cnam / security-jwt-service-provider
Service Provider for usage jwt token for auth
Installs: 105 997
Dependents: 3
Suggesters: 0
Security: 0
Stars: 60
Watchers: 7
Forks: 40
Open Issues: 8
Requires
- firebase/php-jwt: ^4.0
- pimple/pimple: 3.0.*
- symfony/security: ~2.8|~3.0
Requires (Dev)
- silex/silex: dev-master
README
This provider usage with silex security
require silex
for usage stable version silex your need used security jwt service provider version in 1.*
for usage silex 2.0 version or not stable master your need usage version 2.*
Installation
composer require cnam/security-jwt-service-provider:1.*
Or add your composer.json
require "cnam/security-jwt-service-provider":"1.*"
Simple example
Initialise silex application
require_once __DIR__ . '/../../vendor/autoload.php'; $app = new Silex\Application(['debug' => true]);
Create configuration
add config for security jwt
$app['security.jwt'] = [ 'secret_key' => 'Very_secret_key', 'life_time' => 86400, 'options' => [ 'username_claim' => 'name', // default name, option specifying claim containing username 'header_name' => 'X-Access-Token', // default null, option for usage normal oauth2 header 'token_prefix' => 'Bearer', ] ];
Create users, any user provider implementing interface UserProviderInterface
$app['users'] = function () use ($app) { $users = [ 'admin' => array( 'roles' => array('ROLE_ADMIN'), // raw password is foo 'password' => '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==', 'enabled' => true ), ]; return new InMemoryUserProvider($users); };
Add config for silex security
$app['security.firewalls'] = array( 'login' => [ 'pattern' => 'login|register|oauth', 'anonymous' => true, ], 'secured' => array( 'pattern' => '^.*$', 'logout' => array('logout_path' => '/logout'), 'users' => $app['users'], 'jwt' => array( 'use_forward' => true, 'require_previous_session' => false, 'stateless' => true, ) ), );
Register silex providers
$app->register(new Silex\Provider\SecurityServiceProvider()); $app->register(new Silex\Provider\SecurityJWTServiceProvider());
Example for authorization and request for protected resources
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; use Symfony\Component\Security\Core\User\InMemoryUserProvider; use Symfony\Component\Security\Core\User\User; $app->post('/api/login', function(Request $request) use ($app){ $vars = json_decode($request->getContent(), true); try { if (empty($vars['_username']) || empty($vars['_password'])) { throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username'])); } /** * @var $user User */ $user = $app['users']->loadUserByUsername($vars['_username']); if (! $app['security.encoder.digest']->isPasswordValid($user->getPassword(), $vars['_password'], '')) { throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username'])); } else { $response = [ 'success' => true, 'token' => $app['security.jwt.encoder']->encode(['name' => $user->getUsername()]), ]; } } catch (UsernameNotFoundException $e) { $response = [ 'success' => false, 'error' => 'Invalid credentials', ]; } return $app->json($response, ($response['success'] == true ? Response::HTTP_OK : Response::HTTP_BAD_REQUEST)); }); $app->get('/api/protected_resource', function() use ($app){ return $app->json(['hello' => 'world']); }); $app->run();
Full example in directory tests/mock/app.php
And should for tests correct work silex-security-jwt-provider