single sign on in laravel using simplesamlphp use custom sql query for login

30 Apr

We can use custom query to authenticate user in single sign on. Here i show you how you can authenticate single sign on user in laravel with laravel authenticate.

If you want install single sign on in laravel you can read this url.
https://github.com/aacotroneo/laravel-saml2

Step 1:
goto modules/sqlauth directory. and enable sqlauth module.
there should be file named default-disable. change its name to default-enable. thus the sqlauth module will be enable.

Step 2:
open file config/authsources.php
Find the code

'default-sp' => array(

and add below line in the array


'example-sql' => array(
'sqlauth:SQL',
'dsn' => 'mysql:host=localhost;port=3306;dbname=your_dbname',
'username' => 'database_user',
'password' => 'databse_pass',
'query' => 'SELECT id, name, email, password FROM users WHERE email = :username',
),

You can modify query according to your table and fields.

Step 3:
Now open file
modules/sqlauth/lib/Auth/Source/SQL.php

Change the login function as below


/**
* Attempt to log in using the given username and password.
*
* On a successful login, this function should return the users attributes. On failure,
* it should throw an exception. If the error was caused by the user entering the wrong
* username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown.
*
* Note that both the username and the password are UTF-8 encoded.
*
* @param string $username The username the user wrote.
* @param string $password The password the user wrote.
* @return array Associative array with the users attributes.
*/
protected function login($username, $password)
{

assert(is_string($username));
assert(is_string($password));

$db = $this->connect();

try {
$sth = $db->prepare($this->query);
} catch (PDOException $e) {
throw new Exception('sqlauth:' . $this->authId .
': - Failed to prepare query: ' . $e->getMessage());
}

try {
$sth->execute(array('username' => $username));
} catch (PDOException $e) {
throw new Exception('sqlauth:' . $this->authId .
': - Failed to execute query: ' . $e->getMessage());
}

try {
$data = $sth->fetchAll(PDO::FETCH_ASSOC);
$usr_password = $data[0]['password'];
$result = password_verify($password, $usr_password);

} catch (PDOException $e) {
throw new Exception('sqlauth:' . $this->authId .
': - Failed to fetch result set: ' . $e->getMessage());
}

SimpleSAML\Logger::info('sqlauth:' . $this->authId . ': Got ' . count($data) . ' rows from database');

if (count($data) === 0) {
/* No rows returned - invalid username/password. */
SimpleSAML\Logger::error('sqlauth:' . $this->authId .
': No rows in result set. Probably wrong username/password.');
throw new SimpleSAML_Error_Error('WRONGUSERPASS');

}else if(!$result) {
/* No rows returned - invalid username/password. */
SimpleSAML\Logger::error('sqlauth:' . $this->authId .
': No rows in result set. Probably wrong username/password.');
throw new SimpleSAML_Error_Error('WRONGUSERPASS');
}

/* Extract attributes. We allow the resultset to consist of multiple rows. Attributes
* which are present in more than one row will become multivalued. null values and
* duplicate values will be skipped. All values will be converted to strings.
*/
$attributes = array();
foreach ($data as $row) {
foreach ($row as $name => $value) {

if ($value === null) {
continue;
}

$value = (string)$value;

if (!array_key_exists($name, $attributes)) {
$attributes[$name] = array();
}

if (in_array($value, $attributes[$name], true)) {
/* Value already exists in attribute. */
continue;
}

$attributes[$name][] = $value;
}
}

SimpleSAML\Logger::info('sqlauth:' . $this->authId . ': Attributes: ' .
implode(',', array_keys($attributes)));

return $attributes;
}

Leave a Reply

Your email address will not be published. Required fields are marked *

9 − 5 =