Skip to content

Commit

Permalink
Merge branch 'main' into refactor/add-telescope-enabled-config-verifi…
Browse files Browse the repository at this point in the history
…cation
  • Loading branch information
evansims authored Mar 11, 2024
2 parents 366ca0e + fbb708f commit dab42c0
Show file tree
Hide file tree
Showing 23 changed files with 230 additions and 221 deletions.
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/bug_report.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ body:
label: SDK Version
description: What version of our SDK are you using? (`composer show | grep auth0/login`)
options:
- 7.13
- 7.12
- 7.11
- 7.10
Expand All @@ -68,7 +69,6 @@ body:
options:
- PHP 8.3
- PHP 8.2
- PHP 8.1
- Other (specify below)
validations:
required: true
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/matrix.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"include": [
{ "php": "8.1" },
{ "php": "8.2" }
{ "php": "8.2" },
{ "php": "8.3" }
]
}
4 changes: 2 additions & 2 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -118,10 +118,10 @@ jobs:
php: ${{ matrix.php }}
coverage: pcov

- if: matrix.php == '8.1'
- if: matrix.php == '8.2'
run: composer pest:coverage

- if: matrix.php == '8.1'
- if: matrix.php == '8.2'
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # [email protected]
with:
directory: ./coverage/
Expand Down
99 changes: 49 additions & 50 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,30 +11,29 @@

**The Auth0 Laravel SDK is a PHP package that integrates [Auth0](https://auth0.com) into your Laravel application.** It includes no-code user authentication, extensive Management API support, permissions-based routing access control, and more.

- [Requirements](#requirements)
- [Getting Started](#getting-started)
- [1. Install the SDK](#1-install-the-sdk)
- [2. Install the CLI](#2-install-the-cli)
- [3. Configure the SDK](#3-configure-the-sdk)
- [4. Run the Application](#4-run-the-application)
- [Documentation](#documentation)
- [QuickStarts](#quickstarts)
- [Contributing](#contributing)
- [Code of Conduct](#code-of-conduct)
- [Security](#security)
- [License](#license)
- [Requirements](#requirements)
- [Getting Started](#getting-started)
- [1. Install the SDK](#1-install-the-sdk)
- [2. Install the CLI](#2-install-the-cli)
- [3. Configure the SDK](#3-configure-the-sdk)
- [4. Run the Application](#4-run-the-application)
- [Documentation](#documentation)
- [QuickStarts](#quickstarts)
- [Contributing](#contributing)
- [Code of Conduct](#code-of-conduct)
- [Security](#security)
- [License](#license)

## Requirements

Your application must use a [supported Laravel version](https://laravelversions.com/en), and your host environment must be running a [supported PHP version](https://www.php.net/supported-versions.php). Please review [our support policy](./docs/Support.md) for more information.
Your application must use the [latest supported Laravel version](https://endoflife.date/laravel), and your host environment must be running a [supported PHP version](https://www.php.net/supported-versions.php). Please review [our support policy](./docs/Support.md) for more information.

| SDK | Laravel | PHP | Supported Until |
| ---- | ---------------------------------------------- | ----------------------------------------------- | --------------- |
| 7.5+ | [10.x](https://laravel.com/docs/10.x/releases) | [8.3](https://www.php.net/releases/8.2/en.php) | Feb 2025 |
| | | [8.2](https://www.php.net/releases/8.1/en.php) | Feb 2025 |
| | | [8.1](https://www.php.net/releases/8.1/en.php) | Nov 2024 |
| 7.0+ | [9.x](https://laravel.com/docs/9.x/releases) | [8.2](https://www.php.net/releases/8.2/en.php) | Feb 2024 |
| | | [8.1](https://www.php.net/releases/8.1/en.php) | Feb 2024 |
| SDK | Laravel | PHP | Supported Until |
| ----- | ---------------------------------------------- | ---------------------------------------------- | --------------- |
| 7.13+ | [11.x](https://laravel.com/docs/11.x/releases) | [8.3](https://www.php.net/releases/8.3/en.php) | ~Sep 2025 |
| | | [8.2](https://www.php.net/releases/8.2/en.php) | ~Sep 2025 |

Due to breaking changes in Laravel 11, SDK 7.12 was the last version to support Laravel 9 and 10.

