uicosss/laravel-shibboleth

Enable basic Shibboleth support for Laravel 5.x. Forked from razorbacks/laravel-shibboleth.

Maintainers

Details

github.com/uicosss/laravel-shibboleth

Source

Issues

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 1

v11.0.3 2025-05-01 21:36 UTC

Requires

Requires (Dev)

MIT 428cdfffed4399b6c7d708e7bd9de8a065070ef6

  • Christopher Maio <cjmaio.woop@uwm.edu>
  • Michael Schuett <michaeljs1990.woop@gmail.com>
  • Taylor Donald Harvey Smith <smit2482.woop@uwm.edu>
  • Jeff Puckett <jpucket.woop@uark.edu>
  • Daniel Paz-Horta <dpaz.woop@uic.edu>

This package is auto-updated.

Last update: 2025-05-07 21:29:07 UTC

README

Forked from razorbacks/laravel-shibboleth for use at The University of Illinois at Chicago. This package provides Shibboleth authentication for Laravel at UIC.

Code Coverage

Pre-Requisites

In order to use this plugin, we assume you already have a pre-existing Shibboleth SP and Shibboleth IdP configured. This does not (and will not) go into explaining how to set that up.

Installation

Use composer to require the latest release into your project:

composer require dpazuic/laravel-shibboleth

If you're running Laravel >= 5.5, then you can skip this step, otherwise you will need to manually register the service provider in your config/app.php file within the Providers array.

StudentSystemServices\Shibboleth\ShibbolethServiceProvider::class,

If you you would like to use the emulated IdP via shibalike, then you will need to manually register it on any version - this is not automatically loaded even in Laravel 5.5.

StudentSystemServices\Shibboleth\ShibalikeServiceProvider::class,

Publish the default configuration file:

php artisan vendor:publish --provider="StudentSystemServices\Shibboleth\ShibbolethServiceProvider"

Change the driver to shibboleth in your config/auth.php file.

'providers' => [
    'users' => [
        'driver' => 'shibboleth',
        'model'  => App\User::class,
    ],
],

Now users may login via Shibboleth by going to https://example.uic.edu/shibboleth-login and logout using https://example.uic.edu/shibboleth-logout so you can provide a custom link or redirect based on email address in the login form.

@if (Auth::guest())
    <a href="/shibboleth-login">Login</a>
@else
    <a href="/shibboleth-logout">
        Logout {{ Auth::user()->name }}
    </a>
@endif

You may configure server variable mappings in config/shibboleth.php such as the user's first name, last name, entitlements, etc. You can take a look at them by reading what's been populated into the $_SERVER variable after authentication.

<?php print_r($_SERVER);

Mapped values will be synced to the user table upon successful authentication.

Declare Login Route

By convention, laravel assumes a route named login exists to redirect unauthenticated requests.

This package names its route shibboleth-login because it's designed to work alongside other authentication providers, such as the default scaffolding provided by artisan. But if this is the only authentication provider, then that name will need to be manually declared. e.g.

Route::name('login')->get('/login', '\\'.Route::getRoutes()->getByName('shibboleth-login')->getActionName());

or more readable, but with a redirect:

Route::redirect('/login', '/shibboleth-login')->name('login');

Local Users

This was designed to work side-by-side with the native authentication system for projects where you want to have both Shibboleth and local users. If you would like to allow local registration as well as authenticate Shibboleth users, then use laravel's built-in auth system.

php artisan make:auth