Play it Again, SAML

I had to integrate SAML authetication on a Laravel application, so I composer required the laravel-saml2 package (actually, the remove_mcrypt branch. You know: mcrypt has been dropped in PHP 7.2...) and configured it to attach to the SimpleSAML-PHP instance I recently deployed. Of course nothing worked out of the box, so my experience is worth a blog post. On the server side (SimpleSAML-PHP): the standard response for authentication includes the password attribute. With the user's password hash in binary format. And, aside the security implications of this, the…

Keep reading

Monthly Report: July 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository Dario: rooms management and booking initial release on the repository My Contents 20 CC-BY photos loaded on my Flickr profile. Support my activities with PayPal or Patreon!…

Keep reading

Check the Checkbox

I often use the "add and remove rows from a grid" pattern to permit handling groups of data, but today I had to manage a particular use case. Given a simple table <table> <tr> <td> <input type="text" name="firstname[]"> </td> <td> <input type="text" name="lastname[]"> </td> <td> <input type="email" name="email[]"> </td> </tr> <tr> <td> <input type="text"…

Keep reading

Monthly Report: June 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository Spunta: a simple checklists manager many fixes on the repository My Contents 60 CC-BY photos loaded on my Flickr profile. Support my activities with PayPal or Patreon!…

Keep reading

Monthly Report: May 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository Spunta: a simple checklists manager some fixes on the repository Other Software laravel-imap: Laravel package to handle IMAP connections little improvement My Contents 109 CC-BY photos loaded on my Flickr profile. Support my activities with PayPal or Patreon!…

Keep reading

Map Drop

I wanted to recreate the Flickr's feature to drop photos on a map to geolocalize them. Like this: So, hacking on a MapBox canvas, I obtained that: Here we have a <div id="map"> used to instance the MapBox map many <div class="thumb">, each containing the img to geolocalize a few CSS and JS The important part of CSS is the "overlay modal" effect generated around the dragged image when over the map, obtained with a little padding, a blank background, and the evergreen trick…

Keep reading

Monthly Report: April 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository apress: a simple Twitter scheduler fixed 5 Other Software zetacomponents/Archive: PHP package to manage archive files fixed issue with PHP 7.2 NextCloud Notes: note-taking app for NextCloud fixed 177 Support my activities with PayPal or Patreon!…

Keep reading

SAMLStorm

SandStorm is a cool solution to host simple web services and let users use them easily. It can be installed with a few commands, but still has an issue that bothered me: it is not possible to have a publicly accessible instance, as all of the involved login methods imply some kind of explicit authorization or explicit invitation from the administrator. The only viable way I've found to publish a public SandStorm instance has been to setup a SAML Identity Provider, implement there new users' registration flow, and activate that…

Keep reading

Social Logout

Again about the Laravel application involving Google login: it is often used on computers shared among many people, and logging on Google involves that all of the services are then enabled and accessible from that computers. Mostly undesiderable, of course. Socialite logout do not implies Google logout, nor any form of OAuth logout. So I had to provide a trick. The new logout() function looks as: public function logout() { Auth::logout(); $url = sprintf('https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=%s', route('login')…

Keep reading

Monthly Report: March 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository Spunta: a simple checklists manager many fixes on the repository Free Software Promotion MERGE-it: Italian cross-community meetup coordination of the event Support my activities with PayPal or Patreon!…

Keep reading