Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a draft PR for the next major release. The goal is to improve the design of the solution, giving developers more control and flexibility, as well as providing more basic functionality "out-of-the-box".
Plans
Key changes
Database changes
saml2_tenants
has been renamed tosaml2_identity_providers
saml2_identity_providers
now has an optional morph relation called "tenant" that can be associated with an application entity upon IdP creationsaml2_sessions
has been added to track all logins (see Login & Tracking below)Custom resolvers
IdentityProviderResolver
implements logic for resolving identity provider based on the request routeConfigResolver
implements logic for resolving IdP/SP config based on the resolved IdP modelLogin & Tracking
To provide basic functionality out of the box for smaller application, authorization logic has been implemented, specifically:
This is not designed for production needs, just an example on how login/signup can be implemented. For larger apps having custom logic is inevitable.