Example Symfony3 project based on spid-symfony-bundle to demonstrate how to integrate SPID login.
SPID is the Italian digital identity system, which enables citizens to access all public services with a single set of credentials.
The project was initially created with:
php symfony.phar new spid-symfony3-example 3.4
Tested on: amd64 Debian 9.5 (stretch, current stable) with PHP 7.0.
Supports PHP 7.0, 7.1 and 7.2.
sudo apt install composer make openssl php-curl php-zip php-xml phpunit php-cli
Before using this package, you must:
-
Configure your application in the
app/config/parameters.yml
file (you can useapp/config/parameters.yml.dist
as a template) -
Configure SPID in the
spid_symfony
key in theapp/config/config.yml
file, you should at least adapt the base url (used in thesp_entityid
,sp_singlelogoutservice
andsp_assertionconsumerservice
keys) to your needs -
Install PHP dependencies with composer
-
Download and verify the Identity Provider (IdP) metadata files; it is advised to place them in a separate idp_metadata/ directory. A convenience tool is provided for this purpose: bin/download_idp_metadata.php.
-
Generate key and certificate for the Service Provider (SP).
The last three steps can be performed in an unattended fashion with:
composer install
mkdir -p example/idp_metadata
make -f ./vendor/italia/spid-php-lib/Makefile
./vendor/italia/spid-php-lib/bin/download_idp_metadata.php ./example/idp_metadata
NOTE: during testing, it is highly adviced to use the test Identity Provider spid-testenv2.
-
Execute the
php bin/console server:start
command -
Visit http://localhost:8000/metadata to get the SP (Service Provider) metadata, then copy these over to the IdP and register the SP
-
Browse to the http://localhost:8000/reserved, you should see:
Authentication Required
-
Visit http://localhost:8000/ and click
login
-
Browse to the http://localhost:8000/reserved, you should see:
Really reserved stuff here !
This screencast shows what you should see if all goes well:
It is advised to install a browser plugin to trace SAML messages:
-
Firefox:
-
Chrome/Chromium:
In addition, you can use the SAML Developer Tools provided by onelogin to understand what is going on
Launch unit tests with PHPunit:
./vendor/bin/phpunit --stderr --testdox tests
This project complies with the PSR-2: Coding Style Guide.
Lint the code with:
./vendor/bin/phpcs --standard=PSR2 xxx.php
For your contributions please use the git-flow workflow.
- SPID page on Developers Italia
Andrea Manzi (Comune di Firenze) and Paolo Greppi (simevo s.r.l.)
Copyright (c) 2018, The respective authors
License: BSD 3-Clause, see LICENSE file.