I am trying to use sso login on my website where my clients can login to a certain company X without signing in again. I spoke to the developers at the company X. they told me that they are using SAML 2.0 for exchanging authentication and authorization.
I was asked to purchase a certificate and submit it to them so they can generate a saml with the private key and all the attributes names i need to post. So they gave me the SAML file and url so i can post the data.
They have also told me that i need to do some encoding from utf8 to base64 before posting the saml for authentication and they gave me this snippet of C# code as an example.
You need to ask company x what are the form attributes that are needing response. Plus, I honestly believe thay you should iterate through the xml file items and then apply base64_encode on them..
I am really surprised by no support from company X, it is their API and not yours.. Giving you the C# codes does not equate to implementation in PHP. Not all PHP programmers codes in C#..
In C#, this code right here is un-instantiated array
then they iterated the items in xml file, cast items to string, convert them to utf8, and lastly encode to base64.
How are we going to implement the same logic in PHP programming? The answer is pretty simple. Take my sample codes below for example. I don't like the pre-mature foreach loop within the function. However, that leaves me choice. We cannot apply casting, encryption, to any existing array, without serializing them. I am not to implement serialization in my example, because Company X never told you that.
So, here we go. Suppose, we have an xml file... NOTE: I will be using xml_load string here instead of xml load file to make the example a lot clearer..In this example, only the values are encoded..
XML is just an example, use your own, fruits is a lot easier to digest than using a different example..
You can change the simplexml_load_string($xml) to simplexml_load_file($url_of_your_xml). Please observe how I indexed the xml string line by line.
Your cURL post field should send the output of the function encode_items(). Something like this
curl_setopt($ch, CURLOPT_POSTFIELDS, (encode_items($fruits))); // add POST fields
One last thought, why do you have to describe the API owner as company X. Don't you think it would not help if we found out which one. I have more than 15 API applications under my belt e.g. evernote, youtube, paypal,google,soundcloud,mandrill,easypost,dwolla,NHTSA,APIGEE,SUNLIGHT FOUNDATION, NPR (python),wepay,GILT, and many more, and who knows Company X maybe just one of them.. just saying.