Download the PHP package aleszatloukal/active-directory without Composer
On this page you can find all versions of the php package aleszatloukal/active-directory. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download aleszatloukal/active-directory
More information about aleszatloukal/active-directory
Files in aleszatloukal/active-directory
Package active-directory
Short Description Provides connectivity to Active Directory implementations
License Apache-2.0
Informations about the package active-directory
Magium Active Directory Integration
For stupid-easy PHP integration with Azure Active Directory.
This is a simple library that uses the league/oauth2-client
to provide OAuth2 based integration with Active Directory. Out of the box it is configured to work with Active Directory on Azure but, though I haven't tested it, you can provide a different configuration object to the primary adapter and you should be able to authenticate against any Active Directory implementation as long as it has OAuth2 connectivity.
There are two purposes (well, three) for library.
- Provide sub-5 minute installation and integration times for any PHP-based application
- Provide a launching pad for other third-party integrations to Microsoft Azure Active Directory, such as Magento, Drupal, Oro, or whatever.
- (provide libraries that use other Magium libraries so people can see how awesome all the Magium stuff is)
First, watch the installation video on YouTube. It shows you how to create an application in Azure Active Directory. A big part of the installation is going to the Microsoft Application Console at https://apps.dev.microsoft.com. That is where you are going to get all of your authentication keys and such.
Note Azure will not redirect from a secure URL (i.e. their login page) to an unsecure page (i.e. your page). No HTTPS to HTTP in other words. In yet other words, if you use Azure you will need to also use HTTPS. Though there are worse things in the world... like not using HTTPS.
Basic Usage
Anywhere in your application that requires authentication you can provide this code (properly architected, not cut and paste, in other words):
The authenticate()
method will do 1 of 3 things.
- Check the session and see that the user is not logged in, forwarding that person to their Azure Active Directory login page
- Validate return data from Active Directory
- Simply return the
Entity
object if the person is already logged in.
If you want to log out all you do is:
Not that this only purges the AD entity from the session, it does not do any other session cleanup for your application.
Clearly this library is not intended to be your only means of session management, though, for simple applications, you could use it that way. Most likely you will want to take the data retrieved from AD and link it to a local account. The Entity
class has 3 defined getters to help you do this mapping:
Installation
Done.
Configuration
This is a little more in-depth, but it shouldn't be overly complex.
The base configuration is managed by the Magium Configuration Manager, out of the box. But, that said, the MCM has a really simple mechanism that allows you to not use the underlying plumbing. I believe that the underlying plumbing will eventually make application management easier, but I'm not going to force it on you.
Configuration using the Magium Configuration Manager
The configuration manager provides the means to manage and deploy settings at runtime in both a CLI and (eventually) a web-based interface. If you are using the configuration manager you need to get an instance of the configuration factory, which provides an instance of the manager, which provides the configuration object. The ActiveDirectory
adapter requires that configuration object.
First, in your application root directory run vendor/bin/magium magium:configuration:list-keys
. This is done after you have configured the MCM according to its instructions in the GitHub link. You will see output like this:
You will need to provide those two values for the configuration:
And you should be good to go.
Achtung!!! The defaults for the adapter will allow anyone with a Microsoft ID to access your system, kind of like allowing any Twitter user access your system if they have a valid Twitter account. If you are looking to authenticate against your own Active Directory instance make sure you provide the Directory ID for the directory you will to validate against. All of the following examples include the directory configuration key, whose default is "common". Make sure you are authenticating not just against the correct application with the client_id, but also the correct directory with the directory key.
Configuration using PHP Arrays
Now, I know the MCM is new and you probably aren't using it. That's why I provided a way for you configure the adapter without using the full-blown MCM. You can use the Magium\Configuration\Config\Repository\ArrayConfigurationRepository
class to provide a raw array that will be mapped to the two configuration settings magium/ad/client_id
and magium/ad/client_secret
Configuration using YAML
Pretty much the same, but rather than using the ArrayConfigurationRepository
you will use the YamlConfigurationRepository
. It's pretty similar:
Configuration using JSON
Pretty much the same, but rather than using the YamlConfigurationRepository
you will use the JsonConfigurationRepository
. It's pretty similar:
Configuration using INI Files
Pretty much the same, but rather than using the JsonConfigurationRepository
you will use the IniConfigurationRepository
. It's pretty similar:
All versions of active-directory with dependencies
league/oauth2-client Version ^2.6
microsoft/microsoft-graph Version ^1.29
zendframework/zend-psr7bridge Version ^1.2