This documentation outlines the steps required to integrate ‘Login with Martvill’ Single Sign-On (SSO) into your project.

1. Configuration

Open the config/auth.php file in your project and add the following lines at the bottom:

  // SSO credentials
  'client_id' => env("SSO_CLIENT_ID"),
  'client_secret' => env("SSO_CLIENT_SECRET"),
  'callback' => env("SSO_CLIENT_CALLBACK"),
  'sso_host' => env("SSO_HOST")

Obtain SSO Client Credentials:

  • Log in to your Martvill website using admin credentials.
  • Navigate to Admin panel -> Configuration -> Accounts -> SSO Client.
  • Create a new client by clicking on Add Client and provide your app name and redirect URL (e.g., https://www.artifism.com/login/martvill/callback).
  • Click on the Create button to generate your client_id, client_secret, and redirect URL.
  • Note: The redirect URL is your SSO_CLIENT_CALLBACK.

2. Environment Configuration

Open the .env file in the root directory of your project and add the following lines:

  SSO_CLIENT_ID="your_client_id"
  SSO_CLIENT_SECRET="your_client_secret"
  SSO_CLIENT_CALLBACK="your_redirect_url"
  SSO_HOST="your_host"

Example:

  SSO_CLIENT_ID="3"
  SSO_CLIENT_SECRET="HJPqBe8kre8G3o1o2RX7WLl0Xbt5xPC3oKGAl3hP"
  SSO_CLIENT_CALLBACK="http://artifism/login/martvill/callback"
  SSO_HOST="http://martvill"

3. Routing

Open the routes/web.php file and add the following routes:

  Route::get("login/martvill", 'LoginController@redirectToMartvill')->name("login.martvill");
  Route::get("login/martvill/callback", 'LoginController@handelMartvillCallback')->name("login.martvill.callback");
  • You can modify the controller name, method, and route name as necessary.

4. Login Controller

In your LoginController, add the following method:

    public function handelMartvillCallback(Request $request)
    {
        try {
            $state = $request->session()->pull("state");

            throw_unless(strlen($state) > 0 && $state == $request->state, InvalidArgumentException::class);

            $response = Http::asForm()->post(
                config("auth.sso_host") .  "/oauth/token",
                [
                    "grant_type" => "authorization_code",
                    "client_id" => config("auth.client_id"),
                    "client_secret" => config("auth.client_secret"),
                    "redirect_uri" => config("auth.callback") ,
                    "code" => $request->code
                ]
            )->json();
            
            if (isset($response['error'])) {
                throw new InvalidArgumentException($response['error_description']);
            }
            
            $request->session()->put($response);
            
            $access_token = $request->session()->get("access_token");
            $response = Http::withHeaders([
                "Accept" => "application/json",
                "Authorization" => "Bearer " . $access_token
            ])->get(config("auth.sso_host") .  "/api/user");
            
            $user = json_decode(json_encode($response->json()), FALSE);
            
            if ($user) {
                // In this $user variable you will get id, name, email, and avatar
                // now create a method and store or login the user with this information
                // $this->registerOrLoginUser($user, 'Martvill');
            }
        } catch (InvalidArgumentException $th) {
            $this->setSessionValue(['status' => 'fail', 'message' => __('Authorization Denied')]);
        } catch (\Exception $e) {
            $this->setSessionValue(['status' => 'fail', 'message' => $e->getMessage()]);
        }

        return redirect()->route('login');
    }

5. Login Form

In your login form, create a button to login with Martvill:

  <a href="{{ route('login.martvill') }}">{{ __('Continue with Martvill')}}</a>

By following these steps, you can integrate ‘Login with Martvill’ SSO into your project. If you encounter any issues, ensure that all configurations are correctly set and the necessary routes and methods are properly defined.

Leave a Reply

Your email address will not be published. Required fields are marked *