通过以下方式搜索 
ohtarr / laravelazure
Laravel Azure Token 身份验证
dev-master
2022-09-30 18:33 UTC
Requires
- doctrine/dbal: ^3.4
- ohtarr/azure: dev-master
- silber/bouncer: ^1.0
This package is auto-updated.
Last update: 2024-09-29 06:14:56 UTC
README
通过以下php包添加Azure AD Token验证和角色分配:
https://github.com/ohtarr/Azure - AzureAD Authentication and Token Validation
https://github.com/JosephSilber/bouncer - Authorization
安装
将库添加到您的Laravel项目
composer require ohtarr/LaravelAzure
您必须在Azure中注册应用程序并设置基于角色的权限。
添加必要的Azure Active Directory OAUTH环境变量
AZURE_AD_TENANT=MyAwesomeAzureADTenant
AZURE_AD_CLIENT_ID=1234abcd-12ab-34cd-56ef-123456abcdef
AZURE_AD_CLIENT_SECRET=123456789abcdef123456789abcdef\123456789abc=
发布LaravelAzure文件 - 将迁移添加到users表以添加azure_id,添加Permission命令以轻松添加bouncer权限。
php artisan vendor:publish --provider="Ohtarr\LaravelAzure\ServiceProvider" --force
发布Bouncer文件 - 标准的bouncer迁移以添加用于授权控制的表格
php artisan vendor:publish --provider="Silber\Bouncer\BouncerServiceProvider" --force
迁移
php artisan migrate
在/app/Models/User.php中将Bouncer添加到User模型
namespace App\Models;
use Silber\Bouncer\Database\HasRolesAndAbilities;
class User extends Authenticatable
{
use HasRolesAndAbilities;
}
通过addPermission命令添加权限,或以自己的方式添加bouncer权限...
# modify addPermission file
nano app/Console/Commands/addPermission.php
#modify the objects array to include all of the objects you want to assign permissions to:
$objects = [
\App\Models\Thing::class,
];
# execute addPermission
php artisan LaravelAzure:addPermission write Admin
将auth:api中间件添加到控制器或路由。以下是一个控制器示例。
#controller constructor:
public function __construct()
{
$this->middleware('auth:api');
}
根据需要将授权检查添加到控制器方法
public function index(Request $request)
{
//IF user is authorized
$user = auth()->user();
if ($user->cant('read', Model::class)) {
abort(401, 'You are not authorized');
}
return $coolapistuff;
}