humanmade/wp-simple-saml
Composer 安装命令:
composer require humanmade/wp-simple-saml
包简介
WordPress Simple SAML plugin
README 文档
README
|
WordPress Simple SAML Easy to use Single-sign-on ( SSO ) SAML integration plugin for WordPress, with multi-site / multi-network support. |
|
| A Human Made project. Maintained by Shady Sharaf. |
|
WordPress Simple SAML is a flexible, extensible SAML integration plugin, which does most of the grunt work while keeping everything configurable through actions and filters throughout the plugin.
The plugin supports multi-site networks, and cross-network SSO delegation as well. Can be installed on site-level, or on network-level.
WordPress Simple SAML uses OneLogin's PHP-SAML toolkit for SAML API integration.
Getting Set Up
- Copy the plugin files to your
wp-content/pluginsdirectory - Activate the plugin
- Head over to configuration screen.
- Send Service Provider metadata URL ( or content ) to your Identity Provider authority (IdP) ( find the link in settings page ).
Note: If you're activating the plugin network-wide via code, you might need to use the filter wpsimplesaml_network_activated to override the standard WordPress check, something like this would be what you need:
add_filter( 'wpsimplesaml_network_activated', '__return_true' )
Configuration
There is two ways to configure the plugin, either from the admin interface or using filters, both can be used interchangably as the project requires, usually filters prevail database settings though.
Admin configurations
Depending on whether the plugin is network-activated or not, you will need to go to Settings \ General or Network Settings pages.
SSO Statusis how the plugin integrates with WordPress login process, available options areDisable,Display login linkwhich only provides a link in the login form,Force redirectwhich overrides the login form altogether and directly goes to SSO login page.SSO Base URL(optional) is the home URL of the WordPress site that serves as the delegate ( main service provider ) to which SAML responses will be posted, usually this is the main site of the network, and is the same value forsiteurloption, eghttps://my.site/SSO IdP Metadata(required, if not filtered) Copy of the SSO IdP metadata XML file, which can also be passed via eitherwpsimplesaml_idp_metadata_xml_pathfor a path to the XML file, orwpsimplesaml_idp_metadata_xmlfor the contents of the XML, orwpsimplesaml_idp_metadatafor the configuration array.SSO delegation whitelisted hostsList of hosts to whitelist during delegation of SAML responses, ie: secondary domains that needs to use SSO as well from the same IdP. Local sites are allowed by default.SSO Role ManagementEnables developers to assign different roles to users based on SAML Responses, disabled by default, and is controlled via a few filters,SSO Debug via CookiesAllows developers to use a special cookie namedsso_debugto override theSSO Statusoption during testing. Possible value of the cookie areforceandlink, which are self-explanatory.SSO Config validationShows information about IdP metadata and validity of its settings.
Configuration via code
WordPress Simple SAML is built to be as extensible as possible, so most aspects of the login/validation process can be tweaked as needed by using the available well-documented Hooks.
TL;DR; This is the basic minimum filters you'd need to get an implementation working with the default options.
// SAML metadata XML file path add_filter( 'wpsimplesaml_idp_metadata_xml_path', function(){ return ABSPATH . '/.private/sso/test.idp.xml'; } ); // Configure attribute mapping between WordPress and SSO IdP SAML attributes add_filter( 'wpsimplesaml_attribute_mapping', function(){ return [ 'user_login' => 'uid', 'user_email' => 'email', ]; } );
Testing
This plugin can be tested or developed within any local WordPress environment. For convenience, a local WordPress server can also be run by executing npm run dev: this command will start a local server at http://localhost:8888/ (requires Docker). Run npm run wp-env stop to shut down the server when finished.
As SSO authorities are usually a pain to change, and credentials take time to be configured, we've documented steps to get a sample SAML IdP ( Identity provider ) up and running using a test docker container. See more at Testing SSO Locally.
Contribute
TL;DR
# Make sure you have Docker installed, then run:
npm install
npm run dev
First, thanks for contributing!
Setting up
To get development dependencies, install composer and npm dependencies via:
composer install npm install
This installs Human made's version of WordPress Coding Standards via PHP Code Sniffer, and symlinks a precommit hook to automatically check all commits for code quality concerns.
Workflow
- Find an issue you'd like to help with, or create a new one for the change you'd like to introduce.
- Fork the repo to your own account
- Issue pull-requests from your fork to ours
- Tag the issue you're trying to resolve in your pull-request for some context
- Make sure the pull-request passed all Travis checks
- Tag any of the contributors for a review.
Next
Check issues list for what's planned next.
Credits
Created by Human Made for network-wide SAML SSO Integrations, because of the lack of a well-written WordPress integration with the features/flexibility our clients require.
Written and maintained by Shady Sharaf. Thanks to all our contributors.
Interested in joining in on the fun? Join us, and become human!
Changelog
- 0.3
- Fix compatibilty with WordPress single site (no multisite).
- Fix error caused by using WordPress dashboard function outside the dashboard.
- 0.2.1
- Fix missing composer dependency and updated .gitignore
- 0.2
- Updating PHP SAML library to 3.0 to support PHP 7.x
- 0.1
- Stable version
Credits
Thanks to all our contributors.
Interested in joining in on the fun? Join us, and become human!
humanmade/wp-simple-saml 适用场景与选型建议
humanmade/wp-simple-saml 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 301.12k 次下载、GitHub Stars 达 124, 最近一次更新时间为 2019 年 04 月 01 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「wordpress」 「SSO」 「single-sign-on」 「saml」 「onelogin」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 humanmade/wp-simple-saml 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 humanmade/wp-simple-saml 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 humanmade/wp-simple-saml 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Single-sign-on library for Symfony2
Single-sign-on bundle for Symfony2. Identity Provider part.
Single-sign-on bundle for Symfony2. Service Provider part.
Zend\Authentication SAML adapter. Uses existing simpleSAMLphp install.
Craft Single Sign-On OAuth & SAML Connect plugin allows unlimited sso / login ( Single Sign On ) with your Azure AD, Discord, G Suite / Google Apps or other custom SAML, OAuth 2.0, OpenID Connect providers.
Simple Single Sign-On
统计信息
- 总下载量: 301.12k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 125
- 点击次数: 22
- 依赖项目数: 2
- 推荐数: 0
其他信息
- 授权协议: GPL-3.0-or-later
- 更新时间: 2019-04-01