Search by 
teamupdivision / saltid-provider
SaltId auth
v1.0.4
2023-08-18 10:13 UTC
Requires
- php: ^7.2|^8.0
- ext-json: *
- guzzlehttp/guzzle: ^6.0|^7.0
- illuminate/contracts: ^6.0|^7.0|^8.0|^9.0|^10.0
- illuminate/http: ^6.0|^7.0|^8.0|^9.0|^10.0
- illuminate/support: ^6.0|^7.0|^8.0|^9.0|^10.0
Requires (Dev)
- mockery/mockery: ^1.0
- orchestra/testbench: ^4.0|^5.0|^6.0|^7.0|^8.0
- phpstan/phpstan: ^1.10
- phpunit/phpunit: ^8.0|^9.3
README
Documentation
- Setup & install
- How to use SaltId package in monolith
- How to use SaltId package in API
- How to use SaltId in manual mode
- Important functions
Setup & Install
1. Put in config/services.php
'saltid' => [
'client_id' => env('SALTID_CLIENT_ID'),
'client_secret' => env('SALTID_CLIENT_SECRET'),
'redirect' => env('SALTID_REDIRECT'),
'url' => env('SALTID_URL'),
],
2. Put credentials in your .env file:
SALTID_CLIENT_ID=yourclient-key-from-saltid
SALTID_CLIENT_SECRET=your-secret-key-from-saltid
SALTID_REDIRECT=http://your-domain.com/salt/callback
SALTID_URL=http://saltid.com/
Obs. These are generated from SaltId User Management
3. Create routes:
Route::get('salt/redirect', [SaltController::class, 'redirect']);
Route::get('salt/callback', [SaltController::class, 'callback']);
4. Install package
Run composer require teamupdivision/saltid-provider
How to use SaltId package in monolith
Create your controller that manages sso auth SaltId with functions:
- import package :
use Teamupdivision\SaltId\Facades\SaltId;
- create
redirectfunction:
/**
* Redirect function to external call for authorization step
*
* @param Request $request
* @return RedirectResponse
*/
public function redirect(Request $request): RedirectResponse
{
$redirect = SaltId::driver('saltid')->redirect();
return $redirect;
}
- create
callbackfunction:
/**
* Callback function for authorization and get user
*
* @param Request $request
* @return RedirectResponse
*/
public function callback(Request $request): RedirectResponse
{
$saltUser = SaltId::driver('saltid')->user();
$user = User::where('email',$saltUser->getEmail())->first();
if(!$user){
$user = new User;
$user->name = $saltUser->getName() ? $saltUser->getName() : $saltUser->getEmail();
$user->email = $saltUser->getEmail();
$user->password = bcrypt(123456);
$user->save();
}
Auth::login($user);
return redirect('/dashboard');
}
How to use SaltId package in API
Create your controller that manages sso auth SaltId with functions:
- import package :
use Teamupdivision\SaltId\Facades\SaltId;
- create
redirectfunction:
/**
* Redirect function to external call for authorization step
*
* @return JsonResponse
*/
public function redirect(): JsonResponse
{
$redirectTarget = SaltId::driver('saltid')->stateless()->redirect()->getTargetUrl();
return response()->json([
'data' => [
'redirectTarget' => $redirectTarget,
],
]);
}
- create
callbackfunction:
/**
* Callback function for authorization and get user
*
* @return JsonResponse
*/
public function callback(): JsonResponse
{
try {
$saltUser = SaltId::driver('saltid')->stateless()->user();
} catch (Throwable) {
return response()->json([
'message' => 'Code expired',
], 401);
}
if (User::where('email', $saltUser->getEmail())->doesntExist()) {
User::create([
'name' => $saltUser->getName() ?? $saltUser->getEmail(),
'email' => $saltUser->getEmail(),
'password' => Hash::make('password'),
]);
}
return response()->json([
'data' => [
'type' => 'Bearer',
'access_token' => $saltUser->token,
'refreshToken' => $saltUser->refreshToken,
'expiresIn' => $saltUser->expiresIn,
],
]);
}
How to use SaltId in manual mode
Create your controller that manages sso auth SaltId with functions:
- create
redirectfunction:
/**
* Redirect function to external call for authorization step
*
* @param Request $request
* @return RedirectResponse
*/
public function redirect(Request $request): RedirectResponse
{
$request->session()->put('state', $state = Str ::random(40));
$request->session()->put(
'code_verifier', $code_verifier = Str::random(128)
);
$codeChallenge = strtr(rtrim(
base64_encode(hash('sha256', $code_verifier, true))
, '='), '+/', '-_');
$query = http_build_query([
'client_id' => config('services.saltid.client_id'),
'redirect_uri' => config('services.saltid.redirect'),
'response_type' => 'code',
'state' => $state,
]);
return redirect(config('services.saltid.url').'oauth/authorize?'.$query);
}
- create
callbackfunction:
/**
* Callback function for authorization and get user
*
* @param Request $request
* @return RedirectResponse
*/
public function callback(Request $request): RedirectResponse
{
$state = $request->session()->pull('state');
$codeVerifier = $request->session()->pull('code_verifier');
throw_unless(
strlen($state) > 0 && $state === $request->state,
InvalidArgumentException::class
);
$response = Http::asForm()->post(config('services.saltid.url').'oauth/token', [
'grant_type' => 'authorization_code',
'client_id' => config('services.saltid.client_id'),
'client_secret' => config('services.saltid.client_secret'),
'redirect_uri' => config('services.saltid.redirect'),
'code_verifier' => $codeVerifier,
'code' => $request->code,
]);
if($response->failed()) {
$errorMessage = $response->body();
return redirect('/login')->with('error',str_replace('"', '', $errorMessage));
}
$saltUser = Http::withHeaders([
'Accept' => 'application/json',
'Authorization' => 'Bearer '.$response->json()['access_token']
])->get(config('services.saltid.url').'api/v1/me');
$user = User::where('email',$saltUser->json()['data']['email'])->first();
if(!$user){
$user = new User;
$user->name = $saltUser->json()['data']['email'];
$user->email = $saltUser->json()['data']['email'];
$user->password = bcrypt(123456);
$user->save();
}
Auth::login($user);
return redirect('/dashboard');
}
Important functions on user entity
| Function name | Result |
|---|---|
| getName() | Get user first name and last name from SaltId |
| getEmail() | Get user email from SaltId |
| getRole() | Get user role from SaltId |
| getCompany() | Get user company from SaltId |
| getRaw() | Get full profile of user from SaltId |