cnam/security-jwt-service-provider

此包的最新版本(2.1.1)没有提供许可证信息。

用于授权 jwt 令牌的服务提供者

维护者

详细信息

github.com/cnam/security-jwt-service-provider

源代码

问题

安装次数: 105,115

依赖项: 3

建议者: 0

安全: 0

星标: 60

关注者: 7

分支: 40

公开问题: 8

2.1.1 2017-02-09 06:24 UTC

Requires

Requires (Dev)

Unknown License 6008eb8188674c17606c9c05ce31b9a451084906

  • Anton Popov <cnam812.woop@gmail.com>
  • V <v.tyubek.woop@gmail.com>

This package is auto-updated.

Last update: 2024-08-27 02:55:40 UTC

README

Build Status Latest Stable Version Total Downloads Latest Unstable Version License

此提供者与 silex 安全一起使用

需要 silex

对于使用稳定版本的 silex,您需要使用 1.* 版本的 security jwt 服务提供者

对于使用 silex 2.0 版本或非稳定 master,您需要使用 2.* 版本

安装

composer require cnam/security-jwt-service-provider:1.*

或者向您的 composer.json 添加

require "cnam/security-jwt-service-provider":"1.*"

简单示例

初始化 silex 应用程序

require_once __DIR__ . '/../../vendor/autoload.php';

$app = new Silex\Application(['debug' => true]);

创建配置

为 security jwt 添加配置

$app['security.jwt'] = [
    'secret_key' => 'Very_secret_key',
    'life_time'  => 86400,
    'options'    => [
        'username_claim' => 'name', // default name, option specifying claim containing username
        'header_name' => 'X-Access-Token', // default null, option for usage normal oauth2 header
        'token_prefix' => 'Bearer',
    ]
];

创建用户,任何实现 UserProviderInterface 接口的用户提供者

$app['users'] = function () use ($app) {
    $users = [
        'admin' => array(
            'roles' => array('ROLE_ADMIN'),
            // raw password is foo
            'password' => '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==',
            'enabled' => true
        ),
    ];

    return new InMemoryUserProvider($users);
};

为 silex 安全添加配置

$app['security.firewalls'] = array(
    'login' => [
        'pattern' => 'login|register|oauth',
        'anonymous' => true,
    ],
    'secured' => array(
        'pattern' => '^.*$',
        'logout' => array('logout_path' => '/logout'),
        'users' => $app['users'],
        'jwt' => array(
            'use_forward' => true,
            'require_previous_session' => false,
            'stateless' => true,
        )
    ),
);

注册 silex 提供者

$app->register(new Silex\Provider\SecurityServiceProvider());
$app->register(new Silex\Provider\SecurityJWTServiceProvider());

授权和保护资源请求的示例

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\InMemoryUserProvider;
use Symfony\Component\Security\Core\User\User;


$app->post('/api/login', function(Request $request) use ($app){
    $vars = json_decode($request->getContent(), true);

    try {
        if (empty($vars['_username']) || empty($vars['_password'])) {
            throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username']));
        }

        /**
         * @var $user User
         */
        $user = $app['users']->loadUserByUsername($vars['_username']);

        if (! $app['security.encoder.digest']->isPasswordValid($user->getPassword(), $vars['_password'], '')) {
            throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $vars['_username']));
        } else {
            $response = [
                'success' => true,
                'token' => $app['security.jwt.encoder']->encode(['name' => $user->getUsername()]),
            ];
        }
    } catch (UsernameNotFoundException $e) {
        $response = [
            'success' => false,
            'error' => 'Invalid credentials',
        ];
    }

    return $app->json($response, ($response['success'] == true ? Response::HTTP_OK : Response::HTTP_BAD_REQUEST));
});

$app->get('/api/protected_resource', function() use ($app){
    return $app->json(['hello' => 'world']);
});

$app->run();

完整示例在目录 tests/mock/app.php 中

并且应该为测试正确工作 silex-security-jwt-provider