You will also need [Composer](https://getcomposer.org/) and an [Auth0 account](https://auth0.com/signup).

Expand All @@ -44,16 +43,16 @@ The following is our recommended approach to getting started with the SDK. Alter

### 1. Install the SDK

- For **new applications**, we offer a quickstart template — a version of the default Laravel 9 starter project pre-configured for use with the Auth0 SDK.
- For **new applications**, we offer a quickstart template — a version of the default Laravel 9 starter project pre-configured for use with the Auth0 SDK.

```shell
composer create-project auth0-samples/laravel auth0-laravel-app && cd auth0-laravel-app
```

- For **existing applications**, you can install the SDK using Composer.
- For **existing applications**, you can install the SDK using Composer.

```shell
composer require auth0/login:^7.9 --update-with-all-dependencies
composer require auth0/login:^7 --update-with-all-dependencies
```

In this case, you will also need to generate an SDK configuration file for your application.
Expand Down Expand Up @@ -170,21 +169,21 @@ php artisan serve
Direct your browser to [http://localhost:8000](http://localhost:8000) to experiment with the application.
- **Authentication**
Users can log in or out of the application by visiting the [`/login`](http://localhost:8000/login) or [`/logout`](http://localhost:8000/logout) routes, respectively.
- **Authentication**
Users can log in or out of the application by visiting the [`/login`](http://localhost:8000/login) or [`/logout`](http://localhost:8000/logout) routes, respectively.
- **API Authorization**
For simplicity sake, generate a test token using the CLI.
- **API Authorization**
For simplicity sake, generate a test token using the CLI.
```shell
auth0 test token \
--audience %IDENTIFIER% \
--scopes "read:messages"
```
<p><small>✋ <em>Substitute <code>%IDENTIFIER%</code> with the identifier of the API you created in step 3 above.</small></em></p>
<p><small>✋ <em>Substitute <code>%IDENTIFIER%</code> with the identifier of the API you created in step 3 above.</small></em></p>
Now you can send requests to the `/api` endpoints of the application, including the token as a header.
Now you can send requests to the `/api` endpoints of the application, including the token as a header.
```shell
curl --request GET \
Expand All @@ -193,18 +192,18 @@ Direct your browser to [http://localhost:8000](http://localhost:8000) to experim
--header 'Authorization: Bearer %TOKEN%'
```
<p><small>✋ <em>Substitute <code>%TOKEN%</code> with the test token returned in the previous step.</small></em></p>
<p><small>✋ <em>Substitute <code>%TOKEN%</code> with the test token returned in the previous step.</small></em></p>
<details>
<summary>Using Windows PowerShell</summary>
<details>
<summary>Using Windows PowerShell</summary>
```powershell
Invoke-WebRequest http://localhost:8000/api/example `
-Headers @{'Accept' = 'application/json'; 'Authorization' = 'Bearer %TOKEN%'}
```
</details>
</details>
When you're ready to deploy your application to production, review [our deployment guide](./docs/Deployment.md) for best practices and advice on securing Laravel.
Expand Down Expand Up @@ -354,33 +353,33 @@ All the SDK's Management API methods are [documented here](./docs/Management.md)
## Documentation
- [Installation](./docs/Installation.md) — Installing the SDK and generating configuration files.
- [Configuration](./docs/Configuration.md) — Configuring the SDK using JSON files or environment variables.
- [Sessions](./docs/Sessions.md) — Guidance on deciding which Laravel Session API driver to use.
- [Cookies](./docs/Cookies.md) — Important notes about using Laravel's Cookie session driver, and alternative options.
- [Management API](./docs/Management.md) — Using the SDK to work with the [Auth0 Management API](https://auth0.com/docs/api/management/v2).
- [Users](./docs/Users.md) — Extending the SDK to support persistent storage and [Eloquent](https://laravel.com/docs/eloquent) models.
- [Events](./docs/Events.md) — Hooking into SDK [events](https://laravel.com/docs/events) to respond to specific actions.
- [Deployment](./docs/Deployment.md) — Deploying your application to production.
