Download the PHP package scolmore/zerotrust without Composer
On this page you can find all versions of the php package scolmore/zerotrust. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download scolmore/zerotrust
More information about scolmore/zerotrust
Files in scolmore/zerotrust
Package zerotrust
Short Description A package to add Azure active directory as a middleware security wrapper around your application.
License MIT
Homepage https://github.com/scolmore/zero-trust
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package zerotrust
ZeroTrust
Zero trust is a Laravel middleware that provides an authentication middleware wrapper for your enterprise application using Azure active directory, allowing you to take advantage of account restrictions and 2FA (if enabled in your AD) without having to touch your applications' authentication.
With the middleware added to your route(s), the user will be greeted with a login selection page (if more than one directory is added) or sent directly to the Microsoft login page.
Setting up Microsoft Azure Active Directory
To setup your Azure AD for use with this package, you can follow the following guide HERE from Microsoft.
For your callback URL, you will need to use https://yourdomain.com/zero-trust/callback.
Installation
Via Composer
Publish the configuration and views
Usage
Configuration
The following will need to be added to your .env file:
Middleware
Add the middleware to the required route(s)/route groups.
Automatic login
If you want to attempt to automatically log the user in, set ZEROTRUST_AUTO_LOGIN=true in your .env file.
This will perform a lookup on the Microsoft signed-in user on your User modal against the email column, if one is found the user will be logged in to your application.
The User modal and email column can be changed in the configuration file.
Restricted domains
You may have a Microsoft Active Directory that has many different domains, and for your particular application, you want to restrict this.
Lets say your AD has the following domains:
- example.com
- foo.com
- bar.com
You want, foo.com and bar.com to have access, but not example.com. To do this simply add the following to you .env file:
Now when a user from example.com tries to login, they will be refused access and be displayed with the following screen.
Logging out
When a user logs out, you may also want to log them out of the Microsoft account at the same time. To do this, replace
your Laravel logout method that calls route('logout') with route('zero-trust.logout').
Extending the middleware
If you would like to perform additional actions when a user is authenticated or a restricted domain tries to login, you can extend the middleware from your own middleware.
For example, perhaps you want to log the access with the Spatie activity log.
In that case, create a new middleware, extend the ZeroTrust middleware and override the completed method.
ZeroTrustMiddleware.php
Change log
Please see the changelog for more information on what has changed recently.
Testing
Security
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
Credits
License
MIT. Please see the license file for more information.
