This package can be used to quickly add authentication against SAML2 identity providers to your Laravel application. This package thus makes your Laravel application a SAML2 service provider.
Please note that this package is based on onelogin/php-saml. It is similar to aacotroneo/laravel-saml2 but as easy to use as laravel/socialite. It also tries to resemble the default Laravel authentication under the hood.
You can install the package via composer:
composer require lukasmu/laravel-samliteAfter installing the package make sure to set some environmental variables. For example, when you want to use Microsoft Azure as identity provider, please set up the following environmental variables:
SAML_IDP_AZURE_AD_IDENTIFIER=
SAML_IDP_AZURE_LOGIN_URL=
SAML_IDP_AZURE_LOGOUT_URL=
SAML_IDP_AZURE_CERT=If your environmental file does not yet contain the variables SAML_SP_PRIVATE_KEY and SAML_SP_CERT also run:
php artisan saml:setupYou then want to create a Controller that extends the authentication controller that ships with this package. Here is an example.
<?php
namespace App\Http\Controllers;
use LukasMu\Samlite\Http\Controllers\SamlController;
use LukasMu\Samlite\SamlAuth;
class AuthenticationController extends SamlController
{
public function loginUser(SamlAuth $saml_auth)
{
$mail = $saml_auth->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress')[0];
$name = $saml_auth->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname')[0];
$user = User::where('email', $mail)->first();
if (!$user) {
$user = new User;
$user->name = $name;
$user->email = $mail;
$user->password = md5(rand(1,10000));
$user->save();
}
$this->guard()->loginUsingId($user->id);
}
}Finally, register your controller by placing another environmental variable:
SAML_CONTROLLER="App\Http\Controllers\AuthenticationController"You can publish the config file with:
php artisan vendor:publish --provider="LukasMu\Samlite\SamlServiceProvider" --tag="config"Feel free to set the appropriate environmental variables (or edit the config file) in order to add your preferred identity providers.
You can run all tests via composer as well:
composer testPlease see CHANGELOG for more information what has changed recently.
Please see CONTRIBUTING for details.
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
You are free to use this package, but if it makes it to your production environment we highly appreciate you sending us a postcard from your hometown. The address is: Lukas Müller, Dirklangendwarsstraat 5, 2611HZ Delft, The Netherlands.
The MIT License (MIT). Please see LICENSE for more information.