├── .gitignore ├── .styleci.yml ├── LICENSE.md ├── README.md ├── composer.json ├── config └── laravel-sso.php ├── database └── migrations │ └── 2018_03_01_073503_create_brokers_table.php └── src ├── Commands ├── CreateBroker.php ├── DeleteBroker.php └── ListBrokers.php ├── Controllers └── ServerController.php ├── Exceptions └── MissingConfigurationException.php ├── LaravelSSOBroker.php ├── LaravelSSOServer.php ├── Middleware └── SSOAutoLogin.php ├── Models └── Broker.php ├── Resources └── UserResource.php ├── Routes └── server.php └── SSOServiceProvider.php /.gitignore: -------------------------------------------------------------------------------- 1 | build 2 | composer.lock 3 | vendor -------------------------------------------------------------------------------- /.styleci.yml: -------------------------------------------------------------------------------- 1 | preset: psr2 -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | # The MIT License (MIT) 2 | 3 | Copyright (c) 2018 Martynas Žaliaduonis 4 | 5 | > Permission is hereby granted, free of charge, to any person obtaining a copy 6 | > of this software and associated documentation files (the "Software"), to deal 7 | > in the Software without restriction, including without limitation the rights 8 | > to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | > copies of the Software, and to permit persons to whom the Software is 10 | > furnished to do so, subject to the following conditions: 11 | > 12 | > The above copyright notice and this permission notice shall be included in 13 | > all copies or substantial portions of the Software. 14 | > 15 | > THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | > IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | > FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | > AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | > LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | > OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 21 | > THE SOFTWARE. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Simple PHP SSO integration for Laravel 2 | 3 | [![Latest Stable Version](https://poser.pugx.org/zefy/laravel-sso/v/stable)](https://packagist.org/packages/zefy/laravel-sso) 4 | [![Total Downloads](https://poser.pugx.org/zefy/laravel-sso/downloads)](https://packagist.org/packages/zefy/laravel-sso) 5 | [![Latest Unstable Version](https://poser.pugx.org/zefy/laravel-sso/v/unstable)](https://packagist.org/packages/zefy/laravel-sso) 6 | [![License](https://poser.pugx.org/zefy/laravel-sso/license)](https://packagist.org/packages/zefy/laravel-sso) 7 | [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/zefy/laravel-sso/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/zefy/laravel-sso/?branch=master) 8 | [![Build Status](https://scrutinizer-ci.com/g/zefy/laravel-sso/badges/build.png?b=master)](https://scrutinizer-ci.com/g/zefy/laravel-sso/build-status/master) 9 | [![Code Intelligence Status](https://scrutinizer-ci.com/g/zefy/laravel-sso/badges/code-intelligence.svg?b=master)](https://scrutinizer-ci.com/code-intelligence) 10 | 11 |

12 | 13 | 14 | This package based on [Simple PHP SSO skeleton](https://github.com/zefy/php-simple-sso) package and made suitable for Laravel framework. 15 | ### Requirements 16 | * Laravel 5.5+ 17 | * PHP 7.1+ 18 | 19 | ### Words meanings 20 | * ***SSO*** - Single Sign-On. 21 | * ***Server*** - page which works as SSO server, handles authentications, stores all sessions data. 22 | * ***Broker*** - your page which is used visited by clients/users. 23 | * ***Client/User*** - your every visitor. 24 | 25 | ### How it works? 26 | Client visits Broker and unique token is generated. When new token is generated we need to attach Client session to his session in Broker so he will be redirected to Server and back to Broker at this moment new session in Server will be created and associated with Client session in Broker's page. When Client visits other Broker same steps will be done except that when Client will be redirected to Server he already use his old session and same session id which associated with Broker#1. 27 | 28 | # Installation 29 | ### Server 30 | Install this package using composer. 