-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsaml-redirect.php
37 lines (33 loc) · 1.51 KB
/
saml-redirect.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?php
// This is the page users visit when they submit the "Log in with SAML" form in
// this demo app.
require 'vendor/autoload.php';
$ssoready = new SSOReady\SSOReadyClient(
// Do not hard-code or leak your SSOReady API key in production!
//
// In production, instead you should configure a secret SSOREADY_API_KEY
// environment variable. The SSOReady SDK automatically loads an API key
// from SSOREADY_API_KEY.
//
// This key is hard-coded here for the convenience of logging into a test
// app, which is hard-coded to run on http://localhost:8000. It's only
// because of this very specific set of constraints that it's acceptable to
// hard-code and publicly leak this API key.
"ssoready_sk_2qk9g5m9doai5k7abmmfcc41w"
);
// To start a SAML login, you need to redirect your user to their employer's
// particular Identity Provider. This is called "initiating" the SAML login.
//
// Use `saml->getSAMLRedirectURL` to initiate a SAML login.
$redirectUrl = $ssoready->saml->getSAMLRedirectURL(new SSOReady\Saml\Requests\GetSamlRedirectUrlRequest([
// OrganizationExternalId is how you tell SSOReady which company's identity
// provider you want to redirect to.
//
// In this demo, we identify companies using their domain. This code
// converts "[email protected]" into "example.com".
"organizationExternalId" => explode("@", $_GET["email"])[1],
]))->redirectUrl;
// Redirect the user to $redirectUrl
http_response_code(302);
header("Location: " . $redirectUrl)
?>