通过 3rd Party REST API 进行 Symfony2 身份验证 [英] Symfony2 authentication via 3rd Party REST API
问题描述
我正在使用 Symfony2 编写一个应用程序,它将与 Wordnik REST API 交互.>
目前,Wordnik API 不提供 OAuth 功能,因此我必须接受用户名和密码,然后我将透明地传递给 API 接口.
我想将此 API 身份验证集成到 Symfony2 的安全系统中,但目前我还无法确定最佳实现路径是什么.
我认为自定义用户提供程序是正确的,因为密码没有存储在我的系统中.关于自定义身份验证提供程序的所有示例似乎都与应用程序的一部分作为一个 API,而不是反对一个 REST API.
我也不清楚 FOSUserBundle 在多大程度上有助于解决这个问题.
理想的流程:
- 用户提供凭据.
- 凭据被传递到第 3 方 REST API
- 如果凭据正确:
- 相应的第三方用户"实体由我的应用程序创建(如果不存在).
- 使用此第三方用户"实体对用户进行身份验证.
在 Symfony2 安全上下文中实现这一点的最佳方法是什么?
谢谢!
相关问题:
您必须实现自定义身份验证提供程序,如下所述:http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
我无法告诉您最好的方法是什么,只是为了帮助您入门:您创建一个侦听器、一个令牌、一个提供程序和一个工厂.
侦听器的attemptAuthentication 方法获取用户提供的凭据并使用该输入创建一个新令牌.在该方法的末尾,您将添加:返回 $this->authenticationManager->authenticate($token);
您的提供商将在身份验证方法中使用此令牌来发送 API 请求.
对于不存在的用户,您有两个选择:- 在 API 调用之后和检查它是否已经存在之后,在身份验证方法中创建一个用户,我认为这不是他们要走的路- 创建您自己的身份验证失败处理程序,类似于 https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php 但在您添加的 onAuthenticationFailure 方法的顶部if ($exception instanceof UsernameNotFoundException && (null !== $token = $exception->getToken()) && $token instanceof YourWordnikToken) {//在此处创建该用户}
这只是它如何工作的基本概念......我在 IRC 上,昵称 hacfi - 如果您需要进一步的指导,请告诉我
I'm writing an application using Symfony2 which will interface with the Wordnik REST API.
Currently, the Wordnik API does not offer OAuth capabilities, so I have to accept a username and password which I'll then transparently pass to the API interface.
I'd like to integrate this API authentication into Symfony2's security system, but so far I haven't been able to identify what the best implementation route is.
I don't think the custom user provider is correct, because the password is not stored in my system. All examples regarding custom authentication providers seem to pertain to the securing of a part of an application as an API, rather than against a REST API.
It's not clear to me to what extent the FOSUserBundle helps to solve this problem either.
The ideal flow:
- User provides credentials.
- Credentials are passed to the 3rd party REST API
- If the credentials are correct:
- A corresponding "third party user" Entity is created by my application, if it doesn't exist.
- The user is authenticated using this "third party user" Entity.
What is the best way to implement this within a Symfony2 security context?
Thanks!
Related Questions:
you have to implement a custom authentication provider as described in: http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
I can't tell you what the best way is but just to help you get started: You create a listener, a token, a provider and a factory.
The attemptAuthentication method of the listener takes the credentials provided by the user and creates a new Token with that input. At the end of the method you'll add a: return $this->authenticationManager->authenticate($token);
Your provider will use this token in the authenticate method to send the API request.
For non-existing users you have two options: - create a user in the authenticate method after the API call and after you check whether it already exists which I believe is NOT they way to go - create your own authentication failure handler which is like https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php but at the top of the onAuthenticationFailure method you add if ($exception instanceof UsernameNotFoundException && (null !== $token = $exception->getToken()) && $token instanceof YourWordnikToken) { // create that user here }
That's just the basic idea how it works...I'm on IRC with the nickname hacfi - let me know if you need further guidance
这篇关于通过 3rd Party REST API 进行 Symfony2 身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!