Shibboleth authentication typically results in the identity provider setting a bunch of server variables after successful authentication. This is a Laravel 5.0+/PHP 5.4+ package helps with converting those server tokens into Laravel User Table fields so that regular Laravel semantics of authentication can be followed.
Note that shib auth must already have occured - usually using directives in the .htaccess file.
The included middleware checks the user table and
- If a matching user is NOT found, it creates a new user row
- If a user is found in the users table, the corresponding user record is retrieved
- The user is then logged in to the application using Auth::login($user)
require the package via composer
$ composer require mnshankar/laravel-shib-authNext, setup the service provider. This allows you to modify the config file (the default tokens are specific to UF implementation of Shibboleth)
In your config/app providers array, add:
'mnshankar\Shib\ShibAuthServiceProvider',You must insure that
- The mapped fields exist in your users table.
- Shibboleth sets valid values for all tokens specified (else exception is thrown)
- "password" field in the users table must be nullable as we will not be using it.
Edit your http kernel.php file to include the shib middleware from the package like so:
'shib'=>'mnshankar\Shib\Middleware\ShibAuth',Now, you can use the middleware either from the controller or from your route.
-
In your controller:
function __construct() { $this->middleware('shib'); }
-
In your route:
Using Laravel 5.0
Route::get('my/page', ['middleware' => 'shib', function() { // }]);
Using Laravel 5.1+
You can continue using Laravel 5.0 style.. or use chaining:
Route::get('/', function () { // })->middleware(['shib']);
You may also use route groups. Please look up Laravel documentation on Middleware to learn more https://laravel.com/docs/5.2/middleware
You can customize the configuration options by publishing them
php artisan vendor:publish --provider="mnshankar\Shib\ShibAuthServiceProvider"