Greetings,
I registered the listener "SAMLLoginListener", and I am sure the handle function is called, when it returns from idp. But Auth::login does nothing there:
public function handle(Saml2LoginEvent $event)
{
$messageId = $event->getSaml2Auth()->getLastMessageId();
// your own code preventing reuse of a $messageId to stop replay attacks
$user = $event->getSaml2User();
$u = User::where('email', $user->getUserId() )->first();
if (empty($u)) {
return redirect()->route('unexpected');
}
// Now we can login the user
Auth::login($u);
}
If I run the same code in an ordinary web guard route, it logins the user. All I change is giving an existing user's email address:
$u = User::where('email', 'me@example.com' )->first();
So what I am missing in the SAMLLoginListener, which prevents Auth::login to run successfully?
thanks
Greetings, I registered the listener "SAMLLoginListener", and I am sure the handle function is called, when it returns from idp. But Auth::login does nothing there: public function handle(Saml2LoginEvent $event) { $messageId = $event->getSaml2Auth()->getLastMessageId(); // your own code preventing reuse of a $messageId to stop replay attacks $user = $event->getSaml2User(); $u = User::where('email', $user->getUserId() )->first(); if (empty($u)) { return redirect()->route('unexpected'); } // Now we can login the user Auth::login($u); } If I run the same code in an ordinary web guard route, it logins the user. All I change is giving an existing user's email address: $u = User::where('email', 'me@example.com' )->first(); So what I am missing in the SAMLLoginListener, which prevents Auth::login to run successfully? thanks