Skip to content

Commit

Permalink
Add cookie token extractor
Browse files Browse the repository at this point in the history
  • Loading branch information
Thibault Nucéra committed Jul 22, 2015
1 parent 6870354 commit 315fdca
Show file tree
Hide file tree
Showing 5 changed files with 105 additions and 1 deletion.
24 changes: 24 additions & 0 deletions DependencyInjection/Security/Factory/JWTFactory.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,19 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,

}

if ($config['cookie']['enabled']) {

$cookieExtractorId = 'lexik_jwt_authentication.extractor.cookie_extractor.' . $id;
$container
->setDefinition($cookieExtractorId, new DefinitionDecorator('lexik_jwt_authentication.extractor.cookie_extractor'))
->replaceArgument(0, $config['cookie']['name']);

$container
->getDefinition($listenerId)
->addMethodCall('addTokenExtractor', array(new Reference($cookieExtractorId)));

}

return array($providerId, $listenerId, $entryPointId);
}

Expand Down Expand Up @@ -99,6 +112,17 @@ public function addConfiguration(NodeDefinition $node)
->end()
->end()
->end()
->arrayNode('cookie')
->addDefaultsIfNotSet()
->children()
->booleanNode('enabled')
->defaultFalse()
->end()
->scalarNode('name')
->defaultValue('BEARER')
->end()
->end()
->end()
->arrayNode('query_parameter')
->addDefaultsIfNotSet()
->children()
Expand Down
5 changes: 5 additions & 0 deletions Resources/config/services.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
<parameter key="lexik_jwt_authentication.security.authentication.entry_point.class">Lexik\Bundle\JWTAuthenticationBundle\Security\Http\EntryPoint\JWTEntryPoint</parameter>
<parameter key="lexik_jwt_authentication.extractor.authorization_header_extractor.class">Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\AuthorizationHeaderTokenExtractor</parameter>
<parameter key="lexik_jwt_authentication.extractor.query_parameter_extractor.class">Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\QueryParameterTokenExtractor</parameter>
<parameter key="lexik_jwt_authentication.extractor.cookie_extractor.class">Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\CookieTokenExtractor</parameter>
</parameters>

<services>
Expand Down Expand Up @@ -68,6 +69,10 @@
<service id="lexik_jwt_authentication.extractor.query_parameter_extractor" class="%lexik_jwt_authentication.extractor.query_parameter_extractor.class%" public="false">
<argument /> <!-- Parameter Name -->
</service>
<!-- Cookie Token Extractor -->
<service id="lexik_jwt_authentication.extractor.cookie_extractor" class="%lexik_jwt_authentication.extractor.cookie_extractor.class%" public="false">
<argument /> <!-- Name -->
</service>
<!-- JWT Security Authentication Entry Point -->
<service id="lexik_jwt_authentication.security.authentication.entry_point" class="%lexik_jwt_authentication.security.authentication.entry_point.class%" public="false"></service>
</services>
Expand Down
5 changes: 4 additions & 1 deletion Resources/doc/1-configuration-reference.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,11 @@ firewalls:
authorization_header: # check token in Authorization Header
enabled: true
prefix: Bearer
cookie: # check token in a cookie
enabled: false
name: BEARER
query_parameter: # check token in query string parameter
enabled: true
enabled: false
name: bearer
throw_exceptions: false # When an authentication failure occurs, return a 401 response immediately
create_entry_point: true # When no authentication details are provided, create a default entry point that returns a 401 response
Expand Down
33 changes: 33 additions & 0 deletions Tests/TokenExtractor/CookieTokenExtractorTest.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
<?php

namespace Lexik\Bundle\JWTAuthenticationBundle\Tests\TokenExtractor;

use Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\CookieTokenExtractor;
use Symfony\Component\HttpFoundation\Request;

/**
* CookieTokenExtractorTest
*
* @author Nicolas Cabot <[email protected]>
*/
class CookieTokenExtractorTest extends \PHPUnit_Framework_TestCase
{
/**
* test getRequestToken
*/
public function testGetTokenRequest()
{
$extractor = new CookieTokenExtractor('BEARER');

$request = new Request();
$this->assertFalse($extractor->extract($request));

$request = new Request();
$request->cookies->add(array('BEAR' => 'testtoken'));
$this->assertFalse($extractor->extract($request));

$request = new Request();
$request->cookies->add(array('BEARER' => 'testtoken'));
$this->assertEquals('testtoken', $extractor->extract($request));
}
}
39 changes: 39 additions & 0 deletions TokenExtractor/CookieTokenExtractor.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
<?php

namespace Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor;

use Symfony\Component\HttpFoundation\Request;

/**
* CookieTokenExtractor
*
* @author Nicolas Cabot <[email protected]>
*/
class CookieTokenExtractor implements TokenExtractorInterface
{
/**
* @var string
*/
protected $name;

/**
* @param string $name
*/
public function __construct($name)
{
$this->name = $name;
}

/**
* @param Request $request
* @return string
*/
public function extract(Request $request)
{
if (!$request->cookies->has($this->name)) {
return false;
}

return $request->cookies->get($this->name);
}
}

0 comments on commit 315fdca

Please sign in to comment.