facile-it/openid-bundle

此包已被废弃,不再维护。未建议替代包。

一个用于集成 OpenId 登录的 Symfony 扩展包

维护者

详细信息

github.com/facile-it/openid-bundle

源代码

问题

安装: 50

依赖者: 0

建议者: 0

安全: 0

星星: 0

关注者: 4

分支: 0

开放问题: 0

类型:symfony-bundle

0.1.0 2019-05-07 09:16 UTC

Requires

Requires (Dev)

MIT 040a4dd9e6494f0fcd03e814fe2341047ed83227

  • Alessandro Lai <alessandro.lai85.woop@gmail.com>

symfonyOpenIdbundle

This package is auto-updated.

Last update: 2022-02-01 13:16:36 UTC

README

警告:此包已被废弃。由于 OpenId Connect 是 OAuth2 功能的超集,请改用 OAuth2 客户端。

PHP Version Stable release Unstable release

Build status Coverage Status

此扩展包为您的 Symfony 防火墙添加一个新的 自定义认证提供者,允许您使用第三方 OpenId 提供者进行用户认证。

安装

通过 Composer 需要此包

composer require facile-it/openid-bundle

将扩展包添加到您的应用程序内核中

class AppKernel extends Kernel
{
    public function registerBundles()
    {
        $bundles = [
            // ...
            new Facile\OpenIdBundle\OpenIdBundle(),
        ];

        // ...

配置

将两个需要的路由添加到您的路由配置中;名称和路径由您决定

## app/config/routing.yml

facile_openid_login: # your login route, that will redirect your user to the OpenId service
    path: /openid/login

facile_openid_check: # your check route, where your user will return back for authentication on your app
    path: /openid/check

定义一个实现 \Facile\OpenIdBundle\Security\UserProvider 接口的服务

<?php

namespace App\Security;

use Facile\OpenIdBundle\Security\Authentication\Token\OpenIdToken;
use Symfony\Component\Security\Core\User\UserInterface;

class MyOpenIdUserProvider implements \Facile\OpenIdBundle\Security\UserProvider
{
    /**
     * Authentication hook point for the entire bundle.
     *
     * During the authentication procedure, this method is called to identify the user to be
     * authenticated in the current session. This method will hold all the logic to associate
     * the given OpenId token to an user of the current application. The user can even be
     * instantiated (and/or persisted) on the fly, and it will be set in the current session
     * afterwards.
     *
     * @param OpenIdToken $token the token obtained during the post-authentication redirect
     *
     * @return UserInterface|null the user associated to that token, or null if no user is found
     */
    public function findUserByToken(OpenIdToken $token): ?UserInterface
    {
        // ...
    }
}

在您的 Symfony 应用程序的 Security 扩展包配置下,按照以下方式配置防火墙

security:
  # ...

  firewalls:
    my_secured_firewall:
      pattern: ^/(secured|openid) # choose the right pattern to protect behind the OpenId authentication 
      facile_openid:
        auth_endpoint: 'http://login.example.com/oauth2/authorize' # the endpoint of the OpenId service to redirect to for authentication 
        client_id: 'client_test' # your client ID
        login_path: facile_openid_login # the route name or path of your login route
        check_path: facile_openid_check # the route name or path of your check route
        jwt_key_path: '/some/path/to/jwt/public.key' # the file path to the public key that was used to sign the OpenId JWT token
        provider: App\Security\MyOpenIdUserProvider # the ID of the service implementing the UserProvider interface

        # optional configuration parameters:
        scope: # default value: ['email']; openid scope is implicit
        - email
        - profile

注意:防火墙的 login_pathcheck_path 路由必须与防火墙的模式匹配,否则防火墙不会被触发。