Developed with love by KnpLabs Hire us for your project!
0

security-api-bundle

by OsLab

Security API bundle

OsLab security API bundle

A bundle for securing ReST api calls.

Build Status
Scrutinizer Code Quality
Code Coverage
Total Downloads
Latest Stable Version
License
SensioLabsInsight

Introduction

This bundle allows you to add an authentication mechanism with a token easily to your APIs.

Once you've configured everything, you'll be able to authenticate by adding an apikey parameter to the query string, like http://example.com/api/key?apikey=513e45b56f637b51d194a7524f2d51f2
or add through a header your token.

Installation

Step 1: Download OsLabSecurityApiBundle using Composer

Require the bundle with composer:

$ composer require oslab/security-api-bundle

Or you can add it in the composer.json. Just check Packagist for the version you want to install (in the following example, we used "dev-master") and add it to your composer.json:

    {
        "require": {
            "oslab/security-api-bundle": "dev-master"
        }
    }

Step 2: Enable the bundle

Finally, enable the bundle in the kernel:

    // app/AppKernel.php

    public function registerBundles()
    {
        $bundles = array(
            // ...
            new OsLab\SecurityApiBundle\OsLabSecurityApiBundle(),
        );
    }

Step 3: Configure your application's security.yml

    providers:
        chain_provider:
            chain:
                providers: [api_provider]

        ...

        api_provider:
            memory_api:
                users:
                    micro_service_asset:
                        password: '1x4c40nwh96080gk70f7k5awz9k6tczqs3jr01z94849n'
                        roles: 'ROLE_API'
                    external_api_customer:
                        password: 'j6eef2w0689a6if50c365v2zq0c855ywgyt106j2b6q5h'
                        roles: 'ROLE_API'
         ...

    firewalls:
        ...

        api_secured:
            pattern: ^/api/*
            stateless: true
            simple_preauth:
                authenticator: oslab_security_api.security.authentication.authenticator
            provider: api_provider

        ...

    access_control:
        ...
        - { path: ^/api/*, roles: [ROLE_API]}
        ...

Credits

License

Security API bundle is released under the MIT License, you agree to license your code under the MIT license

Copyright (c) 2015-2017 OsLab

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OFCONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
oslab_security_api:
authentication:
method: query # Required
key_name: key # Required