Azure Active Directory Sso with Laravel

Laravel and Azure ad SSO

The settings were incorrect as mentioned in the comment below the question

How to Authenticate the data from Microsoft Azure AD using Laravel and redirect it to Home?

My colleague help me on this and below are the solution where he link the Microsoft email with email from the model

namespace App\Providers;

use Illuminate\Support\ServiceProvider;
use Aacotroneo\Saml2\Events\Saml2LoginEvent;
use App\User;
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;

class SAML2ServiceProvider extends ServiceProvider
{
    /**
     * Register services.
     *
     * @return void
     */

    protected $namespace = 'App\Http\Controllers';

    public const HOME = '/home';

    public function register()
    {
        //
    }

    /**
     * Bootstrap services.
     *
     * @return void
     */
    public function boot()
    {
        Event::listen('Aacotroneo\Saml2\Events\Saml2LoginEvent', function (Saml2LoginEvent $event) {

            // dd($event);
            // $messageId = $event->getSaml2Auth()->getLastMessageId();
            // Add your own code preventing reuse of a $messageId to stop replay attacks

            $user = $event->getSaml2User();
            // $userData = [
            //     'id' => $user->getUserId(),
            //     'attributes' => $user->getAttributes(),
            //     'assertion' => $user->getRawSamlAssertion()
            // ];

            // dd($userData);
            $inputs = [
                'sso_user_id'  => $user->getUserId(),
                'username'     => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name'),
                'email'        => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'),
                'first_name'   => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname'),
                'last_name'    => $user->getAttribute('http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname'),
                'password'     => Hash::make('anything'),
             ];

            //  dd($inputs['email'][0]);

            $user = User::where('email', $inputs['email'][0])->first();
            // dd($user->id);

            if(!$user){
               return view ('404');
            }else{
                Auth::loginUsingId($user->id);
                session()->regenerate();
            }

        });
    }
}

How do I get azure ad auth up and running?

You could refer to this link to configure your web app to use Azure AD login.

Note: In step 4, I recommend you to create a new AD App(app registration), not select an existing app, when using the first one, azure will help you configure some settings automatically, it can save unnecessary trouble.

---

Related Topics