intracto/fas-open-id-bundle

Bundle that makes it easy to authenticate using Fas Open Id

Installs: 1 628

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 3

Forks: 0

Open Issues: 5

Type:symfony-bundle

1.1.4 2022-10-25 12:53 UTC

README

With this bundle, users of your application will be able to login into the application using FAS (Federal Authentication Service) using OpenId.

Installation

Applications that use Symfony Flex

Open a command console, enter your project directory and execute:

$ composer require intracto/fas-open-id-bundle

Applications that don't use Symfony Flex

Step 1: Download the Bundle

Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle:

$ composer require intracto/fas-open-id-bundle

This command requires you to have Composer installed globally, as explained in the installation chapter of the Composer documentation.

Step 2: Enable the Bundle

Then, enable the bundle by adding it to the list of registered bundles in the config/bundles.php file of your project:

// config/bundles.php

return [
    // ...
    Intracto\FasOpenIdBundle\IntractoFasOpenIdBundle::class => ['all' => true],
];

Step 3: register bundle routing

Load the bundle's routing inside your application

intracto_fas_open_id:
    resource: "@IntractoFasOpenIdBundle/Resources/config/routing.xml"

Step 4: Configuration

Bundle configuration

(If not done by Flex, create a intracto_fas_open_id.yaml file in your config/packages folder).

Config parameters needed to get this bundle working:

  • client_id: the client ID of your registered application
  • client_secret: the client secret of your registerd application
  • scope: list of scopes that will be used by this application. Possible values are profile, egovnrn, certificateInfo, citizen, enterprise and roles. The role openid will automatically be used
  • auth_path: the route name where the FasOpenIdAuthenticator will check to authenticate the user. The default value for this parameter is intracto_fas_open_id.auth
  • target_path: the route name where the user will be redirected to on successful authentication
  • login_path: the route name where the user will be redirected to when he has to login
  • user_class: FQN of your user class, this is optional. Make sure your user extends the User class of this bundle

Firewall configuration

Then, you have to tell the firewall(s) of your application which authentictor should be used. Under the guard parameter of your firewall(s), you have to append the intracto.fas_open_id.authenticator to the authenticators parameter.

security:
    providers:
        intracto_fas_open_id_user_provider:
            id: intracto.fas_open_id.user_provider
    ...
    my_firewall:
        ...
        guard:
            ...
            authenticators:
                - intracto.fas_open_id.authenticator
            provider: intracto_fas_open_id_user_provider

If you want to log out from FAS, add the intracto.fas_open_id.logout_handler to your firewall logout handlers.