通过第三方REST API的Symfony2认证 [英] Symfony2 authentication via 3rd Party REST API
问题描述
我正在写使用Symfony2的应用程序将与 Wordnik REST API接口
I'm writing an application using Symfony2 which will interface with the Wordnik REST API.
目前,该Wordnik API不提供OAuth的能力,所以我必须接受一个用户名和密码,我会再透明地传递给API接口。
Currently, the Wordnik API does not offer OAuth capabilities, so I have to accept a username and password which I'll then transparently pass to the API interface.
我想这个API认证融入Symfony2中的安全系统,但到目前为止,我还没有能够确定最佳路径实现什么。
I'd like to integrate this API authentication into Symfony2's security system, but so far I haven't been able to identify what the best implementation route is.
我不认为自定义用户提供是正确的,因为密码是不存储在我的系统。关于定制认证供应商所有的例子似乎涉及到一个应用程序的一部分的固定的为的一个API,而不是的对的一个REST API。
I don't think the custom user provider is correct, because the password is not stored in my system. All examples regarding custom authentication providers seem to pertain to the securing of a part of an application as an API, rather than against a REST API.
这不是我清楚到什么程度FOSUserBundle有助于要么解决这个问题。
It's not clear to me to what extent the FOSUserBundle helps to solve this problem either.
的理想的流程:的
- 用户提供凭据。
- 凭据传递给第三方REST API
- 如果凭据是正确的:
- 相应的第三方用户实体是由我的应用程序创建的,如果它不存在。
- 的用户使用的是这个第三方用户实体认证。
什么是一个Symfony2的安全上下文中执行最好的方法?
What is the best way to implement this within a Symfony2 security context?
谢谢!
的相关问题:的
- Problems在Symfony2中 配置用户验证通过外部API
- Problems configuring user authentication by external API on Symfony2
推荐答案
您中的说明来实现自定义身份验证提供者:
的http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.htmlyou have to implement a custom authentication provider as described in: http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
我不能告诉你什么是最好的办法是,但只是为了帮助您开始:
您创建一个监听器,令牌,提供者和工厂。I can't tell you what the best way is but just to help you get started: You create a listener, a token, a provider and a factory.
听者的attemptAuthentication方法需要由用户提供的凭据并创建一个具有输入一个新的令牌。在您将添加一个方法的末尾:
返回$这个 - > authenticationManager->认证($令牌);The attemptAuthentication method of the listener takes the credentials provided by the user and creates a new Token with that input. At the end of the method you'll add a: return $this->authenticationManager->authenticate($token);
您提供商将使用此令牌在认证方法发送API请求。
Your provider will use this token in the authenticate method to send the API request.
有关非现有用户,你有两种选择:
- 创建API调用后和认证方法中,用户您检查是否已经存在,我认为这不是他们的路要走
- 创建自己的认证失败的处理程序是像<一个href=\"https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php\" rel=\"nofollow\">https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php但在onAuthenticationFailure方法的顶部添加
如果($例外的instanceof UsernameNotFoundException&放大器;及(空== $令牌= $与异常>为gettoken())及!&安培; $令牌的instanceof YourWordnikToken){
//这里创建一个用户
}For non-existing users you have two options: - create a user in the authenticate method after the API call and after you check whether it already exists which I believe is NOT they way to go - create your own authentication failure handler which is like https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php but at the top of the onAuthenticationFailure method you add if ($exception instanceof UsernameNotFoundException && (null !== $token = $exception->getToken()) && $token instanceof YourWordnikToken) { // create that user here }
这仅仅是基本的想法它是如何工作...我与绰号hacfi IRC - 让我知道如果你需要进一步的指导。
That's just the basic idea how it works...I'm on IRC with the nickname hacfi - let me know if you need further guidance
这篇关于通过第三方REST API的Symfony2认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
