Download the PHP package rootinc/laravel-saml2-middleware without Composer

On this page you can find all versions of the php package rootinc/laravel-saml2-middleware. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-saml2-middleware

Laravel Saml2 Middleware

Provides Saml2 Authentication Middleware for a Laravel App. If you like this, checkout Laravel Azure Middleware

Normal Installation

  1. composer require rootinc/laravel-saml2-middleware
  2. run php artisan vendor:publish --provider="RootInc\LaravelSaml2Middleware\Saml2ServiceProvider" to install config file to config/saml2.php
  3. In our routes folder (most likely web.php), add

  4. In our App\Http\Kernel.php add 'saml2' => \RootInc\LaravelSaml2Middleware\Saml2::class, most likely to the $routeMiddleware array.
  5. In our .env optionally add SAML2_STRICT, SAML2_SAML2_PROXY_VARS. If not added, these values will default to true.
  6. In our .env add SAML2_IDP_ENTITYID, SAML2_IDP_SSO, SAML2_IDP_SLO and SAML2_IDP_x509.
  7. In our .env optionally add SAML2_SP_NAME_ID_FORMAT, SAML2_SP_ENTITY_ID, SAML2_SP_SSO, SAML2_SP_SLO, SAML2_SP_x509, SAML2_SP_PRIVATE_KEY. These values are only required to override if the default config does not suffice.
  8. In our App\Http\Middleware\VerifyCsrfToken.php add '/login/saml2callback' //original saml2 didn't protect anything. Since this is a POST for SAML2, the tokens will of course not match. Thus, we need to ignore to the $except array.
  9. Add the saml2 middleware to your route groups on any routes that needs protected by auth and enjoy :tada:
  10. If you need custom callbacks, see Extended Installation.

Routing

Route::get('/login/saml2', '\RootInc\LaravelSaml2Middleware\Saml2@saml2'); First parameter can be wherever you want to route the saml2 login. * Change as you would like.

Route::post('/login/saml2callback', '\RootInc\LaravelSaml2Middleware\Saml2@saml2callback'); First parameter can be whatever you want to route after your callback. * Change as you would like.

Route::get('/logout/saml2', '\RootInc\LaravelSaml2Middleware\Saml2@saml2logout'); First parameter can be whatever you want to route after your callback. * Change as you would like.

Route::post('/logout/logoutcallback', '\RootInc\LaravelSaml2Middleware\Saml2@logoutcallback'); First parameter can be whatever you want to route after your callback. * Change as you would like.

Metadata

As of of v0.2.0, we added the ability to get the metadata. Simply add:

Route::get('/saml2/metadata', '\RootInc\LaravelSaml2Middleware\Saml2@saml2metadata'); First parameter can be whatever you want to route for the metadata. * Change as you would like.

Extended Installation

The out-of-the-box implementation let's you login users. However, let's say we would like to store this user into a database, as well as login the user in with Laravel Auth. There are two callbacks that are recommended to extend from the Saml2 class called success and fail. The following provides information on how to extend the Root Laravel Saml2 Middleware Library:

  1. To get started (assuming we've followed the Normal Installation directions), create a file called AppSaml2.php in the App\Http\Middleware folder. You can either do this through artisan or manually.
  2. Add this as a starting point in this file:

The above gives us a way to add/update users after a successful handshake.  $profile contains all sorts of metadata that we use to create or update our user. The default implementation redirects to the intended url, or /, so we call the parent here. Feel free to not extend the default and to redirect elsewhere.

  1. Our routes need to be updated to the following:

As of v0.2.0, if using the metadata route, we'll want to update to be: Route::get('/saml2/metadata', '\App\Http\Middleware\AppSaml2@saml2metadata');

  1. Finally, update Kernel.php's saml2 key to be 'saml2' => \App\Http\Middleware\AppSaml2::class,

Service Provider Options Override

As of v0.2.0, we added options for overriding the default behavior for the service provider. The defaults should generally work well for our app. However, configuration is always beneficial. Here are those keys and their default values:

It's important that if we are not following the naming conventions of the readme, that we update SAML2_SP_ENTITY_ID, SAML2_SP_SSO, SAML2_SP_SLO values.

Other Extending Options

Callback on Every Handshake

A callback after every successful request (handshake) is available for Saml2. The default is to simply call the $next closure. However, let's say we want to update the user. Here's an example of how to go about that:

Building off of our previous example from Extended Installation, we have a user in the Auth now (since we did Auth::login in the success callback). With the user model, we can update the user's updated_at field. The callback should call the closure, $next($request); and return it. In our case, the default implementation does this, so we call the parent here.

Custom Redirect

The ability to customize the redirect method is available for Saml2. For example, if the session token's expire, but the user is still authenticated with Laravel, we can check for that with this example:

Different Login Route

The ability to change the $login_route in the middleware is available for Saml2. Building off Extended Installation, in our AppSaml2 class, we can simply set $login_route to whatever. For example:

The above would now set $login_route to / or root.

Getting / Overriding the Saml2 Route

The ability to get the Saml2 URL is available for Saml2. For example, let's say we wanted to modify the Saml2 URL so that it also passed the user's email to Saml2 as a parmater. Building off Extended Installation, in our AppSaml2 class, we could do something like this:

Testing with Laravel Saml2 Middleware

We can integrate with Laravel's tests by calling actingAs for HTTP tests or loginAs with Dusk. This assumes that we are using the Auth::login method in the success callback, shown at Extended Installation. There is no need to do anything in our AppSaml2 class, unless we needed to overwrite the default behavior, which is shown below:

The above will call the class's redirect method, if it can't find a user in Laravel's auth. Otherwise, the above will call the class's handlecallback method. Therefore, tests can check if the correct redirection is happening, or that handlecallback is working correctly (which by default calls $next($request);).

Contributing

Thank you for considering contributing to the Laravel Saml2 Middleware! To encourage active collaboration, we encourage pull requests, not just issues.

If you file an issue, the issue should contain a title and a clear description of the issue. You should also include as much relevant information as possible and a code sample that demonstrates the issue. The goal of a issue is to make it easy for yourself - and others - to replicate the bug and develop a fix.

License

The Laravel Saml2 Middleware is open-sourced software licensed under the MIT license.


All versions of laravel-saml2-middleware with dependencies

PHP Build Version
Package Version
Requires php Version >=7.3
laravel/framework Version >=5.4.0
onelogin/php-saml Version ^4
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package rootinc/laravel-saml2-middleware contains the following files

Loading the files please wait ....