Silex UiTID authentication provider.
- dev-master / 0.x-dev
This package is auto-updated.
Last update: 2022-09-26 01:31:20 UTC
Contains various Controller- and Service Providers for Silex projects to integrate UiTID authentication.
You'll need the
UrlGenerator services provided by Silex:
$app->register(new \Silex\Provider\SessionServiceProvider()); $app->register(new \Silex\Provider\UrlGeneratorServiceProvider());
You will also need to register the
This service makes it possible to load controllers as if they are services, so you can use separate classes for your controllers outside of the ControllerProvider classes.
Lastly you will have to register the
CultureFeedServiceProvider, with some additional configuration:
$app->register(new \CultuurNet\UiTIDProvider\CultureFeed\CultureFeedServiceProvider(), array( 'culturefeed.endpoint' => 'http://example.com/, 'culturefeed.consumer.key' => 'example-consumer-key', 'culturefeed.consumer.secret' => 'example-consumer-secret', ));
You will need to register the
UserServiceProvider like this:
$app->register(new CultuurNet\UiTIDProvider\Auth\AuthServiceProvider()); $app->register(new CultuurNet\UiTIDProvider\User\UserServiceProvider());
And you will need to mount the
AuthControllerProvider to a path of your liking:
$app->mount( 'culturefeed/oauth', new \CultuurNet\UiTIDProvider\Auth\AuthControllerProvider() );
At this point, your visitors can authenticate if you redirect them to http://your-website.com/culturefeed/oauth/connect?destination=http://your-website.com, where your-website.com should obviously be your own domain name.
After authentication, they will be redirected back to the URL set in the destination parameter. In this case,
You can access info for the current user, or other users, by using the following services provided by the
UserServiceProvider that you registered in step 1:
$app['uitid_user_session_service']: An instance of
CultuurNet\UiTIDProvider\User\UserSessionService, which can return minimal user info of the currently logged in user.
$app['uitid_user_session_data']: An instance of
CultuurNet\Auth\User, which contains the user id and access token. (Also known as the "minimal user info".)
$app['uitid_user_service']: An instance of
CultuurNet\UiTIDProvider\User\UserService, which can return user data by id or username.
$app['uitid_user']: An instance of
CultuurNet\UiTIDProvider\User\User, which contains all extra info of the currently logged in user.
Optionally, you can mount the
UserControllerProvider to a path of your liking:
$app->mount('uitid', new \CultuurNet\UiTIDProvider\User\UserControllerProvider());
This will provide the following paths (in this example prefixed with
uitid/user: Returns data of the current user in JSON format.
uitid/logout: Invalidates the current session and logs the user out.
You can easily restrict access to paths for non-authenticated users by registering the
$app->register(new \Silex\Provider\SecurityServiceProvider()); $app->register(new \CultuurNet\UiTIDProvider\Security\UiTIDSecurityServiceProvider());
Afterwards you'll have to configure the firewall settings. Make sure to allow access to the paths that you mounted in step 1, use the
uitid authenticator, and use the
$app['uitid_firewall_user_provider'] as the user provider.
Here's an example of a valid firewall configuration:
$app['security.firewalls'] = array( 'unsecured' => array( 'pattern' => '^/culturefeed/oauth', ), 'secured' => array( 'pattern' => '^.*$', 'uitid' => true, 'users' => $app['uitid_firewall_user_provider'], ), );
This example will only allow access to the paths beginning wih
/culturefeed/oauth until the user is logged in. All other paths will return a response with status code 403.
More info on firewall configuration can be found in the Silex documentation.