31 | ```shell 32 | $ composer require zefy/laravel-sso 33 | ``` 34 | 35 | 36 | Copy config file to Laravel project `config/` folder. 37 | ```shell 38 | $ php artisan vendor:publish --provider="Zefy\LaravelSSO\SSOServiceProvider" 39 | ``` 40 | 41 | 42 | Create table where all brokers will be saved. 43 | ```shell 44 | $ php artisan migrate --path=vendor/zefy/laravel-sso/database/migrations 45 | ``` 46 | 47 | 48 | Edit your `app/Http/Kernel.php` by removing throttle middleware and adding sessions middleware to `api` middlewares array. 49 | This is necessary because we need sessions to work in API routes and throttle middleware can block connections which we need. 50 | ```php 51 | 'api' => [ 52 | 'bindings', 53 | \Illuminate\Session\Middleware\StartSession::class, 54 | ], 55 | ``` 56 | 57 | 58 | Now you should create brokers. 59 | You can create new broker using following Artisan CLI command: 60 | ```shell 61 | $ php artisan sso:broker:create {name} 62 | ``` 63 | 64 | ---------- 65 | 66 | ### Broker 67 | Install this package using composer. 68 | ```shell 69 | $ composer require zefy/laravel-sso 70 | ``` 71 | 72 | 73 | Copy config file to Laravel project `config/` folder. 74 | ```shell 75 | $ php artisan vendor:publish --provider="Zefy\LaravelSSO\SSOServiceProvider" 76 | ``` 77 | 78 | 79 | Change `type` value in `config/laravel-sso.php` file from `server` 80 | to `broker`. 81 | 82 | 83 | 84 | Set 3 new options in your `.env` file: 85 | ```shell 86 | SSO_SERVER_URL= 87 | SSO_BROKER_NAME= 88 | SSO_BROKER_SECRET= 89 | ``` 90 | `SSO_SERVER_URL` is your server's http url without trailing slash. `SSO_BROKER_NAME` and `SSO_BROKER_SECRET` must be data which exists in your server's `brokers` table. 91 | 92 | 93 | 94 | Edit your `app/Http/Kernel.php` by adding `\Zefy\LaravelSSO\Middleware\SSOAutoLogin::class` middleware to `web` middleware group. It should look like this: 95 | ```php 96 | protected $middlewareGroups = [ 97 | 'web' => [ 98 | ... 99 | \Zefy\LaravelSSO\Middleware\SSOAutoLogin::class, 100 | ], 101 | 102 | 'api' => [ 103 | ... 104 | ], 105 | ]; 106 | ``` 107 | 108 | 109 | 110 | Last but not least, you need to edit `app/Http/Controllers/Auth/LoginController.php`. You should add two functions into `LoginController` class which will authenticate your client through SSO server but not your Broker page. 111 | ```php 112 | protected function attemptLogin(Request $request) 113 | { 114 | $broker = new \Zefy\LaravelSSO\LaravelSSOBroker; 115 | 116 | $credentials = $this->credentials($request); 117 | return $broker->login($credentials[$this->username()], $credentials['password']); 118 | } 119 | 120 | public function logout(Request $request) 121 | { 122 | $broker = new \Zefy\LaravelSSO\LaravelSSOBroker; 123 | 124 | $broker->logout(); 125 | 126 | $this->guard()->logout(); 127 | 128 | $request->session()->invalidate(); 129 | 130 | return redirect('/'); 131 | } 132 | ``` 133 | 134 | 135 | That's all. For other Broker pages you should repeat everything from the beginning just changing your Broker name and secret in configuration file. 136 | 137 | 138 | 139 | 140 | Example `.env` options: 141 | ```shell 142 | SSO_SERVER_URL=https://server.test 143 | SSO_BROKER_NAME=site1 144 | SSO_BROKER_SECRET=892asjdajsdksja74jh38kljk2929023 145 | ``` -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "zefy/laravel-sso", 3 | "description": "Simple PHP SSO integration for Laravel", 4 | "keywords": ["laravel", "sso", "authentication", "login"], 5 | "homepage": "https://github.com/zefy/laravel-sso", 6 | "license": "MIT", 7 | "authors": [ 8 | { 9 | "name": "Martynas Žaliaduonis", 10 | "email": "m.zaliaduonis@gmail.com", 11 | "homepage": "https://github.com/zefy", 12 | "role": "Developer" 13 | } 14 | ], 15 | "require": { 16 | "php": ">=7.1.3", 17 | "guzzlehttp/guzzle": "^6.3", 18 | "laravel/framework": "^5.5", 19 | "zefy/php-simple-sso": "^1.0" 20 | }, 21 | "autoload": { 22 | "psr-4": { 23 | "Zefy\\LaravelSSO\\": "src/" 24 | } 25 | }, 26 | "extra": { 27 | "laravel": { 28 | "providers": [ 29 | "Zefy\\LaravelSSO\\SSOServiceProvider" 30 | ] 31 | } 32 | } 33 | } -------------------------------------------------------------------------------- /config/laravel-sso.php: -------------------------------------------------------------------------------- 1 | 'server', 16 | 17 | /* 18 | |-------------------------------------------------------------------------- 19 | | Settings necessary for the SSO server. 