sumocoders/oauth-bundle

There is no license information available for the latest version (v1.1.2) of this package.

Installs: 372

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 3

Forks: 0

Open Issues: 0

Type:symfony-bundle

v1.1.2 2024-04-30 09:02 UTC

This package is auto-updated.

Last update: 2024-12-10 10:02:29 UTC


README

  • Go to Azure Portal
  • Search for "App registrations"
  • Click "New registration"
  • Click "Certificates & Secrets"
  • Click "New client secret"
    • Description: the url of the webapplication
    • Expires: 12 months
  • Note down:
    • Application (client) ID
    • Directory (tenant) ID
    • Client secret Value
    • Client secret ID

Full article: Register a Microsoft Entra app and create a service principal

Allow the application to be used

When this is done, you still need to allow the users to use this application:

  • Go to Azure Portal
  • Search for "App registrations"
  • Select the newly created application
  • Select "Security → Permisions" on the left
  • Click "Granty admin consent for ..."

Full article: Grant tenant-wide admin consent to an application

Configure the roles

  • Go to the Azure Portal
  • Search for "App registrations"
  • Select your created application
  • Click "Manage → App roles" on the left.
  • Create a role for each role in your application
  • The field value should match the role defined in your application

Full article: Add app roles to your application and receive them in the token

Give users a role

  • Go to the Azure Portal
  • Search for "Microsoft Entra ID"
  • Click "Enterprise applications" on the left
  • Select your created application
  • Select "Users and groups" on the left.
  • Add user/groups with the correct role

Full article: Assign users and groups to roles

Configure the application

Add the needed bundles to your bundles.php file

return [
    ...,
    KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
    SumoCoders\OAuthBundle\SumoCodersOAuthBundle::class => ['all' => true],
];

Update your security.yml file to mirror the following config

security:
    enable_authenticator_manager: true
    providers:
        app_user_provider:
            entity:
            class: SumoCoders\OAuthBundle\Entity\User
            property: externalId
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            lazy: true
            provider: app_user_provider
            custom_authenticators:
                - SumoCoders\OAuthBundle\Security\AzureAuthenticator
            logout:
                path: logout
                target: home #Your home page

Add the following ENV variables to your .env file

AZURE_CLIENT_ID= #Your client id
AZURE_CLIENT_SECRET= #Your client secret
AZURE_TENANT_ID= #Your tenant id

Configure the routes

Add the following routes to your routes.yaml file

oauth_bundle:
    resource: '@SumoCodersOAuthBundle/config/routes.yaml'
    prefix: /