https://github.com/synolia/syliusadminoauthplugin

Add OAuth authentication for Sylius admin panel
https://github.com/synolia/syliusadminoauthplugin

oauth oauth2 php sylius sylius-plugin

Last synced: 2 days ago
JSON representation

Add OAuth authentication for Sylius admin panel

• Host: GitHub
• URL: https://github.com/synolia/syliusadminoauthplugin
• Owner: synolia
• License: eupl-1.2
• Created: 2023-05-10T14:01:34.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-01-23T14:15:30.000Z (11 days ago)
• Last Synced: 2025-01-27T19:16:46.206Z (7 days ago)
• Topics: oauth, oauth2, php, sylius, sylius-plugin
• Language: PHP
• Homepage:
• Size: 107 KB
• Stars: 1
• Watchers: 11
• Forks: 1
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Awesome Lists containing this project

README

        
[![License](https://img.shields.io/packagist/l/synolia/sylius-admin-oauth-plugin.svg)](https://github.com/synolia/SyliusAdminOauthPlugin/blob/main/LICENSE)

[![CI - Analysis](https://github.com/synolia/SyliusAdminOAuthPlugin/actions/workflows/analysis.yaml/badge.svg?branch=main)](https://github.com/synolia/SyliusAdminOAuthPlugin/actions/workflows/analysis.yaml)

[![CI - Sylius](https://github.com/synolia/SyliusAdminOAuthPlugin/actions/workflows/sylius.yaml/badge.svg?branch=main)](https://github.com/synolia/SyliusAdminOAuthPlugin/actions/workflows/sylius.yaml)

[![Version](https://img.shields.io/packagist/v/synolia/sylius-admin-oauth-plugin.svg)](https://packagist.org/packages/synolia/sylius-admin-oauth-plugin)

[![Total Downloads](https://poser.pugx.org/synolia/sylius-admin-oauth-plugin/downloads)](https://packagist.org/packages/synolia/sylius-admin-oauth-plugin)



    

        

    



Synolia SyliusAdminOauthPlugin


Add OAuth authentication for Sylius admin panel


## Features

* Allow your admin users to subscribe and sign in with OAuth providers :

    * Google

    * Microsoft

* Allow domain connexion management.

## Requirements

|        | Version |

|:-------|:--------|

| PHP    | ^8.1    |

| Sylius | ^1.10   |

## Installation

1. Add the bundle and dependencies in your composer.json :

    ```shell

    $ composer require synolia/sylius-admin-oauth-plugin

    ```

2. Write your Google and/or Microsoft client Id and client secret in you .env file with those keys :

    ```dotenv

    SYNOLIA_ADMIN_OAUTH_GOOGLE_CLIENT_ID=

    SYNOLIA_ADMIN_OAUTH_GOOGLE_CLIENT_SECRET=

    SYNOLIA_ADMIN_OAUTH_MICROSOFT_CLIENT_ID=

    SYNOLIA_ADMIN_OAUTH_MICROSOFT_CLIENT_SECRET=

    ```

3. In your security.yaml, add the OAuth authenticator in your admin firewall and put access_control paths you need depending on wich provider you use. **They must be on top of the others** :

    ```yaml

    security:

      enable_authenticator_manager: true

      firewalls:

        admin:

            custom_authenticators:

                - Synolia\SyliusAdminOauthPlugin\Security\Authenticator\OauthAuthenticator

    

      access_control:

        - { path: "%sylius.security.admin_regex%/connect/google",       role: PUBLIC_ACCESS, requires_channel: https }

        - { path: "%sylius.security.admin_regex%/connect/google/check", role: PUBLIC_ACCESS, requires_channel: https }

   

        - { path: "%sylius.security.admin_regex%/connect/microsoft",       role: PUBLIC_ACCESS, requires_channel: https }

        - { path: "%sylius.security.admin_regex%/connect/microsoft/check", role: PUBLIC_ACCESS, requires_channel: https }

    ```

4. Create a config/routes/synolia_oauth.yaml to configure plugin's routes and to prefix them with 'admin':

   ```yaml

    synolia_oauth:

        resource: '@SynoliaSyliusAdminOauthPlugin/config/routes.yaml'

        prefix: '/%sylius_admin.path_name%'

   ```

5. Create a config/packages/synolia_oauth_config.yaml to import all required configs :

    ```yaml

    imports:

      - { resource: "@SynoliaSyliusAdminOauthPlugin/config/app.yaml" }

    ```

6. Add this trait to your App\Entity\User\AdminUser.php

    ```php

    use Doctrine\ORM\Mapping as ORM;

    use Sylius\Component\Core\Model\AdminUser as BaseAdminUser;

    use Synolia\SyliusAdminOauthPlugin\Entity\User\CustomAdminUserTrait;

    class AdminUser extends BaseAdminUser

    {

         use CustomAdminUserTrait;

    }

    ```

7. Apply migrations to your database:

   ```shell

    php bin/console doctrine:migrations:migrate

   ```

8. After the first installation, no domain is configured so you have to add one to be able to connect with OAuth.

   If you allready have admin users, add one through the administration panel and authorize it. You can access it through OAuth domain administration section in the menu.

Don't forget to add your Allowed redirect URIs in Google cloud console or Azure Active Directory !

Full documentation here : 

* Google : https://cloud.google.com/looker/docs/admin-panel-authentication-google 

* Microsoft : https://learn.microsoft.com/en-en/azure/active-directory/architecture/auth-oauth2

You can now connect to your accounts with OAuth in the admin login pannel !

## Troubleshootings

- Error 'TOO_MANY_REDIRECT' : add these two lines

  - services.yaml:

    ```yaml

    parameters:

      router.request_context.scheme: 'https'

    ```

   - framework.yaml:

    ```yaml

    framework:

      trusted_proxies: '127.0.0.1,REMOTE_ADDR'

    ```

- If you don't see your oauth connexion button, verify your .env variables where your client_id and client_secret are specified

- If you have "Impossible to connect, try again" message, **don't forget to configure your authorized domains in back-office.**

## Development

See [How to contribute](CONTRIBUTING.md).

## License

This library is under the [EUPL-1.2 license](LICENSE).

## Credits

Developed by [Synolia](https://synolia.com/).