zanichelli / idp-extensions
Classes to interact with the Zanichelli identity provider
Installs: 2 443
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 4
Forks: 0
Open Issues: 0
Requires
- guzzlehttp/guzzle: ~7.0
- laravel/framework: ^6|^7|^8|^9|^10|^11
Requires (Dev)
- mockery/mockery: ^1.0
- orchestra/testbench: ^3.8
- phpunit/phpunit: ^8.0
This package is auto-updated.
Last update: 2024-04-19 10:08:17 UTC
README
This is Laravel package to use with laravel-jwt-idp (Github: https://github.com/ZanichelliEditore/laravel-jwt-idp).
How to integrate package in your project
Step 1 - Install by Composer
composer require zanichelli/idp-extensions
Note:
you should use tag instead of branch-name (e.g. "zanichelli/idp-extensions:V1.0.0" or "zanichelli/idp-extensions:dev-{branch-name}" )
Step 2 - .env file
Add this lines at bottom of your .env file:
IDP_URL=https://idp.zanichelli.it/loginForm
IDP_TOKEN_URL=https://idp.zanichelli.it/v1/user
IDP_LOGOUT_URL=https://idp.zanichelli.it/v1/logout
If you need to use your own login form (instead of the IDP one), please add this line too:
IDP_LOGIN_URL=https://idp.zanichelli.it/v4/login
Step 3 - auth.php editing
Edit config/auth.php
as follow:
- In
'defaults'
array change value of'guard'
from'web'
to'z-session'
Step 4 - publish migrations
There are 2 migration from this package, Grants table and Sessions Table.
php artisan vendor:publish
and select the "zanichelli/idp-extension" provider
Step 4.A - publish migrations (BREAKING CHANGES) after v3.0.*
There are 3 migrations from this package:
- Grants table
- Sessions Table
- Grants table key changes (Change role_id and department_id to role_name and department_name).
php artisan vendor:publish
Using the command below will only apply the changes about role_id and department_id
php artisan vendor:publish --tag=grants-by-name-instead-of-id
Use
php artisan vendor:publish --tag=grants-by-name-instead-of-id --force
if you need to overwrite grants table changes migration.
Step 5 - create route middleware and protect your routes
In Kernel.php file add "idp" in your routeMiddleware
'idp' => \Zanichelli\IdpExtension\Http\Middleware\IdpMiddleware::class,
Add to your route file (tipically web.php
) the new middleware idp
; code smells like this:
Route::group(['middleware'=>'idp'],function(){ Route::get('/', function(){ return view('home'); }); });
Extends IDP middleware
In order to edit retrive permissions or add extra parameter to user object you can extend default class IDP Middleware.
Class must implement following methods:
-
retrievePermissions
: this method take userId and roles array as input, here role-based permissions must be retrieved to output an array of strings with permissions; -
addExtraParametersToUser
: this method allow you to add extra parameters to the user object given as input.
After class creation, add in kernel.php
file the new middleware class in '$routeMiddleware'
array:
'idp' => \App\Http\Middleware\IdpMiddleware::class,
Logout idp
Create a logout route inside web.php
file using a logout method inside the controller.
Implement the code as follow:
Route::group(['middleware'=>'idp'],function(){ Route::get('logout', 'LoginController@logout'); });
Then define logout
:
use use Illuminate\Support\Facades\Auth; class LoginController extends Controller { ... public function logout() { return Auth::logout(); } }
Basics
With this integration you could use some Laravel's feature that allows to handle users and their authentication.
Auth
is authtentication class that Laravel ships for this purpose and allow access to following methods:
Auth::check()
: returnstrue
if a user is authenticated,false
otherwiseAuth::guest()
: returnstrue
if a user is guest,false
otherwiseAuth::user()
: returns aZUser
class instance,null
otherwiseAuth::id()
: returnsuserId
if authtenticated,null
otherwiseAuth::hasUser()
: returnstrue
if there's a ZUser in our current session,false
otherwiseAuth::setUser($ZUser)
: sets aZuser
in sessionAuth::attempt($credentials, $remember)
: try to login with IDP without using the login form, if success returnstrue
, otherwisefalse
Auth::logout()
: logout a user, returnredirect