20 | |-------------------------------------------------------------------------- 21 | | 22 | | These settings should be changed if this page is working as SSO server. 23 | | 24 | */ 25 | 26 | 'usersModel' => \App\User::class, 27 | 'brokersModel' => Zefy\LaravelSSO\Models\Broker::class, 28 | 29 | // Table used in Zefy\LaravelSSO\Models\Broker model 30 | 'brokersTable' => 'brokers', 31 | 32 | // Logged in user fields sent to brokers. 33 | 'userFields' => [ 34 | // Return array field name => database column name 35 | 'id' => 'id', 36 | ], 37 | 38 | /* 39 | |-------------------------------------------------------------------------- 40 | | Settings necessary for the SSO broker. 41 | |-------------------------------------------------------------------------- 42 | | 43 | | These settings should be changed if this page is working as SSO broker. 44 | | 45 | */ 46 | 47 | 'serverUrl' => env('SSO_SERVER_URL', null), 48 | 'brokerName' => env('SSO_BROKER_NAME', null), 49 | 'brokerSecret' => env('SSO_BROKER_SECRET', null), 50 | ]; 51 | -------------------------------------------------------------------------------- /database/migrations/2018_03_01_073503_create_brokers_table.php: -------------------------------------------------------------------------------- 1 | increments('id'); 18 | $table->string('name')->unique(); 19 | $table->string('secret'); 20 | $table->timestamps(); 21 | }); 22 | } 23 | 24 | /** 25 | * Reverse the migrations. 26 | * 27 | * @return void 28 | */ 29 | public function down() 30 | { 31 | Schema::dropIfExists(config('laravel-sso.brokersTable', 'brokers')); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /src/Commands/CreateBroker.php: -------------------------------------------------------------------------------- 1 | name = $this->argument('name'); 44 | $broker->secret = str_random(40); 45 | 46 | $broker->save(); 47 | 48 | $this->info('Broker with name `' . $this->argument('name') . '` successfully created.'); 49 | $this->info('Secret: ' . $broker->secret); 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /src/Commands/DeleteBroker.php: -------------------------------------------------------------------------------- 1 | argument('name'))->firstOrFail(); 42 | $broker->delete(); 43 | 44 | $this->info('Broker with name `' . $this->argument('name') . '` successfully deleted.'); 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /src/Commands/ListBrokers.php: -------------------------------------------------------------------------------- 1 | toArray(); 44 | 45 | $this->table($headers, $brokers); 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /src/Controllers/ServerController.php: -------------------------------------------------------------------------------- 1 | attach( 20 | $request->get('broker', null), 21 | $request->get('token', null), 22 | $request->get('checksum', null) 23 | ); 24 | } 25 | 26 | /** 27 | * @param Request $request 28 | * @param LaravelSSOServer $server 29 | * 30 | * @return mixed 31 | */ 32 | public function login(Request $request, LaravelSSOServer $server) 33 | { 34 | return $server->login( 35 | $request->get('username', null), 36 | $request->get('password', null) 37 | ); 38 | } 39 | 40 | /** 41 | * @param LaravelSSOServer $server 42 | * 43 | * @return string 44 | */ 45 | public function logout(LaravelSSOServer $server) 46 | { 47 | return $server->logout(); 48 | } 49 | 50 | /** 51 | * @param LaravelSSOServer $server 52 | * 53 | * @return string 54 | */ 55 | public function userInfo(LaravelSSOServer $server) 56 | { 57 | return $server->userInfo(); 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /src/Exceptions/MissingConfigurationException.php: -------------------------------------------------------------------------------- 1 | ssoServerUrl . '/api/sso/' . $command . $query; 35 | } 36 | 37 | /** 38 | * Set base class options (sso server url, broker name and secret, etc). 39 | * 40 | * @return void 41 | * 42 | * @throws MissingConfigurationException 43 | */ 44 | protected function setOptions() 45 | { 46 | $this->ssoServerUrl = config('laravel-sso.serverUrl', null); 47 | $this->brokerName = config('laravel-sso.brokerName', null); 48 | $this->brokerSecret = config('laravel-sso.brokerSecret', null); 49 | 50 | if (!