diff --git a/README.md b/README.md index 90e83a9..59acb3f 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,8 @@ Also known as X.509 client authentication. 3. This package allows `Admin` to use your app without ever logging in. 4. All users including `Admin` can still use plain password auth. +> __Pro tip__: you can also [use any other certificate attributes](https://github.com/ingria/laravel-x509-auth/wiki/Using-other-cert-attributes) for authentication, not only `emailAddress` (like `id` or `username`). I don't think you need this package in that case, but anyway 🤷. + ## Prerequisites Please don't blindly copy-paste the commands. It's important for you to know what you're doing. diff --git a/src/Middleware/AuthenticateWithClientCertificate.php b/src/Middleware/AuthenticateWithClientCertificate.php index 6b7f59f..e739209 100644 --- a/src/Middleware/AuthenticateWithClientCertificate.php +++ b/src/Middleware/AuthenticateWithClientCertificate.php @@ -50,7 +50,7 @@ public function handle($request, Closure $next, $guard = null) /** If the certificate is valid, log in and remember the user: */ if ($request->server('SSL_CLIENT_VERIFY') === 'SUCCESS') { - $this->auth->guard($guard)->login(self::getUserFromCert($request), true); + $this->auth->guard($guard)->login(static::getUserFromCert($request), true); return $next($request); } @@ -65,7 +65,7 @@ public function handle($request, Closure $next, $guard = null) * @param Request $request * @return App\User */ - private static function getUserFromCert(Request $request) + protected static function getUserFromCert(Request $request) { /** * Probably misconfigured Nginx: @@ -90,7 +90,7 @@ private static function getUserFromCert(Request $request) * @param string $subject * @return string */ - private static function getEmailFromDn(string $subject): string + protected static function getEmailFromDn(string $subject): string { preg_match('/emailAddress=([\w\+]+@[a-z\-\d]+\.[a-z\-\.\d]{2,})/i', $subject, $match);