I am using SimpleSamlPHP library to implement SAML 2.0 SSO for my client. My client has already shared their IdP metadata and I have implemented that on my end. Now they need (off course) the SP metadata from me.
SimpleSamlPHP provides a very user friendly converter (find the converter in simplesamlphp/www/admin/metadata-converter.php) that you can use to convert the IdP metadata XML into metadata (PHP) array that you would use in saml20-idp-remote configuration.
I am looking for a similar utility that would take details about my assertion url, single logout url etc and would generate the SP metadata file for my client. If there is no such utility, can someone please give me a hint on how can I go about generating the SP metadata for my client. I off course don't expect anyone to give me the full solution, just a push in the right direction is all I need.
Thanks all.
UPDATE: I am looking for the standard XML attributes that the SP metadata XML should have.
SP metadata is available in web console of SimpleSAMLphp (Federation tab -> Show metadata):
https://your_server/path_to_simplesamlphp/www/
or directly via URL:
https://your_server/path_to_simplesamlphp/www/module.php/saml/sp/metadata.php/sp_name_from_authsources_php
Related
I am new to AZURE O365 portal, I have created some users in azure portal.
How can I create API in Azure portal to get the user details which I have already created in the portal and are they users enabled or disabled using PHP.
I tried: I have created application and I created secret Id in the portal, then what I have to do, to generate API for user list using php.
please help on it.
Thanks
Sandeep
Not sure if I undestand you correctly: you created some users on the azure portal and you want to get these users using PHP?
Azure has many APIs, they also have an API for getting these users, here is the specification and example code (not in php, but I think still easy to understand):
https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http
Basically you can access that data using graphql client. There are many graphql libraries for php. But as I skimmed through the docs, you don't really need a library, just a way to create http requests, I recommend Guzzle.
Before you create that php code, I recommend to simply play with the API by using postman or other api client. If it works there, you can start to create the php code.
The code is basically a http POST request (or whatever is specified in the documentation). The request should contain your API tokens in the header, thats all. Data will be provided usually as JSON. Here are some examples how to use guzzle in php for graph.
I don't know if what I would like to do is possible. I'm trying to integrate the authentication mechanism of my university in an android application which uses Laravel as backend. I've decoded the SAMLResponse and in the XML file I found this
'SPNameQualifier' = 'https://sp-esse3-unimib-prod.cineca.it/shibboleth',
'NameQualifier' = 'https://idp-idm.unimib.it/idp/shibboleth'
which are the SP and IdP URI I think. In my Android app I want that users login without register because they can use their university account. In the SAMLResponse I've also the SignatureValue, X509Certificate and other data but I can't figure out how to configure everything.
Searching on Google, I found those packages laravel-saml2 and php-saml. Are those packages good to fit my problem? Can you help me to understand how to configure everything?
I'd look at SimpleSAMLphp. You application will be a "service provider" or SP. You'll need to generate metadata for your application, which you'll need to share with the IdP administrators at your university to enable the integration. The SSP quickstart link provided above gives details on obtaining metadata for your SP, and how to convert the Identity Provider-supplied XML metadata into a format that's readable by the SSP libraries.
Only after the exchange of metadata occurs and your application is trusted can you being to exchange SAML responses. SSP makes this process easy, as you'll just end up calling a few lines of code any time a resource needs to be protected, i.e.
require_once('../../lib/_autoload.php');
$as = new \SimpleSAML\Auth\Simple('default-sp');
$as->requireAuth();
$attributes = $as->getAttributes();
That's all that's needed to make sure the SAML flies back and forth... but integrating is a different story. There are surely policies and procedures that your university imposes that you'll need to follow, and you can't just integrate with the University without following their integration procedures, i.e. a proper IdP isn't going to provide a SAML assertion to just any old application that asks for it.
So I am building a phonegap based application and I'd like that application to get it's information from a source using a http request to this source. This source however, must only be able to deliver data to this specific source and no info to any other source what so ever.
I can surely add parameters to the request, however, these parameters can easily be found by decompiling the application file. Is there a possibility for the server to know that the source indeed is my specific application without having to hardcode any kind of key into the app that easily can be obtained?
This all is to ensure that only this app can use a service and somebody else can't make use of that api.
