Enabling 1.0.3 plugin

[delahappy]

I have followed the installation instructions and set the auth driver to shibboleth.

I laravel is still trying to redirect to auth/login using the Authentication middleware. Is my route wrong? Any suggestion about how to resolve this?

Route::get('/video', ['middleware' => 'auth', 'uses' => 'VideoController@getVideos']);

[cjmaio]

Are you including the Authorization: Bearer <token> header?

Once you authenticate properly, you should be redirected to the route specified in shibboleth_authenticated in your config, with the token appended as a query string.

[delahappy]

I am not even getting redirected to the IDP.

On Wednesday, July 22, 2015, Christopher Maio notifications@github.com wrote:

Are you including the Authorization: Bearer header?

Once you authenticate properly, you should be redirected to the route specified in shibboleth_authenticated in your config, with the token appended as a query string.

— Reply to this email directly or view it on GitHub https://github.com/StudentAffairsUWM/Laravel-Shibboleth-Service-Provider/issues/15#issuecomment-123937901 .

[delahappy]

I have tried creating a brand new project without adding any code to it. Then I followed the steps here:

Laravel-Shibboleth-Servic-Provider

I also added in a shibb line in the .httaccess:

RewriteCond %{REQUEST_URI} !^/Shibboleth.sso($|/)

And then I tried to protect the welcome page:

Route::group(['middleware' => 'auth'], function(){
    Route::get('/', function () {
        return view('welcome');
    });
});

Here is the stack trace I am getting:

https://localhost/auth/login

NotFoundHttpException in RouteCollection.php line 143: in RouteCollection.php line 143 at RouteCollection->match(object(Request)) in Router.php line 746 at Router->findRoute(object(Request)) in Router.php line 655 at Router->dispatchToRoute(object(Request)) in Router.php line 631 at Router->dispatch(object(Request)) in Kernel.php line 237 at Kernel->Illuminate\Foundation\Http{closure}(object(Request)) at call_user_func(object(Closure), object(Request)) in Pipeline.php line 139 at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in VerifyCsrfToken.php line 50 at VerifyCsrfToken->handle(object(Request), object(Closure)) at call_user_func_array(array(object(VerifyCsrfToken), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124 at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in ShareErrorsFromSession.php line 54 at ShareErrorsFromSession->handle(object(Request), object(Closure)) at call_user_func_array(array(object(ShareErrorsFromSession), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124 at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in StartSession.php line 62 at StartSession->handle(object(Request), object(Closure)) at call_user_func_array(array(object(StartSession), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124 at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in AddQueuedCookiesToResponse.php line 37 at AddQueuedCookiesToResponse->handle(object(Request), object(Closure)) at call_user_func_array(array(object(AddQueuedCookiesToResponse), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124 at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in EncryptCookies.php line 59 at EncryptCookies->handle(object(Request), object(Closure)) at call_user_func_array(array(object(EncryptCookies), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124 at Pipeline->Illuminate\Pipeline{closure}(object(Request)) in CheckForMaintenanceMode.php line 42 at CheckForMaintenanceMode->handle(object(Request), object(Closure)) at call_user_func_array(array(object(CheckForMaintenanceMode), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 124 at Pipeline->Illuminate\Pipeline{closure}(object(Request)) at call_user_func(object(Closure), object(Request)) in Pipeline.php line 103 at Pipeline->then(object(Closure)) in Kernel.php line 123 at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 88 at Kernel->handle(object(Request)) in index.php line 54

[cjmaio]

Could we see your routes.php file? The /auth/login route isn't part of this plugin, and that's the one that seems to be missing.

[delahappy]

This is my whole routes file.

<?php

/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::group(['middleware' => 'auth'], function(){
    Route::get('/', function () {
        return view('welcome');
    });
});

I was thinking the /auth/login was the default behavior of laravel which would indicate the shibboleth service provider isn't being recognized.

