PAPI module
===========

The PAPI module provides a single authentication module:

`papi:PAPI`
: Authenticate using the PAPI protocol.

This authentication module makes use of an external library, phpPoA, in order to
authenticate users by means of the PAPI protocol. It can therefore
be used to bridge between protocols, behaving like a PAPI `Point of Access` or
Service Provider.

To use this module, enable it by creating a file named `enable` in the
`modules/papi/` directory. Then you need to add an authentication source which
makes use of the `papi:PAPI` module to the `config/authsources.php` file:

	'example-papi' => array(
		'papi:PAPI',

		/*
		 * The site identifier that allows the module to determine which
		 * configuration of the phpPoA to use.
		 */
		 'site' => 'example',

		 /*
		  * The Home Locator Identifier. Use this if your phpPoA configuration
		  * points to a GPoA instead of an Authentication Server (AS), and you
		  * want to skip the identity provider selection page, by directly
		  * selecting one here.
		  */
		  'hli' => 'exampleAS',
	),

User attributes
---------------

If user attributes were received upon succesful authentication, then their exact
names and values will be transferred into the $state['Attributes'] array. Please
note that attribute name mapping could be needed. There's no support for asking
specific attributes during PAPI authentication. Attributes released to a Service
Provider must be agreed and configured on beforehand.