README

1. Run composer require shawinigan/sso to include this in your project.
2. Run php artisan vendor:publish --provider="Shawinigan\Sso\LaravelAzureProvisioning\AzureProvisioningProvider".
3. Run php artisan vendor:publish --provider="Shawinigan\Sso\LaravelAzureSocialite\AzureSocialiteServiceProvider".
4. Run npm install
5. Run npm run build
6. Run npm run dev
7. Run php artisan migrate

Configuration (Laravel)

1. Open config/azureprovisioning.php to adjust the packages configuration

   If the file doesn't exist, ensure you have ran php artisan vendor:publish --provider="Shawinigan\Sso\LaravelAzureProvisioning\AzureProvisioningProvider".

2. Modify the configuration as required. All fields are commented and should provide enough description for how they change the way this package works.

3. If you do not wish to provision Groups you can entirely remove (or comment) the Groups key.

4. Open config/shawi-sso.php to adjust the packages configuration

5. Add configuration to config/services.php

'azure' => [    
  'client_id' => env('AZURE_CLIENT_ID'),
  'client_secret' => env('AZURE_CLIENT_SECRET'),
  'redirect' => env('AZURE_REDIRECT_URI'),
  'tenant' => env('AZURE_TENANT_ID'),
  'proxy' => env('PROXY')  // optionally
],

1. Add provider event listener

Configure the package's listener to listen for SocialiteWasCalled events.

Add the event to your listen[] array in app/Providers/EventServiceProvider. See the Base Installation Guide for detailed instructions.

protected $listen = [
    \SocialiteProviders\Manager\SocialiteWasCalled::class => [
        \Shawinigan\Sso\LaravelAzureSocialite\AzureExtendSocialite::class.'@handle',
    ],
];

1. ###Add the AzureUser trait to the user model

use Shawinigan\Sso\LaravelAzureSocialite\Traits\AzureUser;

class User extends Authenticatable
{
    use HasApiTokens, HasFactory, Notifiable, HasRoles, AzureUser;
7. ### Add fillable and hidden to user model

```php
protected $fillable = [
        'name',
        'email',
        'password',
        'azure_auth_id',
        'azure_access_token',
        'azure_refresh_token',
        'username',
        'avatar',
        'azure_expires_timestamp'
    ];

protected $hidden = [
        'password',
        'remember_token',
        'azure_auth_id',
        'azure_access_token',
        'azure_refresh_token',
        'azure_expires_timestamp'
    ];

Configuration (Azure)

1. Login to Azure Active Directory

2. Select All services > Enterprise applications

3. Select New application

4. Select Create your own application

5. Provide your application's name and select the option "Integrate any other application you don't find in the gallery (Non-gallery)"

6. A) To provision all users/groups

   • On the properties page, ensure the option "User assignment required?" is set to No

--OR--

1. B) To provision select users/groups

   • On the Properties page, ensure the option "User assignment required?" is set to Yes
   • On the Users and groups page, add the users and groups that you wish to provision

2. Navigate to the Provisioning page

3. Set the Provisioning Mode to Automatic

4. In the Admin Credentials section set the Tenant URL to your domain (with https://) followed by /scim/v2.0/ (Or the value you have set in in the routePrefix configuration option). (e.g. https://laravel-azure-provisioning.com/scim/v2.0/)

5. TODO: Provide the secret token generated by ... ?

6. Test the configuration and then save the settings

7. Expand the mapping section and remove any mappings that are not required by your application and add mappings that are missing and required by your application.

8. Save the settings again

Note: If you only want users within set groups to be provisioned, follow the steps in 6 B) and add the groups you require. Only the members of the group will then be provisioned.

This repository is based on : https://github.com/RobTrehy/LaravelAzureProvisioning https://github.com/SocialiteProviders/Microsoft-Azure