lukasmu / laravel-samlite
Enable authentication against SAML identity providers for your Laravel application
Installs: 47 434
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Requires
- php: ^7.3|^8.0
- ext-openssl: *
- laravel/framework: ^6.0|^7.0|^8.0|^9.0|^10.0
- onelogin/php-saml: ^3.0
Requires (Dev)
- orchestra/testbench: ^5.0|^6.0|^7.0|^8.0
- orchestra/testbench-browser-kit: ^5.0|^6.0|^7.0|^8.0
- phpseclib/phpseclib: ^2.0.27
- phpunit/phpunit: ^8.5|^9.0|^10.0
README
This package can be used to quickly add authentication against SAML2 identity providers to your Laravel application. This package thus makes your Laravel application a SAML2 service provider.
Please note that this package is based on onelogin/php-saml. It is similar to aacotroneo/laravel-saml2 but as easy to use as laravel/socialite. It also tries to resemble the default Laravel authentication under the hood.
Installation
You can install the package via composer:
composer require lukasmu/laravel-samlite
Usage
After installing the package make sure to set some environmental variables. For example, when you want to use Microsoft Azure as identity provider, please set up the following environmental variables:
SAML_IDP_AZURE_AD_IDENTIFIER= SAML_IDP_AZURE_LOGIN_URL= SAML_IDP_AZURE_LOGOUT_URL= SAML_IDP_AZURE_CERT=
If your environmental file does not yet contain the variables SAML_SP_PRIVATE_KEY
and SAML_SP_CERT
also run:
php artisan saml:setup
You then want to create a Controller that extends the authentication controller that ships with this package. Here is an example.
<?php namespace App\Http\Controllers; use LukasMu\Samlite\Http\Controllers\SamlController; use LukasMu\Samlite\SamlAuth; class AuthenticationController extends SamlController { public function loginUser(SamlAuth $saml_auth) { $mail = $saml_auth->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress')[0]; $name = $saml_auth->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname')[0]; $user = User::where('email', $mail)->first(); if (!$user) { $user = new User; $user->name = $name; $user->email = $mail; $user->password = md5(rand(1,10000)); $user->save(); } $this->guard()->loginUsingId($user->id); } }
Finally, register your controller by placing another environmental variable:
SAML_CONTROLLER="App\Http\Controllers\AuthenticationController"
Customization
You can publish the config file with:
php artisan vendor:publish --provider="LukasMu\Samlite\SamlServiceProvider" --tag="config"
Feel free to set the appropriate environmental variables (or edit the config file) in order to add your preferred identity providers.
Testing
You can run all tests via composer as well:
composer test
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email hello@lukasmu.com instead of using the issue tracker.
Postcardware
You are free to use this package, but if it makes it to your production environment we highly appreciate you sending us a postcard from your hometown. The address is: Lukas Müller, Dirklangendwarsstraat 5, 2611HZ Delft, The Netherlands.
License
The MIT License (MIT). Please see LICENSE for more information.