ladamalina/remote-user-bundle

Symfony RemoteUserBundle

Maintainers

Details

github.com/ladamalina/symfony-remote-user-bundle

Homepage

Source

Issues

Installs: 33

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

Type:symfony-bundle

0.1 2016-08-06 15:44 UTC

Requires

MIT 6704b80b32d71bc3d7b44a61e475dd1f90471dbf

  • Nadezhda Ryabtsova <nadezhdaryabtsova.woop@gmail.com>

symfonyauthorizationsecurityAuthentication

This package is auto-updated.

Last update: 2024-04-14 16:25:06 UTC

README

Installation

Download the latest stable version of this bundle:

$ composer require ladamalina/remote-user-bundle

Enable the bundle:

<?php
// app/AppKernel.php

class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = array(
            // ...

            new Ladamalina\RemoteUserBundle\RemoteUserBundle(),
        );

        // ...
    }

    // ...
}

No matter how you authenticate, you need to create a User class that implements UserInterface:

<?php
// src/AppBundle/Entity/User.php

namespace AppBundle\Entity;

use Symfony\Component\Security\Core\User\UserInterface;

class User implements UserInterface
{
    private $id;
    private $username;
    private $name;

    public function getUsername() {
        return $this->username;
    }

    public function getRoles() {
        return ['ROLE_USER'];
    }

    public function getPassword() {}
    
    public function getSalt() {}
    
    public function eraseCredentials() {}

    // more getters/setters
}

Create a User Provider. Here you have to implement user credentials check:

<?php
// src/AppBundle/Security/UserProvider.php

// ...

class UserProvider extends AbstractRemoteUserProvider
{
    /**
     * @var string
     */
    protected $userClassName;

    public function __construct($userClassName) {
        if (!class_exists($userClassName)) {
            throw new \InvalidArgumentException("Class `$userClassName` does not exists. 
                Invalid service configuration: services.remote_user_provider");
        }
        $this->userClassName = $userClassName;
    }

    public function loadUserByUsernameAndPassword($username, $password)
    {
        try {
            // Remote API call checking $username and $password here
            // Populate new User instance with response data

            return $user;
        } catch (\Exception $e) {
            throw new UsernameNotFoundException();
        }
    }
}

Configure authenticator and user provider services app/config/services.yml

services:
    remote_user_provider:
        class: AppBundle\Security\UserProvider
        arguments: ["AppBundle\\Entity\\User"]

    remote_user_authenticator:
        class: RemoteUserBundle\Security\Guard\Authenticator

Configure security user provider app/config/security.yml

security:
    providers:
        remote:
            id: remote_user_provider

Configure firewall guard app/config/security.yml

security:
    firewalls:
        main:
            anonymous: ~
            # activate different ways to authenticate
            
            guard:
                authenticators:
                    - remote_user_authenticator

Usage

POST request with rua_username and rua_password fields will initiate remote authorization call.

curl --request POST \
  --url http://site.com/ \
  --header 'content-type: multipart/form-data; boundary=---011000010111000001101001' \
  --form rua_username=username \
  --form rua_password=password

In case of invalid credentials or remote service unavailability you will recieve HTTP status code 403 Forbidden, otherwise 200 OK.