This bundle is is still under development, things might change!
$ git clone https://github.com/mazen/EtcpasswdOAuthBundle.git vendor/bundles/Etcpasswd/OAuthBundle $ git clone https://github.com/kriswallsmith/Buzz.git vendor/buzz
register the namespaces in your autoloader:
# app/autoload.php $loader->registerNamespaces(array( 'Etcpasswd' => __DIR__.'/../vendor/bundles', 'Buzz' => __DIR__.'/../vendor/buzz/lib', // .. your other namespaces ));
register the bundle within your Application's Kernel:
# app/AppKernel.php $bundles = array( new Etcpasswd\OAuthBundle\EtcpasswdOAuthBundle(), // .. other bundles );
Configure your security firewall:
# app/config/security.yml firewalls: oauth: anonymous: true logout: true pattern: ^/ oauth: auth_provider: api provider client_id: client id client_secret: secret uid: email scope: requested scope login_path: /login check_path: /auth failure_path: / factories: - "%kernel.root_dir%/../vendor/bundles/Etcpasswd/OAuthBundle/Resources/config/security_factories.xml"
Please not that you do not need to build any controllers for either the
login_path or the check_path. They are only used internally to identify
when a login needs to happen.
Also note that you still have to provide a user provider. This bundle only authenticates the user based on an OAuth service but does not create any User object itself.
Specifying multiple OAuth2 Providers
This package also allows to use different providers at once for signing in.
All you have to do is to add those providers to the security.yml
firewalls: main: anonymous: true logout: true pattern: ^/ oauth_github: auth_provider: "github" client_id: xxx client_secret: xxx scope: repo,user login_path: /login/github check_path: /auth/github failure_path: / oauth_facebook: auth_provider: "facebook" client_id: xxx client_secret: xxx scope: "" login_path: /login/facebook check_path: /auth/facebook failure_path: / oauth_google: auth_provider: "google" client_id: xxx client_secret: xxx scope: "https://www.googleapis.com/auth/plus.me" login_path: /login/google check_path: /auth/google failure_path: /
Calling either /login/github, /login/facebook or /login/google will then use
the correct oauth provider.
Builtin OAuth Providers
This bundle ships with the following builtin providers:
Notes on Google: you need to at least provide the scope
in order to get a username
This bundle does not ship with any way of authorization of users and / or persitant state. You should have a look
at the https://github.com/FriendsOfSymfony/FOSUserBundle for that.
If you want to use those users anyways, without ever wanting to persist them into a database, you can though add
the provider shipped with this bundle to your security configuration.
This will allow you to access the accessToken via the Security Context service to query other API services from the
security: firewalls: main: anonymous: true logout: true pattern: ^/ oauth_github: auth_provider: "github" client_id: xxx client_secret: xxx scope: repo,user login_path: /login/github check_path: /auth/github failure_path: / role_hierarchy: ROLE_ADMIN: [ROLE_USER] providers: main: id: etcpasswd_oauth.user.provider access_control: ~ factories: - "%kernel.root_dir%/../vendor/bundles/Etcpasswd/OAuthBundle/Resources/config/security_factories.xml"
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- Merge pull request #12 from gimler/composer
- Merge pull request #11 from stloyd/patch-1
- add composer file
Fixed typo and cleaned some CS :P
By stloyd, 6 years ago
- Merge pull request #4 from gimler/cleanup
- Merge pull request #8 from gimler/json_data
- add json data property to access the property later
- Merge pull request #5 from gimler/changeable_roles
- Merge pull request #7 from justinpfister/patch-1
enabled remember_me . It defaults to false. If set to true and your user provider is setup properly a remember_me token will be created.
By justinpfister, 6 years ago
- add service parameter etcpasswd_oauth.user.model.class to easy override the Model User Class in UserProvider
- make roles changeable
- fix coding standard
- fix cs; add/fix phpdocs; reduce code
- Merge pull request #3 from gimler/uid_option
- add uid field option
- Type fix
- * Provide a user provider which lets you work with OAuth authenticated users
- Fix some issues of last commit
* Allow specifying multiple providers with different provider keys
By Marcel Beerta, 6 years ago
- Updated readme and added note about user providers
- Initial version of an OAuth Bundle