Skip to content

parti-renaissance/oauth-client

4 Branches3 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ottavianoottaviano
Merge pull request #6 from EnMarche/authenticator
Apr 17, 2018
526b012 · Apr 17, 2018

History

11 Commits
.circleci
.circleci
Apr 11, 2018
src
src
Apr 17, 2018
tests/Guzzle
tests/Guzzle
Apr 11, 2018
.gitattributes
.gitattributes
Apr 11, 2018
.gitignore
.gitignore
Apr 10, 2018
.php_cs.dist
.php_cs.dist
Apr 11, 2018
LICENSE-full.md
LICENSE-full.md
Apr 11, 2018
LICENSE.md
LICENSE.md
Apr 11, 2018
Makefile
Makefile
Apr 11, 2018
README.md
README.md
Apr 12, 2018
composer.json
composer.json
Apr 13, 2018
phpunit.xml.dist
phpunit.xml.dist
Apr 11, 2018

Repository files navigation

EM OAuth Client

CircleCI

Installation

Add this repository to your composer.json as a repository as it is not registered on packagist :

{
    [...]
    "repositories": [
        {
            "type": "github",
            "url": "git@github.com:EnMarche/mailer-bundle.git"
        }
    ],
    [...]
{

Then you can install the lib

composer require enmarche/oauth-client

Example of integration with Symfony

This example uses csa/guzzle-bundle

services:
    _defaults:
        autowire: true
        autoconfigure: true
        public: false

    EnMarche\OAuthClient\OAuthAccessTokenProvider:
        arguments:
            $client: '@csa_guzzle.client.auth_server'
            $cache: '@app.cache.access_token.simple'
            $clientId: '%env(OAUTH_CLIENT_ID)%'
            $clientSecret: '%env(OAUTH_CLIENT_SECRET)%'
            $scopes: [scope1, scope2]

    EnMarche\OAuthClient\Guzzle\OAuthMiddleware:
        tags: [{name: 'csa_guzzle.middleware', alias: 'oauth', priority: 100}]
        
    app.cache.access_token.simple:
        class: Symfony\Component\Cache\Simple\Psr6Cache
        arguments:
            - '@app.cache.access_token'

The csa/guzzle-bundle and cache pool configs can look like the following :

framework:
    cache:
        app: cache.adapter.apcu
        pools:
            app.cache.access_token:
                default_lifetime: 3500
                
csa_guzzle:
    [...]
    clients:
        auth_server:
            middleware: ['!oauth']
            config:
                base_uri: '%env(OAUTH_SERVER_URL)%'
                timeout: 2.0
                headers:
                    Accept: 'application/json'

        api_em:
            config:
                base_uri: '%env(API_EM_URL)%'
                timeout: 10.0
                headers:
                    Accept: 'application/json'

The OAuth middleware is the one that add the Authorization header, that's why it is disabled for auth_server client. All the others clients get the middleware activated automatically.

OAuth firewall for Symfony

It validates any given access token (With Authorization header) against EnMarche OAuth server.

This example uses a similar config than the previous one for csa/guzzle-bundle

Then you can configure the guard :

services:
    EnMarche\OAuthClient\OAuthAuthenticator:
            arguments: ['@csa_guzzle.client.auth_server']
            
security:
    firewalls:
        main:
            stateless: true
            guard:
                authenticators:
                    - 'EnMarche\OAuthClient\OAuthAuthenticator'

If authentication is successful, the token storage will be loaded with a \EnMarche\OAuthClient\User\ApiUser user and access token scopes as roles prefixed with ROLE_OAUTH_SCOPE_

Tests

make test

About

No description, website, or topics provided.

Resources

Readme

License

Unknown, AGPL-3.0 licenses found

Licenses found

Unknown
LICENSE.md
AGPL-3.0
LICENSE-full.md
Activity
Custom properties

Stars

1 star

Watchers

10 watching

Forks

0 forks
Report repository

Releases 3

Fix Authenticator Latest
Apr 17, 2018
+ 2 releases

Packages

No packages published

Contributors 4

Languages