Download the PHP package heptacom/shopware-platform-admin-open-auth without Composer

On this page you can find all versions of the php package heptacom/shopware-platform-admin-open-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package shopware-platform-admin-open-auth

SSO login for shopware platform administration

This is part of HEPTACOM solutions for medium and large enterprise

Shopware plugin to allow external login provider in the administration

Packagist Version PHP from Packagist GitHub code size in bytes GitHub issues GitHub forks GitHub stars GitHub watchers Packagist

GitHub contributors GitHub commit activity

This Shopware 6 plugin allows to add "Login with" functionality into the Shopware administration login page and password confirmation dialogs.

Features

Security

The login to the Shopware administration is a critical part. Security vulnerabilities in this part allow attackers access to the whole shop.

Therefore, we check our plugin critically for potential risks before merging pull requests.

In addition, our OpenId Connect implementation also checks the signature of JWT tokens, whenever possible. When using a pre-configured OpenID Connect provider or when providing a OIDC metadata document, the JWKS keys are automatically fetched from the IDP.

Supported providers

We support a variety of identity providers out of the box. If your identity provider is not listed below but offers OpenID Connect support, you can configure it manually using the OpenID Connect provider. In any other case feel free to create a pull request.

Provider supports language sync supports timezone sync supports role assignment by roles/groups more info
Atlassian Jira
Read more here.
cidaas
⚠️ Read more here.
Google Cloud
⚠️ Read more here.
JumpCloud depends on configuration depends on configuration Read more here.
Keycloack
depends on configuration ⚠️ Read more here.
Microsoft Entra ID
Read more here.
Okta
⚠️ Read more here.
OneLogin
⚠️ Read more here.
OpenID Connect
depends on configuration depends on configuration ⚠️ Try any OpenID Connect provider, that we did not explicitly prepare an optimized configuration for.
SAML2
depends on configuration depends on configuration Try any SAML2 provider, that we did not explicitly prepare an optimized configuration for.

⚠️ supported using authorized request rule

SAML2 - Technical requirements

In case you want to use a SAML2 provider, your IdP must meet the following requirements:

OpenID Connect - Authenticated request rule

When using an OpenID Connect based provider, you can assign roles that depend on an authenticated GET request, done with the user's access token. This way you can get any further information from the IDP, that is relevant for your specific case. For some providers a preset for retrieving the user's groups is already available.

In case you want to create more complex rules, you can build your own queries within the rule builder. The queries get the JSON, returned by the specified endpoint, as input.

Authenticated request

Your specified endpoint will be called as follows:

The request must be encrypted (HTTPS) and will timeout after 5 seconds. In case of a timeout or a none successful response code, the condition will be evaluated as false.

In case you have multiple conditions, depending on the same endpoint, the request will only be done once. The response is cached in memory for the duration of the rule evaluation.

Processing the response

You can then use a JMESPath query to validate if the input JSON matches your rule.

It is recommended that your query results in a boolean. In case it results in a different type, the condition will be validated as follows:

Output type Output value Validation result
boolean true true
boolean false false
string empty false
string non-empty true
number 0 false
number 1 (or grater) true
array empty false
array non-empty true
object empty false
object non-empty true
null null false

Changes

View the CHANGELOG file attached to this project.

Contributing

Thank you for considering contributing to this package! Be sure to sign the

License

Copyright 2020 HEPTACOM GmbH

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this project except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 or see the local copy.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Trademarks and Logos

All logos, available in this project are protected under copyright. Most of them also are registered trademarks. Therefore, the usage is only permitted when corresponding trademark/branding guidelines are fulfilled. You can find an archived link to these guidelines below.

Atlassian Jira

cidaas

Google

Keycloak

Microsoft Entra ID

Okta

OneLogin

The One Identity logo is a registered trademark of One Identity, Inc.

OpenID Connect


All versions of shopware-platform-admin-open-auth with dependencies

PHP Build Version
Package Version
Requires php Version >=8.2.0
ext-json Version *
ext-mbstring Version *
ext-openssl Version *
ext-zlib Version *
composer/composer Version ^2.7
doctrine/dbal Version ^3.8
guzzlehttp/guzzle Version ^7.5
guzzlehttp/psr7 Version ^2.4
league/oauth2-client Version ^2.0
league/oauth2-server Version ^8.5
mrjoops/oauth2-jira Version ^0.2.4
mtdowling/jmespath.php Version ^2.7
nyholm/psr7 Version ^1.5
onelogin/php-saml Version ^4.1.0
psr/cache Version ^3.0
psr/http-client Version ^1.0
psr/http-message Version ^2.0
psr/log Version ^3
shopware/core Version ^6.6.0
web-token/jwt-core Version ^3.2
web-token/jwt-signature Version ^3.2
web-token/jwt-signature-algorithm-ecdsa Version ^3.2
web-token/jwt-signature-algorithm-rsa Version ^3.2
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package heptacom/shopware-platform-admin-open-auth contains the following files

Loading the files please wait ....