'create a X',],
'admin' => [ 'type' => 1, 'children' => [ 'updateX', ], ],
'updateX => [ 'type' => 2, 'description' => 'update a X', ],
];
In SignupForm::signup, I added it:
$auth = Yii::$app->authManager;
$roleObj = $auth->getRole('user'); // this role is defined by the RBAC Controller's init action
$auth->assign($roleObj, $user->getId());
assignments.php
return [ 2 => [ 'user', ], ];
I think that 2 corresponds to the user id.
rules.php
return [];
common/main.php
...
'components' => [
...
'authManager' => [
'class' => 'yii\rbac\PhpManager',
'defaultRoles' => ['user','admin'],
'itemFile' => '#common/components/rbac/items.php',
'assignmentFile' => '#common/components/rbac/assignments.php',
'ruleFile' => '#common/components/rbac/rules.php'
],
],
...
When I got that role permissions, it prints:
Array ( [createX] => yii\rbac\Permission Object ( [type] => 2 [name] => createX [description] => create a X [ruleName] => [data] => [createdAt] => 1438601819 [updatedAt] => 1438601819 ) )
So I'm expecting that user doesn't have updating permission, but in the method XController::update
echo \Yii::$app->user->can('updateX');
// returns 1, just the same than \Yii::$app->user->can('createX') returning
Please some help
First items file should be:
<?php
return [
'user' => [ 'type' => 1, 'children' => [ 'createX', ], ],
'createX' => [ 'type' => 2, 'description' => [ 'create a X', ], ],
'admin' => [ 'type' => 1, 'children' => [ 'updateX', ], ],
'updateX' => [ 'type' => 2, 'description' => ['update a X', ], ],
];
You can verify if the code is fine with var_dump:
var_dump(\Yii::$app->authManager);