The SignedAuthBundle allows you to use token with hashed request parameters and secret key for authentication in your Symfony 2 project.
- Token can be provided with header or GET|POST parameter
- Configurable hash params: secret key getter, hash string concatenation delimiter, token delimiter, token key name
- Ability to sign params from request(uri, host, etc), headers and query(POST and GET)
Require the epustobaev/signed-auth-bundle
package in your composer.json and update your dependencies.
$ composer require epustobaev/signed-auth-bundle
Add the SignedAuthBundle to your application's kernel:
public function registerBundles()
{
$bundles = array(
...
new Dendy\SignedAuthBundle\DendySignedAuthBundle(),
...
);
...
}
Example uses orm user provider, token in request header "x-auth", sign params from headers, query and request,
hash algorithm md5 and default delimiters.
Example token value: username:ec1cef72d94b43cc96fc8a866f6e19d3
.
security:
providers:
some_provider:
entity:
class: Namespace\Bundle\SomeBundle\Entity\SomeUser
property: name
manager_name: default
firewalls:
## some other
signed_secured:
pattern: ^/api/
stateless: true
provider: some_provider
signed:
auth_type: header
request_key: x-auth
token_delimiter: ':'
data_delimiter: '|'
hash_alg: 'md5'
secret_getter: 'getAuthSecret'
signed_params:
headers: ['Host', 'User-Agent']
query: ['username']
request: ['requestUri']
auth_type
- default value is 'request' - get token value from GET or POST, in opposite 'headers' means that the token is provided in request headers.
request_key
- default value is 'sign', otherwise can be any string value.
token_delimiter
- default value is ':', otherwise can be any string value.
data_delimiter
- default value is ':', otherwise can be any string value.
hash_alg
- default value is 'md5', see accepted values http://php.net/manual/ru/function.hash-algos.php
secret_getter
- method of user object to get secret key.
signed_params
- signed values configuration, getting data from Symfony\Component\HttpFoundation\Request instance.
signed_params[headers]
- array of request headers to sign($request->headers->get('Host')
).
signed_params[query]
- array of request query params($request->get('Host')
)
signed_params[request]
- array of request query params($request->getRequestUri()
)