Callbacks

For more advanced use cases, several callbacks can be defined that override the configuration. They should be set in app/Providers/AuthServiceProvider.php.

accessDeniedCallback()

To change what happens when the user is not allowed to log in (the user couldn't be found and create is false, or the attributesToUserCallback() callback returned null):

SAML::accessDeniedCallback(function(array $attributes) {
    return view('errors.login-not-allowed', ['name' => data_get($attributes, 'name.0')]);
});

attributesToUserCallback()

To replace the built-in user lookup/creation method:

SAML::attributesToUserCallback(function(array $attributes, \Alberon\LaravelSsoSaml\Support\Manager $saml) {
    // Return either a user object (already saved) or null
    return User::where('email', data_get($attributes, 'email.0'))->first();
});

authSettingsCallback()

For more advanced configuration of the underlying onelogin/php-saml package:

SAML::authSettingsCallback(function(array $settings) {
    // Use dd($settings) to see the structure
    return $settings;
});