Comments (6)
Totally understand the problem @nicolus. I'm currently working on the next major version and trying to solve this problem via "resolvers". You'll be able to either extend existing one or create your own. You can check out implementation here.
Let me know if that would solve the problem.
from laravel-saml2.
So to be clear, do you want to be able to adjust any configuration?
from laravel-saml2.
Yes, I would need to have individual configuration. I do have 2 onelogin/php-saml systems at the moment and about to add a 3. The first is connection to a Active Directory. the other two are for two SAP systems.
from laravel-saml2.
@brezzhnev @kw-pr : I think this is related to #43
And as I said there, it would be useful indeed to have a way to override any setting for a specific IdP (which was the case with aacotroneo/laravel-saml2.
What I ended up doing in the meantime is store the settings and create a new middleware that looks like this :
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Config;
use Slides\Saml2\Repositories\TenantRepository;
class OverrideSamlSpConfig
{
public function __construct(protected TenantRepository $tenants)
{
}
public function handle(Request $request, Closure $next)
{
if ($uuid = $request->route('uuid')) {
$config = $this->tenants->findByUUID($uuid)->metadata['saml2_config'] ?? [];
foreach(Arr::dot($config) as $path => $value) {
Config::set('saml2.' . $path, $value);
}
}
return $next($request);
}
}
That I include in the 'saml'
middlewares in App\Http\Kernel
:
'saml' => [
\Illuminate\Session\Middleware\StartSession::class,
\App\Http\Middleware\OverrideSamlSpConfig::class,
],
You also need to make sure that it's loaded before the resolver middleware with $middlewarePriority in the same Kernel file :
protected $middlewarePriority = [
\App\Http\Middleware\AuthenticateWithBearerToken::class,
\App\Http\Middleware\Authenticate::class,
\App\Http\Middleware\AddLogContext::class,
\App\Http\Middleware\OverrideSamlSpConfig::class,
\Slides\Saml2\Http\Middleware\ResolveTenant::class,
];
Then you can add the config in your idp metadata column like so :
{
"saml2_config": {
"security": {
"requestedAuthnContext": false
}
}
}
Hope that can help someone.
from laravel-saml2.
So the idea is that I would make my own classes that implement ResolvesIdentityProvider or ResolvesIdpConfig and then bind them in my AppServiceProvider so they replace the default ones ?
If so, that sounds perfect, thanks !
from laravel-saml2.
Yeah, almost like that, but instead of binding another dependency in the service provider, you would need to change the class reference using resolvers.config
in the config/saml2.php
I thought that would be easier, but DI is also an option to consider.
from laravel-saml2.
Related Issues (20)
- Question - Protecting routes
- Error message shown when IDP response validation is invalid is a Symfony TypeError instead of the real error HOT 3
- Questions about certificate expiration HOT 1
- Question: Where to add listeners for events? HOT 4
- Possible to use idpName instead of uuid? HOT 2
- Session is clearing when hitting the ACS route HOT 1
- Package routes are not getting registered (automatically) HOT 2
- Bug with saml_url ?
- Package doesn't generate the migration (Nothing to migrate) HOT 2
- Is it possible to close the page after success? HOT 1
- ACS url troughing error HOT 1
- How do I suggest a username to IDp?
- Question: Redirect to intended URL after successful login HOT 2
- AADSTS700016: Application with identifier '....' was not found in the directory '...'. HOT 3
- Authed user and session data not persisting after successful sign in redirect HOT 1
- redirect issue
- Laravel 11 support HOT 3
- MS Azure SSO with muti tenant
- WantAssertionsSigned HOT 1
- Invalid audience for this Response
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from laravel-saml2.