通过 
搜索
搜索univicosa / laravel-openid-client
Univiçosa认证项目的OpenId客户端。
1.0.13
2023-05-05 18:00 UTC
Requires
- php: >=7.0.0
- guzzlehttp/guzzle: ^6.3
- laravel/framework: ^5.4
- lcobucci/jwt: ^3.2
README
univicosa/laravel-openid-client 是一个Laravel包,用于将Oauth服务器集成到需要认证的Laravel项目中。
安装
使用composer安装
composer require univicosa/laravel-openid-client
对于Laravel版本 < 5.5,请将服务提供者在 config/app.php 中添加。
Modules\OpenId\Providers\OpenIdServiceProvider::class
要个性化配置,运行以下命令发布包的配置文件:
php artisan vendor:publish --tag=openid-config
将生成 config/openid.php 文件。
Oauth 公钥
您的系统需要 oauth公钥 来连接并与Oauth服务器通信。因此,您需要将公钥文件复制到项目的 storage 文件夹。
重定向到 登录
在文件 app/Exceptions/Handler.php 中查找或覆盖 unauthenticated 方法,并将重定向路由更改为
protected function unauthenticated($request, AuthenticationException $exception) : \Illuminate\Http\RedirectResponse { if ($request->expectsJson()) { return response()->json(['error' => 'Unauthenticated.'], 401); } if (env('APP_ENV') === 'local') { return redirect()->guest(route('login')); } return redirect()->guest(config('openid.server') . '/login?continue=' . $request->url()); }
.env 文件
在 .env 文件中设置一个名为 SESSION_LIFETIME 的变量,并将其定义为想要保持登录会话的分钟数。Oauth服务器保持会话的最大时间是240分钟(4小时)。
#### APP CONFIG #### APP_URL=url-project (https://domain.com) #### CACHE CONFIG #### BROADCAST_DRIVER=log CACHE_DRIVER=redis SESSION_DRIVER=file SESSION_LIFETIME=240 QUEUE_DRIVER=sync REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379 #### OAUTH OPENID #### AUTH_SERVER=https://oauth.univicosa.com.br or https://devauth.univicosa.com.br CLIENT_ID=you-client-id CLIENT_SECRET=your-secret-code
更改Kernel.php
在文件 app/Http/Kernel.php 中更改 $routeMiddleware 属性
protected $routeMiddleware = [ 'auth' => \Illuminate\Auth\Middleware\Authenticate::class // CHANGE THIS ];
为了更改 Guard
将文件 config/auth.php 更改为
'guards' => [ 'web' => [ 'driver' => 'openid', 'provider' => NULL, ], /* * ... */ ]
门面
客户端方法在门面 \OpenId 下可用。
认证方法(如验证器 \Auth::check())在门面 \Illuminate\Support\Facades\Auth 下可用;
门面 \Oauth2 提供了从Oauth服务器获取和发送数据所需的所有助手函数。
\Ouath2方法可用
@method \Oauth2::getSystems(): array @api GET '/api/{version}/system' @return array With Systems available in Oauth Server
@method \Oauth2::getSystemRoles(): array @api GET '/api/{version}/system/roles' @return array With System givable roles
@method \Oauth2::getSystemPermissions(): array @api GET '/api/{version}/system/permissions' @return array With System givable permissions
@method \Oauth2::getUser(): array @api GET '/api/{version}/user' @return array With logged user data
@method \Oauth2::getUserProfiles(): array @api GET '/api/{version}/profile' @return array With logged user profiles
@method \Oauth2::getUserByCpf(string $cpf): array @api POST '/api/{version}/user/cpf' @return array With the data of user owner of document given
@method \Oauth2::getUsersByCpf(array $cpf): array @api POST '/api/{version}/user/search/cpf' @return array With the data of user owner of document given: limit array size to 100 items
@method \Oauth2::searchUserByName(string $name): array @api POST '/api/{version}/user/name' @return array With the data of users owner of document given
@method \Oauth2::searchUserByRegistry(string $registry): array @api POST '/api/{version}/user/registry' @return array With the data of users owner of registry given
@method \Oauth2::getUserSystems(): array @api GET '/api/{version}/user/systems' @return array With the systems that the user is allowed to access
@method \Oauth2::getUserPermissions(): array @api GET '/api/{version}/user/permissions' @return array With the roles that the logged user has in the request owner
@method \Oauth2::getGenders(): array @api GET '/api/{version}/profile/genders' @return array With th data of all genders available for select on the Oauth Server
@method \Oauth2::setUserPermission(string $cpf, string $role, string $expires_at = ''): array @api POST '/api/{version}/user/permission' @return array with the response of Post action
@method \Oauth2::isAddressFilled(): array @api GET '/api/{version}/address/filled' @return array With the Boolean response if the user address data is populated on the Oauth Server
@method \Oauth2::getStates(): array @api GET '/api/{version}/address/states' @return array With the data of all Brazilian states present on the Oauth Server
@method \Oauth2::getCities(string $state): array @api GET '/api/{version}/address/cities/{state}' @return array With the data of all Brazilian cities according to the state given present on the Oauth Server
@method \Oauth2::setAddress(array $data): array @api POST '/api/{version}/address' @return array with the response of Post action
@method \Oauth2::setProfile(array $data): array @api POST '/api/{version}/profile' @return array with the response of Post action
@method \Oauth2::setUsername(array $data): array @api POST '/api/{version}/user/update/username' @return array with the response of Post action
@method \Oauth2::getUsersType(string $type): array @api POST '/api/{version}/profile/users/type' @return array With all user data available for a type selected on the Oauth server
@method \Oauth2::setUsersType(array $data): array @api POST '/api/{version}/profile/create/usertype' @return array with the response of Post action
@method \Oauth2::removeAllTypesFromUser(array $data): array @api POST '/api/{version}/profile/remove/usertype' @return array with the response of Post action
视图组件
@openidComponents:
要加载用户的登录菜单,快速访问用户的权限,并在未认证的页面中渲染登录按钮,只需在您的头部组件下调用Blade指令。
@login('route.name'):
登录指令将调用您传递的路由或返回带有继续参数的格式化oauth路径到所需的路由。
重定向路由
Oauth系统中的动态路由可以使用 ?continue URL参数将用户重定向回源地址。
以下示例将在用户在Oauth服务页面执行所需的操作后重定向回源地址
config('openid.server') . '{ouath_service_page}?' . http_build_query(['continue' => {route_to_redirect_back}])