You can't really secure your app with a login/secret embedded inside your app. But if you craft a token system that delivers an access token back to a user upon identification of that user. Bottom line, you need to start with a register/login screen.
I recommend this lib for php, and the Client Credentials grant seems like it would be what you want, see grant types
I want to send data from my PHP page to Siebel CRM. As I have seen so may sample that web service provide a WSDL URL which need to invoke and it is very easy using SOAP Client in php. but how it work in siebel as it has no WSDL url, it's provide a WSDL file
Siebel does generate and support WSDLs. But not via URLs, one needs admin access to the integration screens to generate WSDLs. Please speak with the administrator of your siebel instance. Also check oracle support pages for step-by-step instructions.
Newer versions of siebel also supports REST webservices. Again, one needs admin access to setup and get the URLs.
I'm an experienced data analist with mostly SQL and R experience, little Python, and unfortunately little .NET and PHP exposure. I have searched extensively for anyone with a similar questions, but unfortunately I haven't found what I'm looking for.
Situation: I'm setting up an HDInsight cluster on Azure (with Apache Spark) and I need to pull in some data from a SOAP API (no restful API).
Problem: Where and how do I pull this data in? I thought the Logic App in Azure would be a suitable place. However, I don't quite succeed in calling on this API.
I do have a working PHP script with a proper API call. Here is a (part of) the syntax.
$client = new SoapClient('http://someURL?wsdl');
$webservice = new SoapClient('http://someotherURL?wsdl');
$session = $client->someOperationToLogin($var1, $var2, $var3);
$operation = $webservice->someOperationToGetData($session, $var4, $var5);
$session = $client->logout($session);
As you can see, I first need to obtain a session id and then use this session id in subsequent calls. As far as I understand, I can't get to this data through a simple HTTP request.
Questions:
Can I call this particular SOAP API directly through one of the existing connectors in the Azure Logic App
If (1) is not possible, can I make use of the existing PHP script? How and where?
Is there any other route I can follow to make use of the data through this SOAP API? For instance: using pyspark in the Spark/HDInsight Cluster?
I really appreciate your help and pointers.
You Can Make The Call Through The Normal HTTP Connector.
1- First Set Your Http trigger method to post and send it your xml Body.
HTTP Trigger
2- Make An Http Action with the url to Your Soap End like
abc.asmx
xyz.svc Http Call To Soap End
Don`t forget to set the Method To Post and Content-Type to text/xml as a header.
3- Finally Bind your Http Response to response action set the status code and body To the HTTP Action Status and Body Dynamically don`t forget to set to content type Here to text/xml as well Return Response Action
4- Finally Configure the run After for response component to sun after HttP Action Even If Faild , Cancled or time out Just to pass the Status code for every call Like That Right click on Response and configure run after conf Run After For response Action .
Here is The Full View Full Flow.
Like The Response If This helps.
There are no SOAP APIs called thru the existing connectors in Azure Logic App.
This is a list of Connectors and API Apps Reference: https://msdn.microsoft.com/en-us/library/azure/dn948518.aspx.
Their supported functions are all based on REST APIs via Http/Https.
All services & apis on Azure are almost based on REST APIs to compatible with crossover platform & language scenes.
But even so, you can create own SOAP APIs thru Azure App Service or Cloud Service.Please refer to http://azure.microsoft.com/en-us/documentation/services/app-service/api/ and https://azure.microsoft.com/en-us/documentation/articles/app-service-logic-arm-with-api-app-provision/.
In Azure HDInsight, you can pull in some data from Storage Service and Service Bus. If you want to use Azure Logic App, the exisiting connectors are Blob Connector and ServiceBus Connector, and even Dropbox Connector.
You can refer to the references below to use PHP script to access the Azure Storage & ServiceBus services linked as HDInsight resources to store/get or send/receive some data.
1.https://azure.microsoft.com/en-us/documentation/articles/storage-php-how-to-use-blobs/
2.https://azure.microsoft.com/en-us/documentation/articles/service-bus-php-how-to-use-queues/.
Best Regards.
It is now possible to create a REST API from a SOAP WSDL file through Azure API Management using the SOAP to Rest feature.
This can be accessed from:
Azure portal -> API Management services -> <Your API Management Service> -> APIs -> Add API -> WSDL
After this is set up, it is easy to access this API from other Azure products.