notwes / laravel-uls
Adds ULS authentication support to your application
Requires
- php: >=7.1.0
- illuminate/support: 5.3.x|5.4.x|5.5.x
- namshi/jose: ^7.0
- web-token/jwt-checker: ^1.0
- web-token/jwt-core: ^1.0
- web-token/jwt-key-mgmt: ^1.0
- web-token/jwt-signature: ^1.0
Requires (Dev)
- orchestra/testbench: 3.x
- phpunit/phpunit: ^4.8|^5.2
- squizlabs/php_codesniffer: ^2.3
README
About
Provides a wrapper around the web-token libraries for use with VATUSA's Unified Login Scheme.
Installation
- Require the
vatusa/laravel-uls
package in yourcomposer.json
and update your dependencies:$ composer require vatusa/laravel-uls
- Generate the configuration file
Configuration
The defaults are set in config/uls.php
. Copy this file to your own config directory to modify the values. You can publish the config using this command:
$ php artisan vendor:publish --provider="VATUSA\Uls\UlsServiceProvider"
return [ /* |-------------------------------------------------------------------------- | Laravel ULS |-------------------------------------------------------------------------- */ /* * ULS Version to use * * By default we'll use 2 */ 'version' => env('ULS_VERSION', 2), /* * Set the JSON Web Key retrieved from VATUSA's Facility Management */ 'jwk' => json_decode(env('ULS_JWK', []), true), /* * Facility 3 letter identifier */ 'facility' => env('ULS_FACILITY', 'ZZZ') ];
Lumen
On Laravel Lumen, load your configuration file manually in bootstrap/app.php
:
$app->configure('uls');
Usage
Using laravel-uls is fairly easy.
-
Get your JSON Web Key from your facility's Technical Configuration page. https://www.vatusa.net/mgt/facility (NOTE: You must hold a ATM, DATM or WM role for that facility to generate/see the generated JSON Web Key)
-
Store the JWK, unedited, in the config above (or, recommended quoted with single quotes in the .env file as ULS_JWK='... JWK from VATUSA...')
-
To generate the redirect url, use:
$uls->redirectUrl()
To handle the developmental returns, specify a boolean argument of true
$uls->redirectUrl(true)
-
To verify a token, assume $token is the full token received from VATUSA's ULS endpoint
$uls = new Uls(); if ($uls->verifyToken($token)) { // Token was true }
The laravel-uls library conducts header verifications to ensure that the accepted algorithms are received. Additionally, it conducts the following claims checks, including:
- Ensures the audience is you (IE, the token isn't meant for another facility)
- The token is not expired
- The Issued at time is logical (ie, not in the future)
Because of this, a number of exceptions may be thrown:
- InvalidArgumentException
- Jose\Component\Checker\InvalidClaimException
- Jose\Component\Checker\InvalidHeaderException
-
To get the information of the user associated with the token, use:
$uls->getInfo();
This will return an array of the decoded JSON from ULS. Details of the array can be found in the VATUSA Technical Manual M1022 at https://www.vatusa.net.
License
Released under the GNU Public License 3.0, see LICENSE.