Skip to content
main
Switch branches/tags
Code

Latest commit

* Add an array type check within the callOnLogin callback

Fixes #227

Adds an explict check to see if the object returned from a custom onLogin callback is an array, or an object that can be converted to an array, before calling setUser()

Returns the object returned from the callback directly to the parent service regardless.

* tests: Fix code styling to resolve linter warning

Co-authored-by: Evan Sims <hello@evansims.com>
6436962

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Laravel Auth0 Plugin

CircleCI Latest Stable Version License Total Downloads FOSSA Status

This plugin helps you integrate your Laravel WebApp with Auth0 to achieve Single Sign On with a few simple steps.

Supported Framework Versions

This library follows the Laravel support and PHP release support schedules. We do not support Laravel or PHP releases after they reach end-of-life. At the time of writing this includes Laravel 6 and Laravel 8 on PHP 7.3 or newer.

As Composer handles these deprecations safely, this is not considered a breaking change and we may drop version support with minor library releases. Please ensure you are always running the latest PHP version to keep your application up to date with PHP's security fixes, and continue to receive our latest library updates.

Past releases of our plugin may potentially run on earlier, now unsupported versions of the Laravel framework, but these releases are not maintained.

Documentation

Please see the Laravel webapp quickstart for a complete guide on how to install this in an existing project or to download a pre-configured sample project. Additional documentation on specific scenarios is below.

Setting up a JWKs cache

In the register method of your AppServiceProvider add:

// app/Providers/AppServiceProvider.php
use Illuminate\Support\Facades\Cache;
// ...
    public function register()
    {
        // ...
        $this->app->bind(
            '\Auth0\SDK\Helpers\Cache\CacheHandler',
            function() {
                static $cacheWrapper = null;
                if ($cacheWrapper === null) {
                $cache = Cache::store();
                $cacheWrapper = new LaravelCacheWrapper($cache);
            }
            return $cacheWrapper;
        });
    }

You can implement your own cache strategy by creating a new class that implements the Auth0\SDK\Helpers\Cache\CacheHandler contract, or just use the cache strategy you want by picking that store with Cache::store('your_store_name');

Storing users in your database

You can customize the way you handle the users in your application by creating your own UserRepository. This class should implement the Auth0\Login\Contract\Auth0UserRepository contract. Please see the Custom User Handling section of the Laravel Quickstart for the latest example.

Using auth guard

To protect APIs using an access token generated by Auth0, there is an auth0 API guard provided (Laravel documentation on guards). To use this guard, add it to config/auth.php with the driver auth0:

'guards' => [
    ...
    'auth0' => [
        'driver' => 'auth0',
        'provider' => 'auth0',
    ],
],

'providers' => [
    ...
    'auth0' => [
        'driver' => 'auth0',
    ],
],

Once that has been added, add the guard to the middleware of any API route and check authentication during the request:

// get user
auth('auth0')->user();
// check if logged in
auth('auth0')->check();
// protect routes via middleware use
Route::group(['middleware' => 'auth:auth0'], function () {});

Examples

Organizations

Organizations is a set of features that provide better support for developers who build and maintain SaaS and Business-to-Business (B2B) applications.

Using Organizations, you can:

  • Represent teams, business customers, partner companies, or any logical grouping of users that should have different ways of accessing your applications, as organizations.
  • Manage their membership in a variety of ways, including user invitation.
  • Configure branded, federated login flows for each organization.
  • Implement role-based access control, such that users can have different roles when authenticating in the context of different organizations.
  • Build administration capabilities into your products, using Organizations APIs, so that those businesses can manage their own organizations.

Note that Organizations is currently only available to customers on our Enterprise and Startup subscription plans.

Logging in with an Organization

Open your Auth0 Laravel plugin configuration file (usually config/laravel-auth0.php) uncomment the organization option and specify the Id for your Organization (found in your Organization settings on the Auth0 Dashboard.)

// config/laravel-auth0.php
// ...

/*
|--------------------------------------------------------------------------
|   Auth0 Organizations
|--------------------------------------------------------------------------
|   organization (string) Optional. Id of an Organization, if being used. Used when generating log in urls and validating token claims.
*/

'organization' => 'org_E6WbrPMQU2UJn6Rz',

From there, the Organization will automatically be used throughout your Laravel application's authentication login, including redirecting to the Universal Login page.

// Expects the Laravel plugin to be configured first, as demonstrated above.

App::make('auth0')->login();

Accepting user invitations

Auth0 Organizations allow users to be invited using emailed links, which will direct a user back to your application. The URL the user will arrive at is based on your configured Application Login URI, which you can change from your Application's settings inside the Auth0 dashboard.

When the user arrives at your application using an invite link, you can expect three query parameters to be provided: invitation, organization, and organization_name. These will always be delivered using a GET request.

A helper function is provided to handle extracting these query parameters and automatically redirecting to the Universal Login page. Invoke this from your application's logic, such as a controller for an authentication route, to handle this process automatically.

// routes/example.php

Route::get('/invite', [ExampleIndexController::class, 'invite'])->name('invite');
// Http/Controllers/Example/ExampleIndexController.php

<?php

namespace App\Http\Controllers\Auth;

use Illuminate\Support\Facades\App;
use App\Http\Controllers\Controller;

class ExampleIndexController extends Controller
{
  /**
   * Redirect to Auth0 Universal Login using the invitation code
   *
   * @return void
   */
  public function invite()
  {
      App::make('auth0')->handleInvitation();
  }

Installation

Install this plugin into a new or existing project using Composer:

$ composer require auth0/login:"~6.0"

Additional steps to install can be found in the quickstart.

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

Support + Feedback

Include information on how to get support. Consider adding:

  • Use Community for usage, questions, specific cases
  • Use Issues for code-level support

What is Auth0?

Auth0 helps you to easily:

  • implement authentication with multiple identity providers, including social (e.g., Google, Facebook, Microsoft, LinkedIn, GitHub, Twitter, etc), or enterprise (e.g., Windows Azure AD, Google Apps, Active Directory, ADFS, SAML, etc.)
  • log in users with username/password databases, passwordless, or multi-factor authentication
  • link multiple user accounts together
  • generate signed JSON Web Tokens to authorize your API calls and flow the user identity securely
  • access demographics and analytics detailing how, when, and where users are logging in
  • enrich user profiles from other data sources using customizable JavaScript rules

Why Auth0?

License

The Auth0 Laravel Login plugin is licensed under MIT - LICENSE

FOSSA Status