- [Installation](./docs/Installation.md) — Installing the SDK and generating configuration files.
- [Configuration](./docs/Configuration.md) — Configuring the SDK using JSON files or environment variables.
- [Sessions](./docs/Sessions.md) — Guidance on deciding which Laravel Session API driver to use.
- [Cookies](./docs/Cookies.md) — Important notes about using Laravel's Cookie session driver, and alternative options.
- [Management API](./docs/Management.md) — Using the SDK to work with the [Auth0 Management API](https://auth0.com/docs/api/management/v2).
- [Users](./docs/Users.md) — Extending the SDK to support persistent storage and [Eloquent](https://laravel.com/docs/eloquent) models.
- [Events](./docs/Events.md) — Hooking into SDK [events](https://laravel.com/docs/events) to respond to specific actions.
- [Deployment](./docs/Deployment.md) — Deploying your application to production.
You may find the following integration guidance useful:
- [Laravel Eloquent](./docs/Eloquent.md) — [Eloquent ORM](https://laravel.com/docs/eloquent) is supported.
- [Laravel Octane](./docs/Octane.md) — [Octane](https://laravel.com/docs/octane) is not supported at this time.
- [Laravel Telescope](./docs/Telescope.md) — [Telescope](https://laravel.com/docs/telescope) is compatible as of SDK v7.11.0.
- [Laravel Eloquent](./docs/Eloquent.md) — [Eloquent ORM](https://laravel.com/docs/eloquent) is supported.
- [Laravel Octane](./docs/Octane.md) — [Octane](https://laravel.com/docs/octane) is not supported at this time.
- [Laravel Telescope](./docs/Telescope.md) — [Telescope](https://laravel.com/docs/telescope) is compatible as of SDK v7.11.0.
You may also find the following resources helpful:
- [Auth0 Documentation Hub](https://www.auth0.com/docs)
- [Auth0 Management API Explorer](https://auth0.com/docs/api/management/v2)
- [Auth0 Authentication API Explorer](https://auth0.com/docs/api/authentication)
- [Auth0 Documentation Hub](https://www.auth0.com/docs)
- [Auth0 Management API Explorer](https://auth0.com/docs/api/management/v2)
- [Auth0 Authentication API Explorer](https://auth0.com/docs/api/authentication)
Contributions to improve our documentation [are welcomed](https://github.com/auth0/laravel-auth0/pull).
## QuickStarts
- [Session-based Authentication](https://auth0.com/docs/quickstart/webapp/laravel) ([GitHub](https://github.com/auth0-samples/laravel))
- [Token-based Authorization](https://auth0.com/docs/quickstart/backend/laravel) ([GitHub](https://github.com/auth0-samples/laravel))
- [Session-based Authentication](https://auth0.com/docs/quickstart/webapp/laravel) ([GitHub](https://github.com/auth0-samples/laravel))
- [Token-based Authorization](https://auth0.com/docs/quickstart/backend/laravel) ([GitHub](https://github.com/auth0-samples/laravel))
## Community
Expand Down
24 changes: 15 additions & 9 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -35,33 +35,39 @@
"source": "https://github.com/auth0/laravel-auth0"
},
"require": {
"php": "^8.1",
"php": "^8.2",
"ext-json": "*",
"auth0/auth0-php": "^8.10",
"illuminate/contracts": "^9 || ^10",
"illuminate/http": "^9 || ^10",
"illuminate/support": "^9 || ^10",
"illuminate/contracts": "^11",
"illuminate/http": "^11",
"illuminate/support": "^11",
"psr-discovery/all": "^1",
"psr/cache": "^2 || ^3"
},
"require-dev": {
"ergebnis/composer-normalize": "^2",
"friendsofphp/php-cs-fixer": "^3",
"larastan/larastan": "^2",
"mockery/mockery": "^1",
"nunomaduro/larastan": "^2",
"orchestra/testbench": "^7 || ^8",
"orchestra/testbench": "^9.x-dev",
"pestphp/pest": "^2",
"pestphp/pest-plugin-laravel": "^2",
"phpstan/phpstan": "^1",
"phpstan/phpstan-strict-rules": "^1",
"psalm/plugin-laravel": "^2",
"psalm/plugin-laravel": "dev-laravel11#b93c8f21c18e3355dcdae797c6af266f7aab93f6",
"psr-mock/http": "^1",
"rector/rector": "0.17.0",
"rector/rector": "^1",
"squizlabs/php_codesniffer": "^3",
"symfony/cache": "^6",
"symfony/cache": "^6 || ^7",
"vimeo/psalm": "^5",
"wikimedia/composer-merge-plugin": "^2"
},
"repositories": [
{
"type": "vcs",
"url": "https://github.com/asbiin/psalm-plugin-laravel.git"
}
],
"minimum-stability": "dev",
"prefer-stable": true,
"autoload": {
Expand Down
2 changes: 1 addition & 1 deletion deprecated/Model/User.php
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

