SAML - simplesamlphp

Hi All,
I've finally cracked this
If you find yourself in a situation where you want to integrate saml based SSO with your CI app then read on..

The key to success was to NOT use the phpsession driver for SimpleSAMLphp.
Once i've switched to using a SQL database for it, the session restore functionality started working.

So, just ensure that the config/config.php is not using phpsession as storetype:

PHP Code:

'store.type'         => 'sql', 


Then it as simple as the below to integrate authentication in codeigniter:

PHP Code:

public function auth()
    {
        // Ensure we are not running in cli mode
        if (!is_cli())
        {
            // SimpleSAMLphp is installed under /var/simplesaml
            require_once('/var/simplesamlphp/lib/_autoload.php');

            // Authenticate against the 'default-sp' identity provider
            $auth = new \SimpleSAML\Auth\Simple('default-sp');

            if (!$auth->isAuthenticated())
            {
                // The user is not authenticated.

                $auth->requireAuth();
            }
            else
            {
                // We are authenticated, let's get the attributes
                $attributes = $auth->getAttributes();

                // Restore codeigniter's session
                $session = SimpleSAML_Session::getSessionFromRequest();
                $session->cleanup();

                // Add the attributes to the restored session
                $_SESSION['attributes'] = $attributes;

              // Do something based on attributes:
             // redirect, etc..


            }
        }
    } 


My plan is to get the above integrated with Ion Auth, where the above function will use hooks set up and log in the users locally, then i can use Ion Auth to manage the authorizations to different parts of the application