Skip to content

Latest commit

 

History

History
129 lines (100 loc) · 4.94 KB

README.md

File metadata and controls

129 lines (100 loc) · 4.94 KB

License CI - Analysis CI - Sylius Version Total Downloads

Synolia SyliusAdminOauthPlugin

Add OAuth authentication for Sylius admin panel

Features

  • Allow your admin users to subscribe and sign in with OAuth providers :
    • Google
    • Microsoft
  • Allow domain connexion management.

Requirements

Version
PHP ^8.1
Sylius ^1.10

Installation

  1. Add the bundle and dependencies in your composer.json :

    $ composer require synolia/sylius-admin-oauth-plugin
  2. Write your Google and/or Microsoft client Id and client secret in you .env file with those keys :

    SYNOLIA_ADMIN_OAUTH_GOOGLE_CLIENT_ID=
    SYNOLIA_ADMIN_OAUTH_GOOGLE_CLIENT_SECRET=
    
    SYNOLIA_ADMIN_OAUTH_MICROSOFT_CLIENT_ID=
    SYNOLIA_ADMIN_OAUTH_MICROSOFT_CLIENT_SECRET=
  3. In your security.yaml, add the OAuth authenticator in your admin firewall and put access_control paths you need depending on wich provider you use. They must be on top of the others :

    security:
      enable_authenticator_manager: true
      firewalls:
        admin:
            custom_authenticators:
                - Synolia\SyliusAdminOauthPlugin\Security\Authenticator\OauthAuthenticator
    
      access_control:
        - { path: "%sylius.security.admin_regex%/connect/google",       role: PUBLIC_ACCESS, requires_channel: https }
        - { path: "%sylius.security.admin_regex%/connect/google/check", role: PUBLIC_ACCESS, requires_channel: https }
    
        - { path: "%sylius.security.admin_regex%/connect/microsoft",       role: PUBLIC_ACCESS, requires_channel: https }
        - { path: "%sylius.security.admin_regex%/connect/microsoft/check", role: PUBLIC_ACCESS, requires_channel: https }
  4. Create a config/routes/synolia_oauth.yaml to configure plugin's routes and to prefix them with 'admin':

     synolia_oauth:
         resource: '@SynoliaSyliusAdminOauthPlugin/config/routes.yaml'
         prefix: '/%sylius_admin.path_name%'
  5. Create a config/packages/synolia_oauth_config.yaml to import all required configs :

    imports:
      - { resource: "@SynoliaSyliusAdminOauthPlugin/config/app.yaml" }
  6. Add this trait to your App\Entity\User\AdminUser.php

    use Doctrine\ORM\Mapping as ORM;
    use Sylius\Component\Core\Model\AdminUser as BaseAdminUser;
    use Synolia\SyliusAdminOauthPlugin\Entity\User\CustomAdminUserTrait;
    
    class AdminUser extends BaseAdminUser
    {
         use CustomAdminUserTrait;
    }
  7. Apply migrations to your database:

     php bin/console doctrine:migrations:migrate
  8. After the first installation, no domain is configured so you have to add one to be able to connect with OAuth. If you allready have admin users, add one through the administration panel and authorize it. You can access it through OAuth domain administration section in the menu.

Don't forget to add your Allowed redirect URIs in Google cloud console or Azure Active Directory ! Full documentation here :

You can now connect to your accounts with OAuth in the admin login pannel !

Troubleshootings

  • Error 'TOO_MANY_REDIRECT' : add these two lines
    • services.yaml:
      parameters:
        router.request_context.scheme: 'https'
    • framework.yaml:
    framework:
      trusted_proxies: '127.0.0.1,REMOTE_ADDR'
  • If you don't see your oauth connexion button, verify your .env variables where your client_id and client_secret are specified
  • If you have "Impossible to connect, try again" message, don't forget to configure your authorized domains in back-office.

Development

See How to contribute.

License

This library is under the EUPL-1.2 license.

Credits

Developed by Synolia.