search

StudentAffairsUWM / Laravel-Shibboleth-Service-Provider

Shibboleth Authentication for Laravel
https://packagist.org/packages/saitswebuwm/shibboleth
30 stars 37 forks source link

Auth() always NULL #29

Closed johlton closed 7 years ago

johlton commented 7 years ago

Running Laravel 5.4, I can successfully login with Testshib.org with your Laravel package (which is absolutely fantastic work btw) and when I var_dump the $_SERVER vars, the returning values are there:

["HTTP_ENTITLEMENT"] => string(41) "urn:mace:dir:entitlement:common-lib-terms"
["HTTP_UNSCOPED_AFFILIATION"] => string(5) "Staff"
["HTTP_AFFILIATION"] => string(18) "Staff@testshib.org"
["HTTP_EPPN"] => string(21) "superego@testshib.org"

I went through the issues (especially https://github.com/StudentAffairsUWM/Laravel-Shibboleth-Service-Provider/issues/5 was interesting, although its a bit dated and the configuration changed in the meantime).

How would it be possible to create the actual Auth User object with the values returning from the IdP? I'd like to keep all my Auth::check()'s so that would be great.

Update: Right now, I'm examining the ShibbolethController's idpAuthorize() and getServerVariable() methods which often just return NULL after coming back from the IdP ...

Thanks in advance!

johlton commented 7 years ago

Hi,

sorry to reopen this. After examing ShibbolethController.php, I still have a problem with the authentication and maybe you guys could help me out:

Using Laravel 5.4 with "saitswebuwm/shibboleth" in version 1.1.

Testing with Testshib.org I am able to retrieve the user data from the IdP and it gets written to the database. I had to replace "extend" with "provider" in the register() method of the ShibbolethServiceProvider.php though:

$this->app['auth']->provider('shibboleth', function ($app) {
    return new Providers\ShibbolethUserProvider($this->app['config']['auth.model']);
});

Then I moved on and since I'm not that happy with the JWT Auth I decided to remove it from the method idpAuthorize(). So when I do:

var_dump(auth()->user())

in the Shibboleth Controller within the Auth::attempt statement I get the Auth object with the data.

But here's the thing: it is not persistent. When I try to var_dump again in the croute callback the result is NULL.

My config/auth.php:

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
],

[...]

'providers' => [
    'users' => [
        'driver' => 'shibboleth',
        'model' => App\User::class,
    ],
],

I put my routes under the "web" middleware:

Route::group(['middleware' => 'web'], function () {
   Route::get('/', function () {

        // Just has the '_token' value
        var_dump(session()->all());

        // Is NULL :(         
        var_dump(auth()->user());
    });
}

So, my question is: How to solve this and make the auth work? Its probably not even a problem with your great library but I never encountered this problem before in any of my "regular" Laravel apps.

any ideas? Best regards from Berlin!

Fabian

jpuck commented 7 years ago

@johlton there were a number of fixes to get this up to date with 5.4, see #25 and you might also be interested in my substantially overhauled long term fork https://github.com/razorbacks/laravel-shibboleth

johlton commented 7 years ago

@jpuck Hi Jeff, thanks for pointing that out. I love your fork and it's working now. PS: In the end it was a problem with my session config file.