I'm having a bit of trouble setting up a simpleSAMLphp service provider for the first time.
I configured the service provider like this:
'***' => array(
'saml:SP',
'redirect.validate' => true,
'redirect.sign' => true,
'privatekey' => '***.key',
'certificate' => '***.crt',
'entityID' => 'https://***',
'idp' => 'https://***',
'attributes' => array(
'eduPersonTargetedID',
'GivenName',
'SurName',
'mail',
'eduPersonScopedAffiliation',
'schacHomeOrganization',
),
'attributes.required' => array (
'eduPersonTargetedID',
'GivenName',
'SurName',
'mail',
'eduPersonScopedAffiliation',
'schacHomeOrganization',
),
),
I have also configured the identity provider, and it seems to be working fine. But when the user is redirected from the idp back to simpleSAMLphp, the simpleSAMLphp installation page is shown (the one that have some test tools).
My test uses this code:
require_once('../../lib/_autoload.php');
$simpleSaml= new SimpleSAML_Auth_Simple("***");
$simpleSaml->requireAuth(array(
'ReturnTo' => 'https://***/test.php',
'KeepPost' => FALSE,
));
$attributes = $simpleSaml->getAttributes();
When I try to login with the "Test configured authentication sources" tool, I'm also sent back the installation front page instead of the attribute overview I should get.
I tried to check the POST sent from the idp and was able to check it with this tool: http://www.ssocircle.com/en/1203/saml-request-online-decoder-encoder/
As far as I could see there where no errors and the users attributes were returned from the service.
So what am I doing wrong?
I ended up getting the SP metadata autogenerated, and that fixed the problem, not sure where the error in the metadata was.