Question - Protecting routes

[ntbutler-nbcs]

Hi all.

Rather noob question, but I'm struggling to figure out how to protect some routes in by /routes/web.php file behind SAML auth.

I added the Middleware items noted in the readme.md at https://github.com/24Slides/laravel-saml2#middleware and added "->middleware('saml');" to the routes I want to ensure are behind SAML auth. When I go to those routes though in a new/incognito browser session, the view loads, where I was hoping it would redirect first through SAML.

I did add the Auth events listener from https://github.com/24Slides/laravel-saml2#authentication-events - slightly modified to get some extra attributes from the IdP - and I have the auth working OK and even have on-demand/JIT user provisioning to the Users model on appropriate accounts. This is using the redirect link method - e.g. https://my.website/saml2/UUID/login?returnTo=https://my.website/page/123 - so I am sure SAML auth itself is working OK.

Is there something simple that I'm missing here? I only have one IdP configured, so I was hoping to have a simple "->middleware('saml')" solution for my routes that would redirect any unauth'd requests to the IdP first.

Cheers!