Allowing multiple IDPs

Open on Drupal.org →

Created on 13 September 2023, about 1 year ago

Updated 15 April 2024, 7 months ago

Problem/Motivation

Some websites require to support multiple IDPs, which is currently not supported by the module.

Steps to reproduce

Navigate to /admin/config/people/simplesamlphp_auth
Enter multiple sources, separated by commas, into the "Authentication source for this SP" field
Save the form

When you attempt to use the SSO functionality, it would fail with a fatal error.

Proposed resolution

We can easily check for the field value and, if we identify a comma-separated value, we can explode it and attempt to authenticate the expected IDP.
It can be achieved by supplying a comma-separated list of IDPs into the existing configuration field, so no form or module configuration change is required.

Remaining tasks

1. Validate the use case
2. Validate and test the patch

User interface changes

API changes

Data model changes

Patch status

The attached patch file was tested across Drupal 9.4.x and 9.5.x and runs on PHP 7.4 and up.

✨ Feature request

Status

Active

Version

3.3

Component

Code

Created by

🇦🇺Australia ivrh

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @ivrh
Comment about 1 year ago →
cilefen
Is this a duplicate of #2869107: Multiple Authentication sources → ?
Comment 7 months ago →
🇮🇳India bapi_22
Hello @ivrh,

The ticket seems duplicate. But your patch is correctly to handled different IDPs.
But the claim attributes are different for different IDPs. How to handle that?

For Example: The email attributes as "Email" For IDP 1 where as "mail" for IDP 2.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024