Application architecture
November 22, 2017 ยท View on GitHub
The bundle is configured to be enabled into symphony application.
Registration flow
When an user needs to register for a new token
- The service provider sends a normal SAML 2.0 AuthnRequest.
- HTTP-Redirect binding
- Signed with http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
- The GSSP IdP will receive the request on route
/saml/sso. TheIdentityController::ssoActionwill handle the AuthnRequest and redirect the user to the application route where the actual registration takes place. - The application controller needs to register the new user by calling the
AuthenticationRegistrationService::registerwith Subject NameID. Theregisterfunction will return a response that will redirect the user to the GSSP IdP/saml/sso_returnroute. - The
/saml/sso_returnroute is handled byIdentityController::ssoReturnActionthat will assemble the saml response. The saml response will be send client-side to the service provider by a POST call.