I'm currently developing an app using Laravel. What I want to do, is to link this app to a SugarCRM app.
A simple workflow could be this:
User arrives to the app (Laravel app), enters its credentials
-> Credentials are sent to SugarCRM
-> if credentials are ok, the user is logged into the Laravel app.
Long story short, SugarCRM is used for the authentication to my Laravel App.
To do this, I developed a custom driver to my Laravel app.
The problem is:
If I quote the Laravel doc about custom Auth driver:
retrieveByCredentials: This method should not attempt to do any password validation or authentication.
Laravel Auth system requires to check first if the user exists in the base, with "no attempt to do any password validation or authentication".
But to do any kind of request to SugarCRM, I must authenticate first.
How should I deal with this without writing too dirty code?
What the docs mean there is that function shouldn't validate or authenticate credentials for your application. So if that function is called it shouldn't log that user in, but just return their credentials.
Its fine to authenticate to your external service so you can interact with their API.
Related
I'm trying to integrate an azure b2c provider with laravel socialite.
I already add socialite and additional azure provider from socialiteproviders.com
I edited the Provider.php class to change the getAuthUrl schema in order to use tenant instead login.microsoftonline.com and it works fine:
The login page shown and redirected then to setup callback.
In the callback authorization code arrives but the socialite can't use it to obtain the idToken.. (I can calling explicity ../oauth2/v2.0/token but I think that socialite must to take care of it..)
And if I call
\Laravel\Socialite\Facades\Socialite::driver('azure')->setConfig($config)->stateless()->user()
I got error from microsoft graph
Or.. if I got manually the idToken and call \Laravel\Socialite\Facades\Socialite::driver('azure')->setConfig($config)->stateless()->userFromToken()
it is not recognized.
What's wrong in my flow? Any suggestions to integrate azure b2c in laravel with socialite?
I am developing a web app using Laravel, But I have to integrate the mobile application in the future. Now I want to ass API Authentication passport. I am a little bit confused how passport API handle multi auth system form multiple user and permission systems. Currently, I am using Laravel default auth to handle user. Is there any library for Laravel multi auth using API Authentication passport??
The thing you have to understand about Passport is that it is nothing more than a Laravel wrapper of the oAuth2 framework, specifically this implementation: https://github.com/thephpleague/oauth2-server
As such, you must understand how the different oAuth2 grant types work. I recommend reading up on oAuth2 to familiarize yourself with the concepts (I personally found this site to be the most helpful for understanding the different grant types: http://www.bubblecode.net/en/2016/01/22/understanding-oauth2/).
Specifically to your question, take a look at Password Grant Tokens (https://laravel.com/docs/5.6/passport#password-grant-tokens) for use in a mobile app. Once you have your token, Laravel handles all the Authentication behind the scenes and you can use Auth::user() as you would normally, assuming you have Passport set up and configured correctly; the user is tied to the token and is independent of any other token and any logged in user.
As for permission systems, Passport uses scopes (https://laravel.com/docs/5.6/passport#token-scopes) which is a handy way of limiting what routes your tokens have access to. Aside from that, permission management for the Auth::user() is the same as any other user using your application.
EDIT:
Passport scopes are used to lock down routes, so they can be used. However, Passport is only concerned with authentication (ie, is this user valid) and NOT with authorization (ie, what can this user do). How you authorize users to do different things is 100% independent of Passport and is up to your web app.
everyone!
In my app I want to have an abily to login from account in social networks as well as from accounts registered localy and have access to the same database on my server.
What I mean:
Scenario 1:
User pressed "login with facebook"
-> Get access to application features
Scenario 2:
User pressed "login with account registred localy on my server"
-> Get access to application features
If I login from local account then it's easy to check auth data and grant access.
If I login in my app from twitter for example and got their tokens, how could I use them to access data on my server?
I found information only about how to make local login using Passport or using social services using Socialite but not both at the same time.
Well, turns out, it's actually easy to implement using only Socialite with standart auth. I misunderstood the concept of oauth so there is no need for passport at all.
There are two API. The first is responsible for the authentication user, the second for a local project. Local project does not create an account. How to enable the user to log in local project using the first API?
Maybe
On the client login window appears, enter the login password. Dispatched at the API project:
api.project.com/login .....
API project sends data to the authorization API
api.сompany.com / login .....
If everything is fine - it returns "OK", and then issues a token API project and the client has been working with it.
The goal to make a common account for all projects. But how to implement API - I do not understand
Thanks!
I'm writing a PHP web application on Laravel 4 that does user authentication with my university's CAS (Central Authentication Server). I am using this package to do the CAS authentication: http://packalyst.com/packages/package/xavrsl/cas
Here is my configuration file for the CAS authentication: CAS Config
Here is my 'User' model that is referenced in the CAS Config: User Model
My current problem is actually checking the authentication itself after the user has logged in (using a simple check, if isAuthenticated() echo "Authenticated"). Laravel throws this error when trying to use the isAuthenticated function: Laravel Error and Exception thrown.
Background about how the authentication should work: Since no passwords are stored in the application database (just in the CAS), I'm planning on checking the authentication via CAS, and then associating their ULID (university username) with a permission setting using the Entrust package (Entrust).
Is this a feasible way to do the authentication and then control user permissions? Normally user authentication and permissions wouldn't be such a problem for me, but adding CAS into the equation is just making this a bit tough, especially with me being new to Laravel.
Found the solution to my problem. I removed the 'User' from the cas_uri in the config and everything works A-OK now.