jeudi 22 juin 2017

Authentication persistance infinite loop issue in laravel-saml2 implementation for SSO(single sign on)

I have implemented SSO login for my client for that i have implemented service provider in laravel 5.2 as per git repository available here

as per documentation i have implemented and it's working fine for login and redirect but issue is i don't want to use authentication method to check that user is available or not in our database, so it will check if user is logged in or not

public function handle($request, Closure $next)
{
    if ($this->auth->guest())
    {
        if ($request->ajax())
        {
            return response('Unauthorized.', 401);
        }
        else
        {
                 return Saml2::login(URL::full());
                     //return redirect()->guest('auth/login');
        }
    }

    return $next($request);
};

below event is fire when user is logged in third party site.

Event::listen('Aacotroneo\Saml2\Events\Saml2LoginEvent', function (Saml2LoginEvent $event) {

        $user = $event->getSaml2User();
        $userData = [
            'id' => $user->getUserId(),
            'attributes' => $user->getAttributes(),
            'assertion' => $user->getRawSamlAssertion()
        ];
         $laravelUser = //find user by ID or attribute
         //if it does not exist create it and go on  or show an error message
         Auth::login($laravelUser);
    });

so in my case i don't want to user database maintained at our side, it will go to infinite loop from below code which is i have used here

Event::listen('Aacotroneo\Saml2\Events\Saml2LoginEvent', function (\Aacotroneo\Saml2\Events\Saml2LoginEvent $event) {

        $user = $event->getSaml2User();

        $userData = [
            'id' => $user->getUserId(),
            'attributes' => $user->getAttributes(),
            'assertion' => $user->getRawSamlAssertion()
        ];

        $email=$user->getUserId();
    });

Trying to follow the setup guide. I'm having issue registering the local user session. I created a SamlEventListener hooking it to Saml2LoginEvent. When the event is fired, the handle is properly trigerred so I'm executing Auth::login($laravelUser) which seems successful at that point. Although when the page is reloaded and the middleware executed, $this->auth->guest() returns true, going into an infinite loop. Any ideas?



from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/2sF1X93
via IFTTT
Publié par à
Libellés : ,

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)