Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added configuration of the user provider #4895

Closed
wants to merge 4 commits into from
Closed

Added configuration of the user provider #4895

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b6448bf
Added configuration of the your_api_key_user_provider as user provider
peterrehm Jan 21, 2015
26ada44
Updated according to comment and changed to AppBundle
peterrehm Jan 23, 2015
97aa12d
Updated as per discussion
peterrehm Jan 24, 2015
308fa53
Removed unneeded spaces
peterrehm Jan 25, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions cookbook/security/api_key_authentication.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -318,6 +318,10 @@ using the ``simple_preauth`` key:
simple_preauth:
authenticator: apikey_authenticator

providers:
simple_preauth:
id: your_api_key_user_provider

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The class behind this service would be the ApiKeyUserProvider class that we create in this article, right? If so, I'd like your thought on going even a bit further:

  1. Change the name from simple_preauth to something else, because I don't think this needs to correspond with the authentication name under the firewall (so using something else will make that obvious)

  2. Change the key used here to be something like api_key_user_provider

  3. After we show them the ApiKeyUserProvider, we just kind of link to the "custom user provider" article. What do you think about adding the service configuration below that code block and also show the security.yml configuration? I don't want to duplicate, but I feel like maybe we're leaving the user hanging without enough details.

Thanks :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@weaverryan Updated as per your comments, I think adding the service makes sense. I actually had this before, but then removed it again due to the reference. But that should not be an issue to maintain.

I also changed everything to your favorite, the AppBundle.. :)

.. code-block:: xml

<!-- app/config/security.xml -->
Expand All @@ -336,6 +340,8 @@ using the ``simple_preauth`` key:
>
<simple-preauth authenticator="apikey_authenticator" />
</firewall>

<provider name="simple_preauth" id="your_api_key_user_provider" />
</config>
</srv:container>

Expand All @@ -355,6 +361,11 @@ using the ``simple_preauth`` key:
),
),
),
'providers' => array(
'simple_preauth' => array(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The change of the name is not reflect here. :)

'id' => 'your_api_key_user_provider',
),
),
));

That's it! Now, your ``ApiKeyAuthentication`` should be called at the beginning
Expand Down Expand Up @@ -394,6 +405,10 @@ configuration or set it to ``false``:
simple_preauth:
authenticator: apikey_authenticator

providers:
simple_preauth:
id: your_api_key_user_provider

.. code-block:: xml

<!-- app/config/security.xml -->
Expand All @@ -412,6 +427,8 @@ configuration or set it to ``false``:
>
<simple-preauth authenticator="apikey_authenticator" />
</firewall>

<provider name="simple_preauth" id="your_api_key_user_provider" />
</config>
</srv:container>

Expand All @@ -430,6 +447,11 @@ configuration or set it to ``false``:
),
),
),
'providers' => array(
'simple_preauth' => array(
'id' => 'your_api_key_user_provider',
),
),
));

Even though the token is being stored in the session, the credentials - in this
Expand Down