opcoding/azure-active-directory


README

symfony 4项目的活动azure目录组件

路由

在您的 config/routes.yaml 中添加以下代码

opcoding_aad_bundle:
    resource: '@OpcodingAADBundle/Resources/config/routes.yaml'

编辑 bundles.php 文件并添加以下代码

<?php
return [
    OpcodingAADBundle\OpcodingAADBundle::class => ['all' => true]
];

编辑 config/packages/knpu_oauth2_client.yml 文件并添加以下代码

knpu_oauth2_client:
    clients:
        azure:
            type: azure
            client_id: '%env(resolve:AZURE_CLIENT_ID)%'
            client_secret: '%env(resolve:AZURE_CLIENT_SECRET)%'
            redirect_route: connect_azure_check
            redirect_params: {}
            api_version: '1.6'

然后编辑 config/packages/security.yml 并根据您的需求添加以下代码

security:
    providers:
        app:
            entity:
                class: OpcodingAADBundle:User
                property: username
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern: ^/
            anonymous: ~
            logout:
                path: app_logout
                target: /
            guard:
                authenticators:
                    - OpcodingAADBundle\Security\AzureAuthenticator

例如,如果您的应用程序要求所有用户必须登录,您可以配置如下

security:
    firewalls:
        main:
            pattern: ^/
            anonymous: true
            logout:
                path: app_logout
                target: /
            guard:
                authenticators:
                    - OpcodingAADBundle\Security\AzureAuthenticator
    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_USER }