-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Baggerone edited this page Apr 25, 2016
·
11 revisions
This is a web app designed to allow users to reset their Identity Provider (IDP) password. It includes functionality that allows users to register different means of contact (e.g. email address or phone number), in order to ensure secure processes.
The web app relies on various plug-able components/modules. These are ...
- An authentication module
- A password store module (e.g. ldap)
- A personnel store module
- A phone verification module
These modules can be customized on a per-instance basis but must implement the interfaces found in the idp-pw-api-common github repo.
Consider the concrete example of a SAML authentication module. It would need to look something like this ...
<?php
namespace Sil\IdpPw\Auth;
use Sil\IdpPw\Common\Auth\AuthnInterface;
use Sil\IdpPw\Common\Auth\InvalidLoginException;
use Sil\IdpPw\Common\Auth\RedirectException;
use Sil\IdpPw\Common\Auth\User as AuthUser;
use yii\base\Component;
use yii\web\Request;
[other use statements]
class Saml extends Component implements AuthnInterface
{
/**
* @param string $returnTo Where to have IdP send user after login
* @param \yii\web\Request|null $request
* @return \Sil\IdpPw\Common\Auth\User
* @throws \Sil\IdpPw\Common\Auth\InvalidLoginException
* @throws RedirectException
*/
public function login($returnTo, Request $request = null)
{
...
}
/**
* @param string $returnTo Where to have IdP send user after logout
* @param null|\Sil\IdpPw\Common\Auth\User $user
* @return void
* @throws RedirectException
*/
public function logout($returnTo, AuthUser $user = null)
{
...
}