Thursday, 8 October 2020

Is it possible that Keycloak as IDP and PHP Application as SP?

I imported this project in my PHP Eclipse [Branch Master, inside Demo1 folder]: https://github.com/onelogin/php-saml

Calling this: https://github.com/onelogin/php-saml/tree/master/demo1

Goal: I want to integrate a login SSO demo in PHP using Keycloak with SAML.

First of all, Is it possible that Keycloak as IDP and PHP as SP?

I already configured settings file and keycloak configuration, but I not added client-id anywhere in eclipse project, don't know where to add!.

<?php

$spBaseUrl = 'http://localhost:8080'; //or http://<your_domain>

//The ACS URL is a combination of the Secure Token Server subsystem address, its port number for handling SAML messages, the SAML binding,
//and any necessary information that is specific for CIC or ICWS.


$settingsInfo = array(
    'sp' => array(
        'entityId' => $spBaseUrl.'/demo1/metadata.php',
        'assertionConsumerService' => array(
            'url' => $spBaseUrl.'/demo1/index.php?acs',
        ),
        'singleLogoutService' => array(
            'url' => $spBaseUrl.'/demo1/index.php?sls',
        ),
        'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
    ),
    'idp' => array(
        'entityId' => 'http://localhost:8080/auth/realms/Lifetrenz',
        'singleSignOnService' => array(
            'url' => 'http://localhost:8080/auth/realms/Lifetrenz/protocol/saml',
        ),
        'singleLogoutService' => array(
            'url' => 'http://localhost:8080/auth/realms/Lifetrenz/protocol/saml',
        ),
        'x509cert' => 'MIICoTCCAYkCBgF0eK4PUzANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlMaWZldHJlbnowHhcNMjAwOTEwMTU0MDA3WhcNMzAwOTEwMTU0MTQ3WjAUMRIwEAYDVQQDDAlMaWZldHJlbnowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmHuIp66rwzd8pkm8nQ/PfMt6JUKu1VvkgrSpmMKkYcnbyWzMkOXV96VQBQLfMFZ+7OQlmGreCVASjjNaNhnDwF2KUU+CzJDdxAD8fj2DfGKsaiR5mZLlld5Fxl2dQ7Vn97gMRz7tb/+pW1Ih0ckYSGQwe4frWUZJxahZRUXtsJkj14pSib8u2J7BRJgrDhQMDFHAL1eyPZxKsXFdH6eB2FtWEJE90Zy6cshe5xFd+fMFY2vCPrbGH9FmcRjq004XQ9QdbL52paCnKoK2Vh7zwi80IXxjt8STUyf9Qnllzsmn37EFS8ZOzWoSy9dwqdHpF6BICBBYZZ2HIHCNXA1E9AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAAnvVLS5Tk5cE6e4IO3FwVbAvnHFi3nFHipnIqmfHf63Gy25b/mCtVZ9tDSA2tGCyULB0Zeq4B518/GJo0423lMw/R0dTkQnXuDPZc8O7MQbNg2fnNqNiamsv21RhDp3r998Un9MrniCuR1+vZyYy2urdLfF/BvvWVpVWtHvXgT1VI5lzy+WBJM08FO6rHdHiqVgWLf+xxXunaQA5gcno2Af6XzPsIHTFok6VviBZqJ6vqXwITfb9S4zwcqr0rgqeqGJ6w7qPZeC9UZw0EjtUqnjrnDZ6PxXjCXMdy4PXN0kEls1jMvbTS+LIlR1K3RlfXW0/K6Z8Ge/c+WAN+yXS30=',
    ),
);

But when I hit index.php, and when it'll redirect to keycloak login provider page, I'm getting "Unknow login requester"

Obviously, because I not used configured keycloak client-id!



from Is it possible that Keycloak as IDP and PHP Application as SP?
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)