FYI - as of yesterday, there is now a tagged stable release for simplesamlphp/simplesamlphp version 2.1: https://github.com/simplesamlphp/simplesamlphp/releases/tag/v2.1.0
@caesius - thanks for the link to the diff. That is extremely helpful.
For anyone considering other options, we've been testing a standalone implementation of SimpleSAMLphp 2.0 (stable version) in conjunction with the 4.x-dev branch of this module. That allows SimpleSAMLphp to run a different version of Symfony and sidesteps certain conflicts. Similar to the Drupal 7 approach. We had to make some awkward changes to our CI/CD processes to get that to work on our Sandbox, and I don't love it as a solution. But it does appear to work (if you have the ability to modify server configuration and create symlinks).
Update: I can now confirm that this works on our Sandbox setup for Drupal 10. The issue I ran into with the NameIDPolicy turned out to be caused by an unrelated proxy setting.
Once that was corrected, the rest went smoothly. No patching needed, as previously suggested in various issues above. At least, not for my setup.
@caesius, I was referring to the 'simplesamlphp_d10_nameidpolicy_fix.patch' patch referenced by @tadas.rimkus in #49, which may or may not still be needed... Not sure if that ever made it into the issue queues for simplesamlphp/simplesamlphp or simplesamlphp/saml2...
Testing on a Sandbox SAML IpD that requires either SmartcardPKI or TimeSyncToken for authentication. No patches tested (yet). Testing with:
PHP 8.1.22
Drupal 10.1.2
simplesamlphp_auth: 4.x-dev
simplesamlphp/simplesamlphp: dev-simplesamlphp-2.1
Good News: installed cleanly once our System Administrators added the ext-intl extension to PHP, so that part went fairly well.
Bad News: not able to successfully authenticate due to problems with the NameIDPolicy Format. It seems to always revert to "transient" no matter what we input in authsources.php (we're required to use "persistent").
Is anybody else able to get that to attribute to change (without the patch)?