namespace Auth0\Laravel\Model;

use Auth0\Laravel\Users\{UserAbstract, UserContract};
use Auth0\Laravel\Users\UserAbstract;

/**
* @deprecated 7.8.0 Use Auth0\Laravel\Users\UserAbstract instead.
Expand Down
54 changes: 27 additions & 27 deletions docs/Deployment.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,28 +2,28 @@

When you're preparing to deploy your application to production, there are some basic steps you can take to make sure your application is running as smoothly and securely as possible. In this guide, we'll cover some starting points for making sure your application is deployed properly.

- [Auth0 Configuration](#auth0-configuration)
- [TLS / HTTPS](#tls--https)
- [Cookies](#cookies)
- [Server Configuration](#server-configuration)
- [Caddy](#caddy)
- [Nginx](#nginx)
- [Apache](#apache)
- [Optimization](#optimization)
- [Autoloader](#autoloader)
- [Dependencies](#dependencies)
- [Caching Configuration](#caching-configuration)
- [Caching Events](#caching-events)
- [Caching Routes](#caching-routes)
- [Caching Views](#caching-views)
- [Debug Mode](#debug-mode)
- [Auth0 Configuration](#auth0-configuration)
- [TLS / HTTPS](#tls--https)
- [Cookies](#cookies)
- [Server Configuration](#server-configuration)
- [Caddy](#caddy)
- [Nginx](#nginx)
- [Apache](#apache)
- [Optimization](#optimization)
- [Autoloader](#autoloader)
- [Dependencies](#dependencies)
- [Caching Configuration](#caching-configuration)
- [Caching Events](#caching-events)
- [Caching Routes](#caching-routes)
- [Caching Views](#caching-views)
- [Debug Mode](#debug-mode)

## Auth0 Configuration

When migrating your Laravel application from local development to production, you will need to update your Auth0 application's configuration to reflect the new URLs for your application. You can do this by logging into the [Auth0 Dashboard](https://manage.auth0.com/) and updating the following fields:

- **Allowed Callback URLs**: The URL that Auth0 will redirect to after the user authenticates. This should be set to the Internet-accessible URL of your application's `/callback` route.
- **Allowed Logout URLs**: The URL that Auth0 will redirect to after the user logs out. This should be set to an appropriate Internet-accessible URL of your application.
- **Allowed Callback URLs**: The URL that Auth0 will redirect to after the user authenticates. This should be set to the Internet-accessible URL of your application's `/callback` route.
- **Allowed Logout URLs**: The URL that Auth0 will redirect to after the user logs out. This should be set to an appropriate Internet-accessible URL of your application.

Note that you can include multiple URLs in these fields by separating them with commas, for example `https://example.com/callback,http://localhost:8000/callback`.

Expand Down Expand Up @@ -64,7 +64,7 @@ example.com {
X-Frame-Options "SAMEORIGIN"
}
php_fastcgi unix//var/run/php/php8.1-fpm.sock
php_fastcgi unix//var/run/php/php8.2-fpm.sock
}
```

Expand All @@ -76,32 +76,32 @@ server {
listen [::]:80;
server_name example.com;
root /var/www/example.com/public;
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header X-Frame-Options "SAMEORIGIN";
large_client_header_buffers 4 32k;
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
Expand Down
Loading

0 comments on commit dab42c0

Please sign in to comment.