PHPackages boogiebaeren/contao-google-sso-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. boogiebaeren/contao-google-sso-bundle ActiveContao-bundle[Authentication & Authorization](/categories/authentication) boogiebaeren/contao-google-sso-bundle ===================================== 0.6.3(2y ago)02531MITPHPPHP ^8.1CI passing Since Oct 29Pushed 2y ago2 watchersCompare [ Source](https://github.com/boogiebaeren/contao-google-sso-bundle)[ Packagist](https://packagist.org/packages/boogiebaeren/contao-google-sso-bundle)[ Docs](https://boogie-baeren.de)[ RSS](/packages/boogiebaeren-contao-google-sso-bundle/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (7)Dependencies (10)Versions (22)Used By (0) Contao Google SSO Bundle ======================== [](#contao-google-sso-bundle) Adds a new login url (`/contao/login_sso`) to log into the Contao backend using existing users inside a Google Workspace instance. Installation ------------ [](#installation) Install the bundle via composer: `composer require boogiebaeren/contao-google-sso-bundle`or install it via the Contao Manager. Configuration ------------- [](#configuration) You need to define two environment variables: - GOOGLE\_SSO\_CLIENTID - GOOGLE\_SSO\_CLIENTSECRET You then need to add the following configuration to your `config/config.yaml` file: ``` # config/config.yaml contao_google_sso: client_id: '%env(GOOGLE_SSO_CLIENTID)%' client_secret: '%env(GOOGLE_SSO_CLIENTSECRET)%' hosted_domain: your-google-workspace-domain-name ``` You should also add the following to your `composer.json` file to remove all unused Google Services: ``` { "extra": { "google/apiclient-services": [ "Oauth2" ] }, "scripts": { "pre-autoload-dump": "Google\\Task\\Composer::cleanup" } } ``` You need to be an administrator of a Google Workspace instance to create a new OAuth client. First create a new project inside the [Google Cloud Console](https://console.cloud.google.com/), then create a new OAuth client. [![img.png](.github/img/create-oauth-client.png)](.github/img/create-oauth-client.png)Then select "Web application" as the application type, enter a name and add an authorized redirection uri `https:///contao/login_sso/redirect`. After you've created the OAuth client, you can copy the client id and client secret into a `.env.local` file in the root folder of your Contao installation. **Don't forget to set the usertype to "intern" in the OAuth consent screen or otherwise any google user could log in!**[![img.png](.github/img/change-to-intern-users-only.png)](.github/img/change-to-intern-users-only.png) After you've configured the environment variables, you can log in using the new login url (`https:///contao/login_sso`). Integrating the login into the be\_login page --------------------------------------------- [](#integrating-the-login-into-the-be_login-page) If you don't want a different login url you can also overwrite the `be_login.html5` template. For this, you can create a `be_login.html5` file under your `templates` folder and add the following snippet (replacing): ```