Meet us at WordCamp Europe | ShopTalk | DrupalCon Conferences to explore our solutions. Know More
OAuth Single Sign-On (SSO) For Laravel using Laravel Passport As OAuth Provider
OAuth Single Sign-On (SSO) For Laravel using Laravel Passport As OAuth Provider
Laravel OAuth Single Sign-On (SSO) plugin gives the ability to enable OAuth Single Sign-On for your laravel applications. Using Single Sign-On you can use only one password to access your laravel application and services. Our plugin is compatible with all the OAuth compliant Identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between Laravel and Laravel Passport considering Laravel Passport as OAuth provider. To know more about other features we provide in Laravel OAuth client single-sign-on-sso plugin, you can click here.
Installation Laravel Oauth Client
- Open a Command Prompt window and change the working directory to your Laravel app's main directory and install the Laravel OAuth plugin using below command.
-
composer require miniorange/oauth-laravel-free - After successful installation of package, go to your Laravel app in the browser and enter
{laravel-application-domain}/mo_oauth_admin - The package will start setting up your database for you and then redirect you to the admin registration page.
- Register or log in with your miniOrange account to configure the plugin.
- After login, you will see the OAuth provider Settings option, where you will get the Redirect/Callback URL. Keep it handy as it will be required later to configure Laravel Passport Single Sign-On (SSO).
Steps to configure Laravel Passport Single Sign-On (SSO) Login into Laravel
1. Configure Laravel Passport as OAuth Provider
- Install laravel passport using below command
- Go to config/app.php and add below provider
- Run php artisan migrate command
- Run php artisan passport:install command
- Go to app/Models/User.php model class, add HasApiTokens trait to the code:
composer require laravel/passport
Laravel\Passport\PassportServiceProvider::class
namespace App;
use Laravel\Passport\HasApiTokens;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class User extends Authenticatable
{
use HasApiTokens, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
namespace App\Providers;
use Laravel\Passport\Passport;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Support\Facades\Gate;
class AuthServiceProvider extends ServiceProvider
{
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
// 'App\Model' => 'App\Policies\ModelPolicy',
];
/**
* Register any authentication / authorization services.
*
* @return void
*/
public function boot()
{
$this->registerPolicies();
Passport::routes();
//
}
}
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
'hash' => false,
],
],
<?php
namespace App\Http\Controllers;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\User;
use Auth;
class UserController extends Controller
{
public function get(Request $request)
{
$user_id = Auth::id();
$user = User::find($user_id);
return $user;
}
}
//For Laravel below 8 and migrated to the 8 version:
Route::middleware('auth:api')->get('/user/get', 'UserController@get');
OR
//For Laravel 8 new users:
use App\Http\Controllers\UserController;
Route::middleware('auth:api')->get('/user/get', 'App\Http\Controllers\UserController@get');
Which user ID should the client be assigned to?:
> 1
What should we name the client?
> Demo OAuth2 Client Account
Where should we redirect the request after authorization?
[http://localhost/auth/callback]
> Click Here to copy the Redirect URL.
New client created successfully.
Client ID: 1
Client secret: zMm0tQ9Cp7LbjK3QTgPy1pssoT1X0u7sg0YWUW01
2. Configure Laravel OAuth client plugin for Laravel Passport
- Go to the miniOrange Laravel OAuth SSO plugin and click on Choose Laravel Passport as OAuth provider.
- Enter the Client ID and Client Secret from Laravel Passport App.
- Please refer the below table for configuring the Scope and Endpoints .
- You can send the client credentials in header or body and also send state parameter accordingly also enter login attribute as per your requirement.
- Click on save settings button. After that, Click on test configuration button. you will get the list of Attribute Names and Attribute Values that are sent by your OAuth provider
| Scope: | Leave the Scope Field empty |
| Authorize Endpoint: | http://your-laravel-site-url/oauth/authorize |
| Access Token Endpoint: | http://your-laravel-site-url/oauth/token |
| Get UserInfo Endpoint: | http://your-laravel-site-url/api/user/get |
3. SSO Options
- You can also use a link to login via your OAuth/OpenID provider.
- This link is in the format:
{laravel-application-domain}/ssologin.php?option=oauthredirect
In this Guide, you have successfully configured Laravel Passport Single Sign-On (SSO) using Laravel as OAuth Client. This solution ensures that you are ready to roll out secure access to your Laravel site using Laravel Passport login credentials within minutes.
Additional Resources
×
![ADFS_sso]()
Trending searches:
Hello there!
Need Help? We are right here!
