Add whitespace around comments in saml_settings to ease reading.
This commit is contained in:
parent
c61ff5c4eb
commit
c87ee96050
1 changed files with 20 additions and 0 deletions
|
@ -339,6 +339,7 @@ function saml_create_user($username, $email, $name)
|
|||
function saml_settings()
|
||||
{
|
||||
return [
|
||||
|
||||
// If 'strict' is True, then the PHP Toolkit will reject unsigned
|
||||
// or unencrypted messages if it expects them to be signed or encrypted.
|
||||
// Also it will reject the messages if the SAML standard is not strictly
|
||||
|
@ -357,18 +358,23 @@ function saml_settings()
|
|||
|
||||
// Service Provider Data that we are deploying.
|
||||
'sp' => [
|
||||
|
||||
// Identifier of the SP entity (must be a URI)
|
||||
'entityId' => DI::config()->get('saml', 'client_id'),
|
||||
|
||||
// Specifies info about where and how the <AuthnResponse> message MUST be
|
||||
// returned to the requester, in this case our SP.
|
||||
'assertionConsumerService' => [
|
||||
|
||||
// URL Location where the <Response> from the IdP will be returned
|
||||
'url' => DI::baseUrl() . '/saml/sso',
|
||||
|
||||
// SAML protocol binding to be used when returning the <Response>
|
||||
// message. OneLogin Toolkit supports this endpoint for the
|
||||
// HTTP-POST binding only.
|
||||
'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
|
||||
],
|
||||
|
||||
// If you need to specify requested attributes, set a
|
||||
// attributeConsumingService. nameFormat, attributeValue and
|
||||
// friendlyName can be omitted
|
||||
|
@ -382,20 +388,25 @@ function saml_settings()
|
|||
]
|
||||
]
|
||||
],
|
||||
|
||||
// Specifies info about where and how the <Logout Response> message MUST be
|
||||
// returned to the requester, in this case our SP.
|
||||
'singleLogoutService' => [
|
||||
|
||||
// URL Location where the <Response> from the IdP will be returned
|
||||
'url' => DI::baseUrl() . '/saml/slo',
|
||||
|
||||
// SAML protocol binding to be used when returning the <Response>
|
||||
// message. OneLogin Toolkit supports the HTTP-Redirect binding
|
||||
// only for this endpoint.
|
||||
'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
|
||||
],
|
||||
|
||||
// Specifies the constraints on the name identifier to be used to
|
||||
// represent the requested subject.
|
||||
// Take a look on lib/Saml2/Constants.php to see the NameIdFormat supported.
|
||||
'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
|
||||
|
||||
// Usually x509cert and privateKey of the SP are provided by files placed at
|
||||
// the certs folder. But we can also provide them with the following parameters
|
||||
'x509cert' => DI::config()->get('saml', 'sp_cert'),
|
||||
|
@ -404,30 +415,39 @@ function saml_settings()
|
|||
|
||||
// Identity Provider Data that we want connected with our SP.
|
||||
'idp' => [
|
||||
|
||||
// Identifier of the IdP entity (must be a URI)
|
||||
'entityId' => DI::config()->get('saml', 'idp_id'),
|
||||
|
||||
// SSO endpoint info of the IdP. (Authentication Request protocol)
|
||||
'singleSignOnService' => [
|
||||
|
||||
// URL Target of the IdP where the Authentication Request Message
|
||||
// will be sent.
|
||||
'url' => DI::config()->get('saml', 'sso_url'),
|
||||
|
||||
// SAML protocol binding to be used when returning the <Response>
|
||||
// message. OneLogin Toolkit supports the HTTP-Redirect binding
|
||||
// only for this endpoint.
|
||||
'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
|
||||
],
|
||||
|
||||
// SLO endpoint info of the IdP.
|
||||
'singleLogoutService' => [
|
||||
|
||||
// URL Location of the IdP where SLO Request will be sent.
|
||||
'url' => DI::config()->get('saml', 'slo_request_url'),
|
||||
|
||||
// URL location of the IdP where SLO Response will be sent (ResponseLocation)
|
||||
// if not set, url for the SLO Request will be used
|
||||
'responseUrl' => DI::config()->get('saml', 'slo_response_url'),
|
||||
|
||||
// SAML protocol binding to be used when returning the <Response>
|
||||
// message. OneLogin Toolkit supports the HTTP-Redirect binding
|
||||
// only for this endpoint.
|
||||
'binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
|
||||
],
|
||||
|
||||
// Public x509 certificate of the IdP
|
||||
'x509cert' => DI::config()->get('saml', 'idp_cert'),
|
||||
],
|
||||
|
|
Loading…
Reference in a new issue