alcalyn/silex-wsse

基于文档中Silex示例的WSSE实现。

维护者

详细信息

github.com/alcalyn/silex-wsse

主页

源代码

问题

安装: 113

依赖项: 0

建议者: 0

安全性: 0

星标: 2

关注者: 2

分支: 0

公开问题: 0

1.1.0 2017-09-26 15:37 UTC

Requires

MIT 92e7253d0b676061196f3e0f3a22507301f36e09

  • Julien Maulny <doubjulien.woop@hotmail.fr>

silexsymfonyuserwsse

This package is not auto-updated.

Last update: 2024-09-14 18:47:25 UTC

README

Latest Stable Version License

提供Silex提供程序以实现WSSE身份验证

安装

通过Composer

{
    "require": {
        "alcalyn/silex-wsse": "~1.0.0"
    }
}

用法

// Register Silex security
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
    'security.firewalls' => array(
        'api' => array(
            'pattern' => '^/api',
            'wsse' => true,
            'stateless' => true,
            'users' => $myUserProvider,
        ),
    ),
));

// SilexWsse needs a token validator service with a path where to store Wsse tokens
$app['security.wsse.token_validator'] = function () {
    $wsseCacheDir = 'var/cache/wsse-tokens';

    return new PasswordDigestValidator($wsseCacheDir);
};

// Register Wsse provider
$app->register(new WsseServiceProvider('api'));

然后你可以在控制器中这样检索你的认证用户

$app->get('api/auth', function () use ($app) {
    $authenticatedUser = $app['user'];

    return 'Hello '.$app->escape($authenticatedUser->getUsername());
});

完整示例

使用纯密码编码器,以及用户 toto 和密码 pass

use Symfony\Component\Security\Core\User\InMemoryUserProvider;
use Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder;
use Alcalyn\Wsse\Security\Authentication\Provider\PasswordDigestValidator;
use Alcalyn\SilexWsse\Provider\WsseServiceProvider;

$app = new Silex\Application();

$myUserProvider = function () {
    return new InMemoryUserProvider(array(
        'toto' => ['password' => 'pass'],
    ));
};

$app['security.default_encoder'] = function () {
    return new PlaintextPasswordEncoder();
};

// Register Silex security
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
    'security.firewalls' => array(
        'api' => array(
            'pattern' => '^/api',
            'wsse' => true,
            'stateless' => true,
            'users' => $myUserProvider,
        ),
    ),
));

// SilexWsse needs a token validator service with a path where to store Wsse tokens
$app['security.wsse.token_validator'] = function () {
    $wsseCacheDir = 'var/cache/wsse-tokens';

    return new PasswordDigestValidator($wsseCacheDir);
};

// Register Wsse provider
$app->register(new WsseServiceProvider('api'));

$app->get('api/auth', function () use ($app) {
    $authenticatedUser = $app['user'];

    return 'Hello '.$app->escape($authenticatedUser->getUsername());
});

$app->run();

然后使用以下http请求与 X-WSSE 标头(在此生成 here

GET https:///my-app/index.php/api/auth
X-WSSE: UsernameToken Username="toto", PasswordDigest="ieIS4sijyAW2ZrnvhvDOqBH+aSQ=", Nonce="NDlhNWE2M2YxNWQ2ZDk1NA==", Created="2016-07-31T12:46:16Z"

返回响应

200 OK
Date:  Sun, 31 Jul 2016 12:46:25 GMT

Hello toto

调试

在实现Wsse身份验证时,你应该会经历一些认证失败(令牌过期,已使用nonce...)。

要显示失败原因,你可以像这样显示symfony认证异常

use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;

$app->on('security.authentication.failure', function(AuthenticationFailureEvent $event) {
    echo $event->getAuthenticationException()->getMessage();
});

查看关于认证事件的symfony文档。

许可证

本项目受MIT许可证保护。