$this->ssoServerUrl || !$this->brokerName || !$this->brokerSecret) { 51 | throw new MissingConfigurationException('Missing configuration values.'); 52 | } 53 | } 54 | 55 | /** 56 | * Save unique client token to cookie. 57 | * 58 | * @return void 59 | */ 60 | protected function saveToken() 61 | { 62 | if (isset($this->token) && $this->token) { 63 | return; 64 | } 65 | 66 | if ($this->token = Cookie::get($this->getCookieName(), null)) { 67 | return; 68 | } 69 | 70 | // If cookie token doesn't exist, we need to create it with unique token... 71 | $this->token = str_random(40); 72 | Cookie::queue(Cookie::make($this->getCookieName(), $this->token, 60)); 73 | 74 | // ... and attach it to broker session in SSO server. 75 | $this->attach(); 76 | } 77 | 78 | /** 79 | * Delete saved unique client token. 80 | * 81 | * @return void 82 | */ 83 | protected function deleteToken() 84 | { 85 | $this->token = null; 86 | Cookie::forget($this->getCookieName()); 87 | } 88 | 89 | /** 90 | * Make request to SSO server. 91 | * 92 | * @param string $method Request method 'post' or 'get'. 93 | * @param string $command Request command name. 94 | * @param array $parameters Parameters for URL query string if GET request and form parameters if it's POST request. 95 | * 96 | * @return array 97 | */ 98 | protected function makeRequest(string $method, string $command, array $parameters = []) 99 | { 100 | $commandUrl = $this->generateCommandUrl($command); 101 | 102 | $headers = [ 103 | 'Accept' => 'application/json', 104 | 'Authorization' => 'Bearer '. $this->getSessionId(), 105 | ]; 106 | 107 | switch ($method) { 108 | case 'POST': 109 | $body = ['form_params' => $parameters]; 110 | break; 111 | case 'GET': 112 | $body = ['query' => $parameters]; 113 | break; 114 | default: 115 | $body = []; 116 | break; 117 | } 118 | 119 | $client = new GuzzleHttp\Client; 120 | $response = $client->request($method, $commandUrl, $body + ['headers' => $headers]); 121 | 122 | return json_decode($response->getBody(), true); 123 | } 124 | 125 | /** 126 | * Redirect client to specified url. 127 | * 128 | * @param string $url URL to be redirected. 129 | * @param array $parameters HTTP query string. 130 | * @param int $httpResponseCode HTTP response code for redirection. 131 | * 132 | * @return void 133 | */ 134 | protected function redirect(string $url, array $parameters = [], int $httpResponseCode = 307) 135 | { 136 | $query = ''; 137 | // Making URL query string if parameters given. 138 | if (!empty($parameters)) { 139 | $query = '?'; 140 | 141 | if (parse_url($url, PHP_URL_QUERY)) { 142 | $query = '&'; 143 | } 144 | 145 | $query .= http_build_query($parameters); 146 | } 147 | 148 | app()->abort($httpResponseCode, '', ['Location' => $url . $query]); 149 | } 150 | 151 | /** 152 | * Getting current url which can be used as return to url. 153 | * 154 | * @return string 155 | */ 156 | protected function getCurrentUrl() 157 | { 158 | return url()->full(); 159 | } 160 | 161 | /** 162 | * Cookie name in which we save unique client token. 163 | * 164 | * @return string 165 | */ 166 | protected function getCookieName() 167 | { 168 | // Cookie name based on broker's name because there can be some brokers on same domain 169 | // and we need to prevent duplications. 170 | return 'sso_token_' . preg_replace('/[_\W]+/', '_', strtolower($this->brokerName)); 171 | } 172 | } 173 | -------------------------------------------------------------------------------- /src/LaravelSSOServer.php: -------------------------------------------------------------------------------- 1 | get('return_url', null)); 29 | } 30 | 31 | $query = ''; 32 | // Making URL query string if parameters given. 33 | if (!empty($parameters)) { 34 | $query = '?'; 35 | 36 | if (parse_url($url, PHP_URL_QUERY)) { 37 | $query = '&'; 38 | } 39 | 40 | $query .= http_build_query($parameters); 41 | } 42 | 43 | app()->abort($httpResponseCode, '', ['Location' => $url . $query]); 44 | } 45 | 46 | /** 47 | * Returning json response for the broker. 