Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

SSO with Laravel Passport

Tags:

laravel

oauth-2.0

laravel-5

saml-2.0

simplesamlphp

I'm thinking to develop a full-fledged Identity System in Laravel 5 with Passport.

Following is my requirement:

  1. I should have main identity management app like identity.mysite.com where all of my users are stored.
  2. I have 2 other applications APP1, APP2.
  3. When user request restricted resource on APP1, (s)he should get authenticated by identity.mysite.com
  4. Once authenticated, let user access resources on APP1
  5. Meantime, if user decided to access restricted resources on APP2, (s)he should not be asked to put credentials again.

Things I've tried:

  1. simpleSAMLphp - SAML is an option which does these things for me. But it is not as mature as OneLogin and I'm not thinking to go in SaaS model at this stage unless it is necessity.
  2. Laravel Passport - oAuth 2.0 seems tempting. I can even use, Passport Grant Tokens but I'm unsure on how reliable it is over SAML. Also, Laravel Passport is being widely used to authenticate API. Is it going to be useful while authenticating traditional session based apps? I haven't seen any example where the proper SSO is implemented with more than one application and laravel passport.

I know OAuth 2.0 is not an authentication protocol. Rather it uses something called Authorization but we probably can make it work to support Authentication protocol as mentioned here. Is it something, that Laravel passport supports?

like image 240
Sahil Purav Avatar asked Mar 05 '17 13:03

Sahil Purav

People also ask

How secure is laravel Passport?

Is Laravel Passport secure? Laravel Passport is an OAuth 2.0 server implementation for stateless authentication. OAuth 2.0 is the most recent OAuth protocol, and yes, it is secure.

Is laravel Passport JWT?

Laravel JWT authentication vs.Passport uses JWT authentication as standard but also implements full OAuth 2.0 authorization. OAuth allows authorization from third-party applications like Google, GitHub, and Facebook, but not every app requires this feature.

Can I use laravel Passport with Lumen?

Laravel Passport does not work out of the box with Lumen. If you don't want to do these steps just to make it work then maybe you should consider using a composer package.

1 Answers

This is what I call a resource oriented approach where all the clients(app1, app2...) want to know weather requesting user is authorized to access the resource or not...

Here we need to shift all the authenticating logic to oauth and make all our requesting apps dependent on OAuth. This way if user request app to access resources then if:

  1. Token is present then app will request oauth server to validate given token and if found true then app will provide access to user.

  2. If token is not present then you can solve it by asking for credential and app will transfer user data to oAuth server and validate it respond with the token.

As per my experience I use to implement this approach and I think Laravel Passport is an abstraction layer over top of your authenticating system. You can mold it however you need. There are few more enhancement and advancement can be done but this would work as a basic layer over top of your SSO.

like image 75
Mohammed Mudasir Avatar answered Oct 05 '22 16:10

Mohammed Mudasir
Sign in to Comment

Related questions

Respond with status code 401 on authentication failure using Laravel and Passport?
What is meant by whereRaw in PHP Laravel framework
Laravel excel maatwebsite 3.1 import, date column in excel cell returns as unknown format number. How to solve this?
Laravel 4 how to listen to a model event?
Laravel 4 : Best Practice to Trim Input before Validation
Laravel 5: laravel.log could not be opened: Permission Denied
Laravel 5 make:controller creating controller in app folder instead of controller folder
Order By before Group By using Eloquent (Laravel)
Prevent redirect to homepage after invalid in Laravel
Just installed Lumen and got NotFoundHttpException
Laravel is not defined
How do I run PHPUnit in Laravel from my Windows Command prompt
Create comma separated list from array in laravel/blade?
Laravel Passport Route [login] not defined
PHP AWS ElastiCache Connection Failure
Using laravel websockets package in docker environment
Implement Payum/Laravel recurring payment
Composer uses own Symfony path in docker (loading old files)
Angular2 + Laravel with Real time & WebSockets
Laravel 5 Multi-Tenancy App with separate databases - users have access to multiple installations

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!