[cjmaio]

Did you change the authentication driver to shibboleth? If so, you do not want to use the Laravel authentication routes.

Point to /login instead.

[cjmaio]

The middleware should be set to jwt.auth my apologies.

[delahappy]

I did set the driver to shibboleth.

I updated the middleware to jwt.auth as you suggested but then I got this error: Class jwt.auth does not exist

Also, I have emulated set to false.

[cjmaio]

You'll need to install jwt-auth which basically is...

Adding the following to your composer.json

"require": {
    "mrclay/shibalike": "1.0.0",
    "saitswebuwm/shibboleth": "1.0.3",
    "tymon/jwt-auth": "0.5.*"
}

Add to providers:

'Tymon\JWTAuth\Providers\JWTAuthServiceProvider',

Add to aliases:

 'JWTAuth'   => 'Tymon\JWTAuth\Facades\JWTAuth',

[tdhsmith]

As part of the jwt-auth install process, you'll also need to put that middleware into the list in your app/Http/Kernel.php (from the jwt-auth wiki):

protected $routeMiddleware = [
    ...
    'jwt.auth' => 'Tymon\JWTAuth\Middleware\GetUserFromToken',
    'jwt.refresh' => 'Tymon\JWTAuth\Middleware\RefreshToken',
];

[delahappy]

Ok, I have done everything suggested but it seems I have an issue with jwt now. I changed my routes just a bit so I could see if it is just the protected route or all routes but all routes are throwing this error:

{"error":"token_not_provided"}

Here is my new routes file:

<?php

/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::group(['middleware' => 'jwt.auth'], function(){
    Route::get('/', function () {
        return view('secure');
    });
});
Route::get('/', function () {
    return view('welcome');
});

[cjmaio]

Both of your routes are the same.

To test, try switching your bottom route to /unsecured and the middleware route to /secured

[cjmaio]

I'm referring to the path for your routes.

Both routes are '/'

[delahappy]

I did what you suggested and I still get the token_not_provided error.

<?php

/*
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the controller to call when that URI is requested.
|
*/
Route::group(['middleware' => 'jwt.auth'], function(){
    Route::get('/secure', function () {
        return view('secure');
    });
});
Route::get('/', function () {
    return view('welcome');
});

Yes, I realized what you were saying after I added that comment.

[cjmaio]

You still get token_not_provided when visiting the unsecured route? You don't have the middleware set within your controller's __construct() function, right?

[delahappy]

Yes I got the same message.

In this case, I am using a closure and not a controller.

[cjmaio]

Right, not sure why I asked that when I saw the closures.

Hm. What happens if you comment out the jwt.auth middleware grouip?

[delahappy]

If I just removed the middleware, it still gives that error.

If I remove the middleware and remove the suggestion made earlier in the Kernel.php file, the pages work fine.

If I have one secure (using middleware) and one non secure route without the Kernel.php changes, the non secure works but the secure complains that jwt.auth does not exist.

[tdhsmith]

In Kernel.php you set the JWT auth middleware in $routeMiddleware, right? If you set it in $middleware it runs globally...

[delahappy]

Mmm, I had it in $middleware. Now the non protected route works but /secure gives the token_not_provided error.

[cjmaio]

Which makes sense. Once you login, you'll be given a token as a query string which you can pass in with an Authorization header.

[delahappy]

But shouldn't that middleware redirect me to the IDP?

[cjmaio]

No, that's up to the front end. This was designed more for an API rather than developing your application's front end in Laravel.

I'd welcome a PR to allow for both functionality :smile:

[delahappy]

Ok, I thought this version would work similarly to the version which supports Laravel 4.

[cjmaio]

Not currently unfortunately. This really follows the needs of what we need it for at UWM. Though, with that said, I do want to restore the old functionality as well. It's just getting time to do it.

[cjmaio]

I'm going to close this task - we will be no longer supporting Laravel 4, but we will be adding this functionality in a future release, so you will be able to choose between session-based and token-based authentication.