This plugin allow your admin users to sign in with SAML providers (Google, Azure, Okta, etc.)
- Add the bundle to your
composer.jsonfile:
composer require gl-events/sylius-admin-saml-plugin
composer require onelogin/php-saml- Write your Identity Provider informations in your
.envfile:
SAML_IDP_ENTITY_ID=
SAML_IDP_SSO_URL=
SAML_IDP_SLO_URL=
SAML_IDP_CERTIFICATE=
SAML_IDENTIFIER_KEY=- Add your SP private key in your
.envfile (you can generate one at your project root withopenssl genpkey -algorithm RSA -out private.key):
SAML_SP_PRIVATE_KEY=- Enable or not the traditionnal sylius admin form login in your
.envfile:
SYLIUS_ADMIN_LOGIN=- Add the plugin class to your
config/bundles.phpfile:
return [
...
GlEvents\SyliusAdminSamlPlugin\GlEventsSyliusAdminSamlPlugin::class => ['all' => true],
];- Add default config
# config/packages/gl_events_saml_admin_plugin.yaml
imports:
- { resource: "@GlEventsSyliusAdminSamlPlugin/Resources/config/config.yaml" }
- Add in your
config/security.yamlfile:
providers:
saml_provider:
id: gl_events.saml_plugin.provider.saml_user
firewalls:
saml:
pattern: ^/saml
stateless: true
custom_authenticator: gl_events.saml_plugin.security.saml_authenticator
main:
lazy: true
provider: saml_provider
access_control:
- { path: "%sylius.security.admin_regex%/saml", role: ROLE_SUPER_ADMIN }
- { path: "%sylius.security.admin_regex%/login/saml", role: PUBLIC_ACCESS }
- { path: "%sylius.security.admin_regex%/login/saml/logout", role: PUBLIC_ACCESS }
- { path: "%sylius.security.admin_regex%/login/saml/acs", role: PUBLIC_ACCESS }
- { path: "%sylius.security.admin_regex%/login/saml/sls", role: PUBLIC_ACCESS }
- { path: "%sylius.security.admin_regex%/login/saml/metadata", role: PUBLIC_ACCESS }
- Add in your
config/routes.yamlfile:
glevents_sylius_admin_saml_plugin:
resource: "@GlEventsSyliusAdminSamlPlugin/Resources/config/routing.yml"You are now ready to go ! 🚀
Developed by GL Events.