sfOauthServerPlugin - 0.8.0

Jean-Baptiste Cayrou

You are currently browsing
the website for symfony 1

Visit the Symfony2 website


« Back to the Plugins Home

Signin


Forgot your password?
Create an account

Tools

Stats

advanced search
Information Readme Dependencies Releases Changelog Contribute
This plugin is deprecated and is not maintained anymore.
Show source

sfOauthServerPlugin

Introduction

I am proud to present my first plugin :D ! This plugin permits to create easily an authentication for a module or an action. This authentication works both with OAuth 1.0 and 2.0 For instance, it allows to secure an API and control access and permissions of each cusumers (applications).

Installation

  • Install the plugin (via a package)

    symfony plugin:install sfOauthServerPlugin
    
  • Activate the plugin in the config/ProjectConfiguration.class.php

    class ProjectConfiguration extends sfProjectConfiguration
    {
      public function setup()
      {
        $this->enablePlugins(array(
          'sfDoctrinePlugin', 
          'sfDoctrineGuardPlugin',
          'sfOauthServerPlugin'
        ));
      }
    }
  • Rebuild your model

  • Enable modules There are three modules in this plugin : oauth, application and sfOauthAdmin

The first one permits to exchange token and code for the authentication.

The seconde one has just one action for the moment : authorize It is in this action that an user accept or not an application to access to its data.

The last one is just a module for the backend to manage consumers.

You have to enabled these modules in yours applications. ( In my case, i have three applications : api where "oauth" is enabled, the frontend (application enabled) and the backend. )

  • For example :

     Enable the modules in settings.yml
      all:
       .settings:
         enabled_modules: [...,oauth]
    

Usage

Now to secure a module/action, just create a config file "oauth.yml" in the config repertory of the module. It works exactly like the security.yml

  • This is an example of configuration :

    oauth.yml
    all:
      is_secure : false
    info:
      is_secure : true
    permissions : [ read , write ]
    

For more information about how write permissions please see here : http://www.symfony-project.org/jobeet/1_4/Doctrine/en/13#chapter_13_sub_authorization

To fix permissions (or scope) of a consumer, just write them in the field scope of sfOauthServerConsumer with a space between eatch right. for example :

$consumer->setScope('read write');

How it works

Events

This plugin uses two vendor libraries :

When requests from application are not good they throw exceptions. By default symfony catch them and show an 500 internal error for the production and an error page with many information about exceptions for developmennt. sfOauthServerPlugin listens exceptions (event : 'application.throw_exception') and if the type (class name) is OAuthException it treats it to show it in the good way and readable for application. Two formats are avaibles for the display of exceptions ( json and xml) but you can easily add an other by adding a file in /sfOauthServerPlugin/config/error/error.myformat.php

License and credits

This plugin has been developed by Jean-Baptiste Cayrou and is licensed under the MIT license.