zanichelli/idp-extensions
Composer 安装命令:
composer require zanichelli/idp-extensions
包简介
Classes to interact with the Zanichelli identity provider
README 文档
README
This is Laravel package to use with laravel-jwt-idp (Github: https://github.com/ZanichelliEditore/laravel-jwt-idp).
How to integrate package in your project
Step 1 - Install by Composer
composer require zanichelli/idp-extensions
Note:you should use tag instead of branch-name (e.g. "zanichelli/idp-extensions:V1.0.0" or "zanichelli/idp-extensions:dev-{branch-name}" )
Step 2 - .env file
Add this lines at bottom of your .env file:
IDP_BASE_URL=https://idp.zanichelli.it
IDP_COOKIE_NAME=token
If you need to use your own login form (instead of the IDP one), please add this line too:
IDP_LOGIN_URL=https://idp.zanichelli.it/v4/login
Step 3 - auth.php editing
Edit config/auth.php as follow:
- In
'defaults'array change value of'guard'from'web'to'z-session'
Step 4 - publish migrations
There are 2 migration from this package, Grants table and Sessions Table.
php artisan vendor:publish
and select the "zanichelli/idp-extension" provider
Step 4.A - publish migrations (BREAKING CHANGES) after v3.0.*
There are 3 migrations from this package:
- Grants table
- Sessions Table
- Grants table key changes (Change role_id and department_id to role_name and department_name).
php artisan vendor:publish
Using the command below will only apply the changes about role_id and department_id
php artisan vendor:publish --tag=grants-by-name-instead-of-id
Use
php artisan vendor:publish --tag=grants-by-name-instead-of-id --force
if you need to overwrite grants table changes migration.
Step 5 - create route middleware and protect your routes
For Laravel up to version 10:
In Kernel.php file add "idp" in your routeMiddleware
'idp' => \Zanichelli\IdpExtension\Http\Middleware\IdpMiddleware::class,
For Laravel from version 11:
Kernel.php file is no more. Register your middleware in 'bootstrap/app.php'
$middleware->alias([ 'idp' => \Zanichelli\IdpExtension\Http\Middleware\IdpMiddleware::class ]);
The default behaviour also retrieves the user's permissions (with_permissions) and remove token from query params (without_token_url)
You can specify different configuration like this:
Avoid to remove token from url
Route::group(['middleware'=>'idp:with_permissions,with_token_url'],function(){ Route::get('/', function(){ return view('home'); }); });
Avoid to retrieve permission
Route::group(['middleware'=>'idp:without_permissions'],function(){ Route::get('/', function(){ return view('home'); }); });
Avoid to remove token from url and retrieve permission
Route::group(['middleware'=>'idp:without_permissions,with_token_url'],function(){ Route::get('/', function(){ return view('home'); }); });
Add to your route file (tipically web.php) the new middleware idp; code smells like this:
Route::group(['middleware'=>'idp'],function(){ Route::get('/', function(){ return view('home'); }); });
Alternatively, two middlewares read the cookie and, if found, retrieves the user's data and adds it to the request
IdpApiMiddleware retrieves user's data from v1 user api call
'idp' => \Zanichelli\IdpExtension\Http\Middleware\IdpApiMiddleware::class,
IdpApiJWKSMiddleware retrieves user's data from jwt token
'idp' => \Zanichelli\IdpExtension\Http\Middleware\IdpApiJWKSMiddleware::class,
Extends IDP middleware
In order to edit retrive permissions or add extra parameter to user object you can extend default class IDP Middleware.
Class must implement following methods:
-
retrievePermissions: this method take userId and roles array as input, here role-based permissions must be retrieved to output an array of strings with permissions; -
addExtraParametersToUser: this method allow you to add extra parameters to the user object given as input.
After class creation, add in kernel.php file the new middleware class in '$routeMiddleware' array:
'idp' => \App\Http\Middleware\IdpMiddleware::class,
Logout idp
Create a logout route inside web.php file using a logout method inside the controller.
Implement the code as follow:
Route::group(['middleware'=>'idp'],function(){ Route::get('logout', 'LoginController@logout'); });
Then define logout:
use use Illuminate\Support\Facades\Auth; class LoginController extends Controller { ... public function logout() { return Auth::logout(); } }
Basics
With this integration you could use some Laravel's feature that allows to handle users and their authentication.
Auth is authtentication class that Laravel ships for this purpose and allow access to following methods:
Auth::check(): returnstrueif a user is authenticated,falseotherwiseAuth::guest(): returnstrueif a user is guest,falseotherwiseAuth::user(): returns aZUserclass instance,nullotherwiseAuth::id(): returnsuserIdif authtenticated,nullotherwiseAuth::hasUser(): returnstrueif there's a ZUser in our current session,falseotherwiseAuth::setUser($ZUser): sets aZuserin sessionAuth::attempt($credentials, $remember): try to login with IDP without using the login form, if success returnstrue, otherwisefalseAuth::logout(): logout a user, returnredirect
zanichelli/idp-extensions 适用场景与选型建议
zanichelli/idp-extensions 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 6.54k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2020 年 06 月 12 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 zanichelli/idp-extensions 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 zanichelli/idp-extensions 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 6.54k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 0
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2020-06-12