I started using Laravel about 6 months ago. I am using Laravel-5.8 for my web application. The application is multiple company. Some of the users have their details in AZURE AD while others have theirs in the database. Already I have done the database authentication, where users can login based on the database details.
How do I make users login with Azure AD? I have never done this before.
Thanks
I am not from Laravel backround but I think general idea is to register an application in Azure AD, where you will specify the redirect/reply URL. The App registration will provide you with App client id and secret that you will further use to implement OAuth 2.0.
Related
I have a laravel 7 website that's mainly used as a membership program for some companies.
A new feature demands that users from those companies may login in my site with their account (account of my site) through a request generated on their company side.
Each app has its own DB. In my DB I keep track from which app each user is.
What would be a secure approach to accomplish this feature?
You could implement an API using either Laravel Passport or Laravel Sanctum for authentication, depending on your use-case/preference.
Here are a couple of boilerplate projects that you can take a look at for reference:
Passport: https://github.com/pktharindu/nuxt-laravel-passport-example
Sanctum: https://github.com/pktharindu/laravel-api-boilerplate
You'll of course need to do some customizations to keep track of where the user is coming from.
I'm a newbie in web development. Currently, I've learnt laravel framework and be researching about passport and socialite. I'm being stuck that after logging in the application successfully by their Facebook account how users get the access token for subsequent requests.
This has been implemented using Laravel Socialite. You can follow each step to implement Laravel Socialite.
You will get the information on how to create Secret Key & Access Key for social login.
https://github.com/jd-patel/laravel-social-login
We have single page app (Angular front end and .NET Core Web API) using Azure AD for authentication. Both front end and and Web API are registered in the same tenant and WebUI has permissions to call the Web API. This Web API uses a few other internal Web API's as well.
We have a new requirement in the app to allow access to certain areas of the app to external users who need to register first. So now the app need to authenticate both existing AD Users plus external users.
My question is if this is possible in a single application? And if yes what is the recommended approach for authenticating both corporate and external users?
As you need to use register feature, you will need to use Azure AD B2C, and it supports multi providers for a valid user flow.
For example, if you want azure ad users and external users to use your application. You can choose OpenID Connect(Azure AD) and Local Account(or other social accounts). In the login page, users can choose to sign up or use Azure AD account to login directly.
Steps:
Just keep your Wep Apps and api apps in the existing tenant. You need to create a Azure AD B2C tenant, create a user sign up/in flow, configure the providers for the user flow.
Reference:
Create B2C tenant
Create user flow
Add identity providers
Configure your original Azure AD application to the identity provider
I'm developing a mobile app + SPA using Laravel as a web service. I'm not sure which grant flow will be good for this. I would avoid any third party login like facebook, google, etc. Id'like to handle user login simply with email and password. I want user to login only once on mobile app.
I had gone through some articles. I'm very confused. I found out 2 flows which might work here. 1st is implicit Grant & 2nd one is password grant.
If SPA is built inside your Laravel project you can handle user login simply with standard laravel authorization method.
For external use (mobile app or external SPA) you should authenticate users with API.
Laravel Passport mainly offers two way to handle this.
Personal Access Token
Fresh API Token
I suggest using the second one cause is the "Standard way" to consuming your web app with a nonsecure source.
I am trying to make a mobile app in React-Native and Server in Spring-Boot which have a OAuth2 implemented API endpoints.
My question is how can I integrate Social Logins into my React-Native app which in save a user in my user table. apart from Social login I am using naive register/login flow which require username/password to provide access token from OAuth2 Server. How can I do the same with Just Social Login without prompting user any password or other extra information.
any general solution for this will help regardless of tech I am using.
Thanks
Usually when using social networks to login/sign up you'll get a token returned in your app which you can send via your REST API and on your backend it can then retrieve the users information from the social platform used depending on the granted scopes(e-mail, username, etc...) and store the retrieved values in the database.
Thats basically how it works in general, but if you want to have more information you probably still need to share some more info about your tech used.
Hopefully that helped you out ;)