uxf / security
3.1.3
2022-06-23 16:37 UTC
Requires
- php: ^8.1
- ext-json: *
- firebase/php-jwt: ^6.0
- uxf/core: 3.1.3
README
Install
$ composer req uxf/security
// config/packages/uxf.php
use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
return static function (ContainerConfigurator $containerConfigurator): void {
$containerConfigurator->extension('uxf_security', [
'user_class' => User::class, // required
'base_url' => 'https://uxf.cz', // required
'public_key' => '%env(AUTH_PUBLIC_KEY)%', // required
'private_key' => '%env(AUTH_PRIVATE_KEY)%', // required
// optional
'access_token_lifetime' => 'P10Y', // default 1 day
'refresh_token_lifetime' => 'P20Y', // default 1 month
'cookie_name' => 'Cookie-Name', // default Authorization - used for header + cookie
'cookie_secured' => false, // default true
'cookie_http_only' => false, // default true
// OpenID Connect - optional
'oidc' => [
'apple' => [
'client_id' => 'xxx',
],
'facebook' => [
'client_id' => 'xxx',
'client_secret' => 'xxx',
],
'gitlab' => [
'client_id' => 'xxx',
'client_secret' => 'xxx',
],
'google' => [
'client_id' => 'xxx',
],
'microsoft' => [
'client_id' => 'xxx',
],
'mojeid' => [
'client_id' => 'xxx',
],
],
]);
};
OpenID Connect
Create new user
use Nette\Utils\Random;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use UXF\CMS\Entity\User;
use UXF\Security\Service\OIDC\NewUserEvent;
class NewUserEventSubscriber implements EventSubscriberInterface
{
public function process(NewUserEvent $event): void
{
$event->user = new User($event->oidcInfo->email, '', Random::generate());
}
/**
* @inheritDoc
*/
public static function getSubscribedEvents(): array
{
return [
NewUserEvent::class => 'process',
];
}
}
Providers & URLs
# login
https://domain.com/api/auth/oidc/<provider>/login
# login with redirect (default is /)
https://domain.com/api/auth/oidc/<provider>/login?redirect=/some-path
# callback
https://domain.com/api/auth/oidc/<provider>/callback