Silex security jwt service provider

This provider usage with silex security

require silex

for usage stable version silex your need used security jwt service provider version in 1.*

for usage silex 2.0 version or not stable master your need usage version 2.*

Installation

composer require cnam/security-jwt-service-provider:1.*

Or add your composer.json

require "cnam/security-jwt-service-provider":"1.*"

Simple example

Initialise silex application

require_once __DIR__ . '/../../vendor/autoload.php'; $app = new SilexApplication(['debug' => true]);

Create configuration

add config for security jwt

$app['security.jwt'] = [ 'secret_key' => 'Very_secret_key', 'life_time' => 86400, 'options' => [ 'username_claim' => 'name', // default name, option specifying claim containing username 'header_name' => 'X-Access-Token', // default null, option for usage normal oauth2 header 'token_prefix' => 'Bearer', ] ];

Create users, any user provider implementing interface UserProviderInterface

$app['users'] = function () use ($app) { $users = [ 'admin' => array( 'roles' => array('ROLE_ADMIN'), // raw password is foo 'password' => '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==', 'enabled' => true ), ]; return new InMemoryUserProvider($users); };

Add config for silex security

$app['security.firewalls'] = array( 'login' => [ 'pattern' => 'login|register|oauth', 'anonymous' => true, ], 'secured' => array( 'pattern' => '^.*$', 'logout' => array('logout_path' => '/logout'), 'users' => $app['users'], 'jwt' => array( 'use_forward' => true, 'require_previous_session' => false, 'stateless' => true, ) ), );

$app->register(new SilexProviderSecurityServiceProvider()); $app->register(new SilexProviderSecurityJWTServiceProvider());

Example for authorization and request for protected resources

use SymfonyComponentHttpFoundationRequest; use SymfonyComponentHttpFoundationResponse; use SymfonyComponentSecurityCoreExceptionUsernameNotFoundException; use SymfonyComponentSecurityCoreUserInMemoryUserProvider; use SymfonyComponentSecurityCoreUserUser; $app->post('/api/login', function(Request $request) use ($app){ $vars = json_decode($request->getContent(), true); try { if (empty($vars['_username']) || empty($vars['_password'])) { throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username'])); } /** * @var $user User */ $user = $app['users']->loadUserByUsername($vars['_username']); if (! $app['security.encoder.digest']->isPasswordValid($user->getPassword(), $vars['_password'], '')) { throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username'])); } else { $response = [ 'success' => true, 'token' => $app['security.jwt.encoder']->encode(['name' => $user->getUsername()]), ]; } } catch (UsernameNotFoundException $e) { $response = [ 'success' => false, 'error' => 'Invalid credentials', ]; } return $app->json($response, ($response['success'] == true ? Response::HTTP_OK : Response::HTTP_BAD_REQUEST)); }); $app->get('/api/protected_resource', function() use ($app){ return $app->json(['hello' => 'world']); }); $app->run();

Full example in directory tests/mock/app.php

And should for tests correct work silex-security-jwt-provider

前往下载

版权声明：

1、该文章(资料)来源于互联网公开信息，我方只是对该内容做点评，所分享的下载地址为原作者公开地址。
2、网站不提供资料下载，如需下载请到原作者页面进行下载。
3、本站所有内容均由合作方或网友上传，本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺！文档内容仅供研究参考学习用！
4、如文档内容存在违规，或者侵犯商业秘密、侵犯著作权等，请点击“违规举报”。

分享到：