mehdibo/paseto-bundle

A Symfony Bundle to use Paseto tokens

Maintainers

Details

github.com/mehdibo/paseto-bundle

Source

Issues

Installs: 87

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 2

Forks: 1

Open Issues: 0

Type:symfony-bundle

v1.0.0 2022-01-13 18:08 UTC

Requires

Requires (Dev)

MIT dd66358df7c5fc83a009adf64ed097bac27e7a9c

  • Mehdi Bounya <mehdi.bounya.woop@gmail.com>

symfonybundlesymfony-bundlepaseto

This package is auto-updated.

Last update: 2024-11-14 01:15:16 UTC

README

License Latest Stable Version Latest Unstable Version Total Downloads CI tests

PasetoBundle is a Symfony bundle to integrate Paseto into Symfony applications.

Installation

Make sure Composer is installed globally, as explained in the installation chapter of the Composer documentation.

Step 1: Install bundle

Open a command console, enter your project directory and execute the following command to download the latest stable version of this bundle:

$ composer require mehdibo/paseto-bundle

Step 2: Configuration

Add environment variables to .env:

###> mehdibo/paseto-bundle ###
PASETO_SYMMETRIC_KEY=
PASETO_ASYMMETRIC_SECRET_KEY=
###< mehdibo/paseto-bundle ###

You can generate keys using the bundle's command:

./bin/console mehdibo:paseto:generate-symmetric
./bin/console mehdibo:paseto:generate-generate-asymmetric

Create the configuration file config/packages/mehdibo_paseto.yaml

mehdibo_paseto:
  secret_keys:
    symmetric_key: '%env(PASETO_SYMMETRIC_KEY)%'
    asymmetric_key: '%env(PASETO_ASYMMETRIC_SECRET_KEY)%'

Then, enable the bundle by adding it to the list of registered bundles in the config/bundles.php file of your project:

// config/bundles.php

return [
    // ...
    Mehdibo\Bundle\PasetoBundle\MehdiboPasetoBundle::class => ['all' => true],
];

Usage

You can view the ExampleController for a usage example.

Creating Paseto tokens

You can use the bundle's services to create tokens.

// For building local tokens
$localBuilder = new \Mehdibo\Bundle\PasetoBundle\Services\LocalPasetoBuilder();
// For building public tokens
$publicBuilder = new \Mehdibo\Bundle\PasetoBundle\Services\PublicPasetoBuilder();

From a controller:

namespace App\Controller;

use Mehdibo\Bundle\PasetoBundle\Services\LocalPasetoBuilder;
use Mehdibo\Bundle\PasetoBundle\Services\PublicPasetoBuilder;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;

class TokensController extends AbstractController
{

    #[Route('/public', name: 'public')]
    public function public(PublicPasetoBuilder $builder): Response
    {
        $builder->setIssuedAt()->setClaims(['custom' => 'claim']);
        return new Response($builder->toString());
    }

    #[Route('/local', name: 'local')]
    public function local(LocalPasetoBuilder $builder): Response
    {
        $builder->setIssuedAt()->setClaims(['custom' => 'claim']);
        return new Response($builder->toString());
    }
}

Decoding Paseto tokens

You can use the bundle's services to decode tokens

// For parsing local tokens
$localParser = new \Mehdibo\Bundle\PasetoBundle\Services\LocalPasetoParser();
// For parsing public tokens
$publicParser = new \Mehdibo\Bundle\PasetoBundle\Services\PublicPasetoParser();

From a controller:

namespace App\Controller;

use Mehdibo\Bundle\PasetoBundle\Services\LocalPasetoParser;
use Mehdibo\Bundle\PasetoBundle\Services\PublicPasetoParser;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Routing\Annotation\Route;

class TokensController extends AbstractController
{

    #[Route('/public/decode', name: 'public_decode')]
    public function publicDecode(PublicPasetoParser $parser): JsonResponse
    {
        $token = $parser->parse("PUBLIC_TOKEN_HERE");
        return new JsonResponse($token->getClaims());
    }

    #[Route('/local/decode', name: 'local_decode')]
    public function localDecode(LocalPasetoParser $parser): JsonResponse
    {
        $token = $parser->parse("LOCAL_TOKEN_HERE");
        return new JsonResponse($token->getClaims());
    }
}

Commands

The bundle provides some commands to help you use Paseto tokens.

mehdibo:paseto:generate-symmetric  # Generate a symmetric key
mehdibo:paseto:generate-asymmetric # Generate a asymmetric keys
mehdibo:paseto:generate-token      # Generate a Paseto token
$> ./bin/console mehdibo:paseto:generate-token --purpose local --expires_at P01D --claim uid --claim 13 --claim article_id --claim 37
v2.local.nn7biqHnkvU3JgJdfeVNqHlxsub_QEOsSAeGg2hdEVvPi_lxYwL01dSGjYw43P8PE0zorghJq2S6Czo8ztTxQ_UlSeYqPehXJ498Rk3Y9ouwqj2Z9j0Bk1uSbEBSqXPdr1GeeM0kpPk