48 | * 49 | * @param null|array $response Response array which will be encoded to json. 50 | * @param int $httpResponseCode HTTP response code. 51 | * 52 | * @return string 53 | */ 54 | protected function returnJson(?array $response = null, int $httpResponseCode = 200) 55 | { 56 | return response()->json($response, $httpResponseCode); 57 | } 58 | 59 | /** 60 | * Authenticate using user credentials 61 | * 62 | * @param string $username 63 | * @param string $password 64 | * 65 | * @return bool 66 | */ 67 | protected function authenticate(string $username, string $password) 68 | { 69 | if (!Auth::attempt(['username' => $username, 'password' => $password])) { 70 | return false; 71 | } 72 | 73 | // After authentication Laravel will change session id, but we need to keep 74 | // this the same because this session id can be already attached to other brokers. 75 | $sessionId = $this->getBrokerSessionId(); 76 | $savedSessionId = $this->getBrokerSessionData($sessionId); 77 | $this->startSession($savedSessionId); 78 | 79 | return true; 80 | } 81 | 82 | /** 83 | * Get the secret key and other info of a broker 84 | * 85 | * @param string $brokerId 86 | * 87 | * @return null|array 88 | */ 89 | protected function getBrokerInfo(string $brokerId) 90 | { 91 | try { 92 | $broker = config('laravel-sso.brokersModel')::where('name', $brokerId)->firstOrFail(); 93 | } catch (ModelNotFoundException $e) { 94 | return null; 95 | } 96 | 97 | return $broker; 98 | } 99 | 100 | /** 101 | * Get the information about a user 102 | * 103 | * @param string $username 104 | * 105 | * @return array|object|null 106 | */ 107 | protected function getUserInfo(string $username) 108 | { 109 | try { 110 | $user = config('laravel-sso.usersModel')::where('username', $username)->firstOrFail(); 111 | } catch (ModelNotFoundException $e) { 112 | return null; 113 | } 114 | 115 | return $user; 116 | } 117 | 118 | /** 119 | * Returning user info for broker. Should return json or something like that. 120 | * 121 | * @param array|object $user Can be user object or array. 122 | * 123 | * @return array|object|UserResource 124 | */ 125 | protected function returnUserInfo($user) 126 | { 127 | return new UserResource($user); 128 | } 129 | 130 | /** 131 | * Return session id sent from broker. 132 | * 133 | * @return null|string 134 | */ 135 | protected function getBrokerSessionId() 136 | { 137 | $authorization = request()->header('Authorization', null); 138 | if ($authorization && strpos($authorization, 'Bearer') === 0) { 139 | return substr($authorization, 7); 140 | } 141 | 142 | return null; 143 | } 144 | 145 | /** 146 | * Start new session when user visits server. 147 | * 148 | * @return void 149 | */ 150 | protected function startUserSession() 151 | { 152 | // Session must be started by middleware. 153 | } 154 | 155 | /** 156 | * Set session data 157 | * 158 | * @param string $key 159 | * @param null|string $value 160 | * 161 | * @return void 162 | */ 163 | protected function setSessionData(string $key, ?string $value = null) 164 | { 165 | if (!$value) { 166 | Session::forget($key); 167 | return; 168 | } 169 | 170 | Session::put($key, $value); 171 | } 172 | 173 | /** 174 | * Get data saved in session. 175 | * 176 | * @param string $key 177 | * 178 | * @return string 179 | */ 180 | protected function getSessionData(string $key) 181 | { 182 | if ($key === 'id') { 183 | return Session::getId(); 184 | } 185 | 186 | return Session::get($key, null); 187 | } 188 | 189 | /** 190 | * Start new session with specific session id. 191 | * 192 | * @param $sessionId 193 | * 194 | * @return void 195 | */ 196 | protected function startSession(string $sessionId) 197 | { 198 | Session::setId($sessionId); 199 | Session::start(); 200 | } 201 | 202 | /** 203 | * Save broker session data to cache. 204 | * 205 | * @param string $brokerSessionId 206 | * @param string $sessionData 207 | * 208 | * @return void 209 | */ 210 | protected function saveBrokerSessionData(string $brokerSessionId, string $sessionData) 211 | { 212 | Cache::put('broker_session:' . $brokerSessionId, $sessionData, now()->addHour()); 213 | } 214 | 215 | /** 216 | * Get broker session data from cache. 