In 2022. and 2023, I’ve participated in a GÉANT Trust & Identity Incubator project for creating a “Personal Profile Page” in Shibboleth and SimpleSAMLphp software. I’ve worked on the SimpleSAMLphp part, by creating a dedicated module which is available here: https://github.com/cicnavi/simplesamlphp-module-profilepage

Some of the module features are:

  • Enables tracking of authentication events, synchronously (during authentication event) or asynchronously (in a separate process using SimpleSAMLphp Cron feature)
  • Provides endpoints for end users to check their personal data, summary on connected Service Providers, and list of authentication events
  • Comes with default DBAL backend storage, meaning the following database vendors can be used: MySQL, Oracle, Microsoft SQL Server, PostgreSQL, SQLite. Other backend storages can be added by following proper interfaces.
  • Comes with setup procedure which sets up backend storage. In case of Doctrine DBAL this means running SQL migrations which create proper tables in configured database.
  • Each backend storage connection can have master and slave configuration (master for writing, slave for reading)
  • Has tracking functionality available which persist authentication data to backend storage. Currently, module can track connected services and authentication events. Other trackers can be added by following proper interfaces.
  • Tracking can run in two ways:
    • synchronously - authentication data persisted during authentication event typically with multiple queries / inserts / updates to backend storage.
    • asynchronously - only authentication event job is persisted during authentication event (one insert to backend storage). With this approach, authentication event jobs can be executed later in a separate process using SimpleSAMLphp cron module