ekapusta / oauth2-esia-bundle
Configuration and symfony services for ekapusta/oauth2-esia.
Installs: 2 656
Dependents: 0
Suggesters: 0
Security: 0
Stars: 7
Watchers: 5
Forks: 2
Open Issues: 0
Type:symfony-bundle
Requires
- php: ^5.6 || ^7.0
- ekapusta/oauth2-esia: ^1.4
- symfony/config: ^2.8 || ^3 || ^4
- symfony/dependency-injection: ^2.8 || ^3 || ^4
- symfony/http-kernel: ^2.8 || ^3 || ^4
Requires (Dev)
- g1a/composer-test-scenarios: ^3.2
- guzzlehttp/guzzle: ^6.3
- monolog/monolog: ^1.23
- phpunit/phpunit: ^5.7
- squizlabs/php_codesniffer: ^2.7
- symfony/framework-bundle: ^2.8 || ^3 || ^4
This package is auto-updated.
Last update: 2024-03-29 03:32:28 UTC
README
Configuration and symfony services for ekapusta/oauth2-esia.
Install
composer require ekapusta/oauth2-esia-bundle
In your kernell add to other bundles:
new Ekapusta\OAuth2EsiaBundle\EkapustaOAuth2EsiaBundle(),
Configuration
Signer
Decide which signer to use and set these params in your config:
ekapusta_oauth2_esia.signer.class_name: Ekapusta\OAuth2Esia\Security\Signer\OpensslCli ekapusta_oauth2_esia.signer.certificate_path: /path/to/your/certificate/with/public-key-inside.cer ekapusta_oauth2_esia.signer.private_key_path: /path/to/your/certificates/private.key ekapusta_oauth2_esia.signer.private_key_password: 'some password' ekapusta_oauth2_esia.signer.tool_path: /path/to/your/openssl
Provider
You must configure your client_id and redirect_uri.
ekapusta_oauth2_esia.client_id: SOMESYSTEM ekapusta_oauth2_esia.redirect_uri: https://your-system.domain/auth/finish
Scopes should be configured if you need more info from authorized user. Please note, that you should set here only scopes, for which you have permission to use. Full list of scopes are at methodical recommendations.
ekapusta_oauth2_esia.default_scopes: ['openid', 'fullname', '...']
Test mode
To use test mode put your provider to test portal as:
ekapusta_oauth2_esia.remote_url: 'https://esia-portal1.test.gosuslugi.ru' ekapusta_oauth2_esia.remote_public_key: '%ekapusta_oauth2_esia.vendor.resources_path%/esia.test.public.key'
RS256 algo
By default we now use GOST algo for remote verification. To use RSA RS256:
ekapusta_oauth2_esia.remote_public_key: '%ekapusta_oauth2_esia.vendor.resources_path%/esia.prod.public.key' ekapusta_oauth2_esia.remote_signer.algorytm: 'RS256'
Logging
Currently logger is used only at transport level: injected into guzzle http client.
You can configure your own logger class by ekapusta_oauth2_esia.logger.class param.
Or just redefine at your config service ekapusta_oauth2_esia.logger.
Usage
There are two DI-services available: ekapusta_oauth2_esia.provider and ekapusta_oauth2_esia.service.
When you need just authorize user and get information, then you could use ekapusta_oauth2_esia.service.
In other cases use ekapusta_oauth2_esia.provider. 2nd is just a simplified facade for 1st.