php - 如何使用 Laravel 验证来自 Microsoft Azure AD 的数据并将其重定向到主页?
问题描述
我正在尝试使用我的 laravel Web 应用程序对 Microsoft Azure AD 进行身份验证。目前我指的是带有 Laravel 的 Azure Active Directory SSO。我设法从 microsoft azure ad 中检索数据,但问题是它没有重定向到 /home 视图,而是重定向到登录视图。
我有一个想法是将来自微软的电子邮件和来自模型的电子邮件链接起来,这样它就可以直接进入主页。但我不知道如何将 Microsoft 数据(从提供商)传递给控制器。下面的代码(在提供程序中)是我到目前为止所做的。
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use Aacotroneo\Saml2\Events\Saml2LoginEvent;
use App\User;
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class SAML2ServiceProvider extends ServiceProvider
{
protected $namespace = 'App\Http\Controllers';
public const HOME = '/home';
public function register()
{
//
}
public function boot()
{
Event::listen('Aacotroneo\Saml2\Events\Saml2LoginEvent', function (Saml2LoginEvent $event) {
// dd($event);
$messageId = $event->getSaml2Auth()->getLastMessageId();
// Add your own code preventing reuse of a $messageId to stop replay attacks
$user = $event->getSaml2User();
$userData = [
'id' => $user->getUserId(),
'attributes' => $user->getAttributes(),
'assertion' => $user->getRawSamlAssertion()
];
//dd($userData);
$inputs = [
'sso_user_id' => $user->getUserId(),
'username' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'),
'email' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'),
'first_name' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname'),
'last_name' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname'),
'password' => Hash::make('anything'),
];
// dd($inputs);
// $user = User::where('sso_user_id', $inputs['sso_user_id'])->where('email', $inputs['email'])->first();
// if(!$user){
// $res = PortalUser::store($inputs);
// if($res['status'] == 'success'){
// $user = $res['data'];
// Auth::guard('web')->login($user);
// }else{
// Log::info('SAML USER Error '.$res['messages']);
// }
// }else{
Auth::guard('web')->login($user);
// }
});
}
}
谁能帮我解决这个问题。非常感谢。
解决方案
我的同事在这方面帮助我,下面是他将 Microsoft 电子邮件与来自模型的电子邮件链接的解决方案
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use Aacotroneo\Saml2\Events\Saml2LoginEvent;
use App\User;
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
class SAML2ServiceProvider extends ServiceProvider
{
/**
* Register services.
*
* @return void
*/
protected $namespace = 'App\Http\Controllers';
public const HOME = '/home';
public function register()
{
//
}
/**
* Bootstrap services.
*
* @return void
*/
public function boot()
{
Event::listen('Aacotroneo\Saml2\Events\Saml2LoginEvent', function (Saml2LoginEvent $event) {
// dd($event);
// $messageId = $event->getSaml2Auth()->getLastMessageId();
// Add your own code preventing reuse of a $messageId to stop replay attacks
$user = $event->getSaml2User();
// $userData = [
// 'id' => $user->getUserId(),
// 'attributes' => $user->getAttributes(),
// 'assertion' => $user->getRawSamlAssertion()
// ];
// dd($userData);
$inputs = [
'sso_user_id' => $user->getUserId(),
'username' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'),
'email' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'),
'first_name' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname'),
'last_name' => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname'),
'password' => Hash::make('anything'),
];
// dd($inputs['email'][0]);
$user = User::where('email', $inputs['email'][0])->first();
// dd($user->id);
if(!$user){
return view ('404');
}else{
Auth::loginUsingId($user->id);
session()->regenerate();
}
});
}
}
推荐阅读
- ios - 当我将文件拖放到我的 AR Kit 项目中的 art.scnassets 文件夹中时,该文件不显示
- json - 从json中的多个数据点绘制Highcharts图表
- azure-service-fabric - 强制删除 Service Fabric 应用程序
- jquery - 从中删除文本
- 在 mouseleave 事件上
- powershell - 如何检查组列表以查看是否有成员
- python - 如何在最后一个元素上镜像列表元素?
- google-bigquery - 如何在不事先知道值的情况下以 BigQuery 中的列为轴心?
- python - pip 卸载因“操作系统拥有”而失败 - 即使在 sudo 下也是如此
- html - 向容器内的多个 div 添加填充
- mapbox - 以编程方式启用 Mapbox Draw 控件