Skip to content

GL-EVENTS/SyliusAdminSamlPlugin

BranchesTags

Repository files navigation

GL events SyliusAdminSamlPlugin

Features

This plugin allow your admin users to sign in with SAML providers (Google, Azure, Okta, etc.)

Form admin login

Installation

  1. Add the bundle to your composer.json file:
   composer require gl-events/sylius-admin-saml-plugin
   composer require onelogin/php-saml
  1. Write your Identity Provider informations in your .env file:
   SAML_IDP_ENTITY_ID=
   SAML_IDP_SSO_URL=
   SAML_IDP_SLO_URL=
   SAML_IDP_CERTIFICATE=
   SAML_IDENTIFIER_KEY=
  1. Add your SP private key in your .env file (you can generate one at your project root with openssl genpkey -algorithm RSA -out private.key):
   SAML_SP_PRIVATE_KEY=
  1. Enable or not the traditionnal sylius admin form login in your .env file:
   SYLIUS_ADMIN_LOGIN=
  1. Add the plugin class to your config/bundles.php file:
    return [
        ...
        GlEvents\SyliusAdminSamlPlugin\GlEventsSyliusAdminSamlPlugin::class => ['all' => true],
    ];
  1. Add default config
# config/packages/gl_events_saml_admin_plugin.yaml

imports:
    - { resource: "@GlEventsSyliusAdminSamlPlugin/Resources/config/config.yaml" }
  1. Add in your config/security.yaml file:
        providers:
            saml_provider:
              id: gl_events.saml_plugin.provider.saml_user
        firewalls:
              saml:
                    pattern: ^/saml
                    stateless: true
                    custom_authenticator: gl_events.saml_plugin.security.saml_authenticator
              main:
                    lazy: true
                    provider: saml_provider
        access_control:
              - { path: "%sylius.security.admin_regex%/saml", role: ROLE_SUPER_ADMIN }
              - { path: "%sylius.security.admin_regex%/login/saml", role: PUBLIC_ACCESS }
              - { path: "%sylius.security.admin_regex%/login/saml/logout", role: PUBLIC_ACCESS }
              - { path: "%sylius.security.admin_regex%/login/saml/acs", role: PUBLIC_ACCESS }
              - { path: "%sylius.security.admin_regex%/login/saml/sls", role: PUBLIC_ACCESS }
              - { path: "%sylius.security.admin_regex%/login/saml/metadata", role: PUBLIC_ACCESS }
  1. Add in your config/routes.yaml file:
   glevents_sylius_admin_saml_plugin:
        resource: "@GlEventsSyliusAdminSamlPlugin/Resources/config/routing.yml"

  1. Verify your trusted_headers & trusted_proxies, see: https://symfony.com/doc/current/deployment/proxies.html#but-what-if-the-ip-of-my-reverse-proxy-changes-constantly

  2. You are now ready to go ! 🚀

Credits

Developed by GL Events.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

5 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 10

Remove trusted_headers & trusted_proxies Latest
Dec 17, 2025
+ 9 releases

Packages

No packages published

Languages