Download the PHP package accentinteractive/laravel-sso without Composer
On this page you can find all versions of the php package accentinteractive/laravel-sso. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download accentinteractive/laravel-sso
More information about accentinteractive/laravel-sso
Files in accentinteractive/laravel-sso
Package laravel-sso
Short Description Azure AD SSO (Single Sign On) login management for Laravel.
License MIT
Homepage https://github.com/accentinteractive/laravel-sso
Informations about the package laravel-sso
Azure AD SSO login management for Laravel
- Installation
- Register a new Azure AD application
- Config settings
Installation
You can install the package via composer:
Step 1
Step 2
Register your application with the Azure portal. You need a valid Microsoft account and the proper authorization for your company. For a full manual, see Registering a new Azure AD application.
Step 3
Once your have registered the application with Azure AD, add the proper credentials to your .env file. Get the proper IDs and secrets from https://portal.azure.com/
Step 4
Add the middleware to your 'web' middleware group to place all endpoints behind SSO, or to another group if you want to guard only several of your endpoints..
\Accentinteractive\LaravelSso\Http\Middleware\AuthenticateSSO::class,
For Laravel >10, place it in bootstrap/app.php.
For Laravel <=10, place it in app/Http/Kernel.php.
Step 5
Optionally you can publish the config file with:
Register a new Azure AD application
For Azure AD Single Sign On to work properly, you must supply the following Azure AD credentials in your .env file:
Application (client) ID
Directory (tenant) ID
Client Secret
Redirect URI
Important: your Client Secret has an expiration date. Before the secret expires, make sure to create another new secret and supply it in in .env, so you employees can continue to log using SSO. A good expiration time would be 12 or 24 months.
- To create the Azure AD Plan Ahead application. IDs and secrets, do the following;
- Go to Azure AD while logged in as Microsoft User for your organization: https://portal.azure.com/.
- Go to App Registrations (https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade).
- Click 'New Registration' to add your application.
- Enter a name.
- Select 'Accounts in this organizational directory only'.
- Click 'Register'.
- Make note of the
Application (client) ID
- Make note of the
Directory (tenant) ID
- Click 'Redirect URIs'.
- Under 'Web', click 'Add URI'.
- Enter the correct redirect URI (https://YOURDOMAIN.COM/login) and hit [ENTER]
- Make note of the redirect URL.
- Go back to the app Registration and click 'Client Credentials'.
- Click 'New Client Secret'.
- Enter a name for the secret.
- Choose an expiry period (maximum 24 months).
- Click 'Add'.
- Make note of the 'Value' for your Client secret. Important: You can only view a secret once, directly after creation.
- Go back to the app Registration and go to Manage › Manifest.
- In the XML, edit "allowPublicClient" to say false.
- In the XML, edit "oauth2AllowIdTokenImplicitFlow" to say true.
- Click Save.
- Before the secret expires, make sure to create another new secret and enter it to to your .env file in time, so you can continue to log with SSO.
Config settings
You can pass config settings to modify the behaviour.
You can also pass options directly.
Testing
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
Credits
- Joost van Veen
- All Contributors
License
The MIT License (MIT). Please see License File for more information.
All versions of laravel-sso with dependencies
illuminate/console Version ^6.0|^7.0|^8.0|^9.0|^10.0|^11.0
illuminate/filesystem Version ^6.0|^7.0|^8.0|^9.0|^10.0|^11.0
illuminate/support Version ^6.0|^7.0|^8.0|^9.0|^10.0|^11.0
thenetworg/oauth2-azure Version ^2.2