217 | * 218 | * @param string $brokerSessionId 219 | * 220 | * @return null|string 221 | */ 222 | protected function getBrokerSessionData(string $brokerSessionId) 223 | { 224 | return Cache::get('broker_session:' . $brokerSessionId); 225 | } 226 | } 227 | -------------------------------------------------------------------------------- /src/Middleware/SSOAutoLogin.php: -------------------------------------------------------------------------------- 1 | getUserInfo(); 22 | 23 | // If client is logged out in SSO server but still logged in broker. 24 | if (!isset($response['data']) && !auth()->guest()) { 25 | return $this->logout($request); 26 | } 27 | 28 | // If there is a problem with data in SSO server, we will re-attach client session. 29 | if (isset($response['error']) && strpos($response['error'], 'There is no saved session data associated with the broker session id') !== false) { 30 | return $this->clearSSOCookie($request); 31 | } 32 | 33 | // If client is logged in SSO server and didn't logged in broker... 34 | if (isset($response['data']) && (auth()->guest() || auth()->user()->id != $response['data']['id'])) { 35 | // ... we will authenticate our client. 36 | auth()->loginUsingId($response['data']['id']); 37 | } 38 | 39 | return $next($request); 40 | } 41 | 42 | /** 43 | * Clearing SSO cookie so broker will re-attach SSO server session. 44 | * 45 | * @param Request $request 46 | * @return \Illuminate\Http\RedirectResponse 47 | */ 48 | protected function clearSSOCookie(Request $request) 49 | { 50 | return redirect($request->fullUrl())->cookie(cookie('sso_token_' . config('laravel-sso.brokerName'))); 51 | } 52 | 53 | /** 54 | * Logging out authenticated user. 55 | * Need to make a page refresh because current page may be accessible only for authenticated users. 56 | * 57 | * @param Request $request 58 | * @return \Illuminate\Http\RedirectResponse 59 | */ 60 | protected function logout(Request $request) 61 | { 62 | auth()->logout(); 63 | return redirect($request->fullUrl()); 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /src/Models/Broker.php: -------------------------------------------------------------------------------- 1 | $value) { 19 | $fields[$key] = $this->{$value}; 20 | } 21 | 22 | return $fields; 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/Routes/server.php: -------------------------------------------------------------------------------- 1 | prefix('api/sso')->group(function () { 8 | Route::post('login', 'Zefy\LaravelSSO\Controllers\ServerController@login'); 9 | Route::post('logout', 'Zefy\LaravelSSO\Controllers\ServerController@logout'); 10 | Route::get('attach', 'Zefy\LaravelSSO\Controllers\ServerController@attach'); 11 | Route::get('userInfo', 'Zefy\LaravelSSO\Controllers\ServerController@userInfo'); 12 | }); 13 | -------------------------------------------------------------------------------- /src/SSOServiceProvider.php: -------------------------------------------------------------------------------- 1 | publishConfig(__DIR__ . '/../config/' . $this->configFileName); 25 | 26 | $this->loadMigrationsFrom(__DIR__.'/../database/migrations'); 27 | 28 | if ($this->app->runningInConsole()) { 29 | $this->commands([ 30 | Commands\CreateBroker::class, 31 | Commands\DeleteBroker::class, 32 | Commands\ListBrokers::class, 33 | ]); 34 | } 35 | 36 | $this->loadRoutes(); 37 | } 38 | 39 | /** 40 | * Register services. 41 | * 42 | * @return void 43 | */ 44 | public function register() 45 | { 46 | $this->app->make('Zefy\LaravelSSO\Controllers\ServerController'); 47 | } 48 | 49 | /** 50 | * Get the config path 51 | * 52 | * @return string 53 | */ 54 | protected function getConfigPath() 55 | { 56 | return config_path($this->configFileName); 57 | } 58 | 59 | /** 60 | * Publish the config file 61 | * 62 | * @param string $configPath 63 | */ 64 | protected function publishConfig(string $configPath) 65 | { 66 | $this->publishes([$configPath => $this->getConfigPath()]); 67 | } 68 | 69 | /** 70 | * Load necessary routes. 71 | * 72 | * @return void 73 | */ 74 | protected function loadRoutes() 75 | { 76 | // If this page is server, load routes which is required for the server. 77 | if (config('laravel-sso.type') == 'server') { 78 | $this->loadRoutesFrom(__DIR__.'/Routes/server.php'); 79 | } 80 | } 81 | } 82 | --------------------------------------------------------------------------------