2017 © Pedro Peláez
 

library silex-esngalaxysecurityserviceprovider

Cas security service provider for silex to authenticate with the ESN Galaxy

image

alejandroherr/silex-esngalaxysecurityserviceprovider

Cas security service provider for silex to authenticate with the ESN Galaxy

  • Tuesday, January 27, 2015
  • by AlejandroHerr
  • Repository
  • 1 Watchers
  • 0 Stars
  • 20 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 4 Versions
  • 0 % Grown

The README.md

Silex-EsnGalaxySecurityServiceProvider

A Service Provider for Silex to authenticate through the ESN Galaxy CAS server. With some magic extending classes could be used to authenticate with other CAS servers. Feel free to fork, edit and so., (*1)

Warning: This library is still work in progress. Meaning that some components may misbehave a little bit., (*2)

Instalation

{
    "require": {
        "alejandroherr/silex-esngalaxysecurityserviceprovider": "0.1"
    }
}

More versions (if available), (*3)

Configuration

The comment lines are showing its default value. Only overrider if you need it., (*4)

$app->register(new Silex\Provider\SessionServiceProvider());
$app->register(new SecurityServiceProvider());

$app->register(new AlejandroHerr\Silex\EsnGalaxy\EsnGalaxyServiceProvider());

$app['security.firewalls'] = [
    'main' => [  
        'esn_galaxy' => array(   
            'pattern' => '^/.*$',
            'anonymous' => true,
            'esn_galaxy' => [
                'cas_server' => [
                    //'base_url' => 'galaxy.esn.org',
                    //'context' => 'cas',
                    //'port' => 443
                    //'login_path' => '/login',
                    //'validation_path' => '/serviceValidate'
                ],
                //'check_path' => '/cas/validation',
                //'login_path' => '/login',
                // 'first_login_path' => '/welcome_user'
                'auth' => [
                    //'*' => [
                    //        'Local.activeMember' => 'ROLE_USER',
                    //        'Local.regularBoardMember' => 'ROLE_BOARD',
                    //    ]
                    //]
                ]
            ]
        ],
        'logout' => ['logout_path' => '/logout'], //if you want a logout
        'users' => $app->share(function() use ($app){
            return new Your\UserProvider();
        })
    ]
];

$app['security.access_rules'] = array(
    array('^\/(?!login)', 'ROLE_USER'),
);

first_login_path

By adding a first_login_path (actually it could be a path or a route), when a logs in for the first time and a new user is created will be redirected to first_login_path., (*5)

It could be useful if your application permanent and you want them to provide further information, or if the user are spawned every time to give them some information (or just saying hi)., (*6)

Auth

The auth option controls which galaxy-roles from which section can access to the site. It's an array with the following strcture:, (*7)

'auth' => [
    'section1' => [
        'galaxy_role1' => 'app_role1',
        'galaxy_role2' => 'app_role2',
    ],
    'section2' => [
        'galaxy_role1' => 'app_role1',
        'galaxy_role3' => 'app_role2',
    ]
]

If section is * means 'any section'. Remember that it can be a regex. But to tell the Provider it's a regex it must start by /., (*8)

By default the configuration is:, (*9)

'auth' => [
    '*' => [
        'Local.activeMember' => 'ROLE_USER',
        'Local.regularBoardMember' => 'ROLE_BOARD',
    ]
]

Examples

Allowing only a country
'auth' => [
    '/^ES/' => [
        'Local.activeMember' => 'ROLE_USER',
        'Local.regularBoardMember' => 'ROLE_BOARD',
    ]
]
Allowing only a National Board
'auth' => [
    '/^ES/' => [
        'National.regularBoardMember' => 'ROLE_USER',
    ]
]

Login and validation

You also must define routes for the login and validation paths. Here some examples:, (*10)

$app->match('/login', function () use ($app){       
    $errormsg = null;
    if($app['session']->has(SecurityContextInterface::AUTHENTICATION_ERROR)){
        $error = $app['session']->get(SecurityContextInterface::AUTHENTICATION_ERROR);
        $errormsg = $error->getMessage();
    }

    return $app['twig']->render(
        'login.twig',
        array(
            'loginUrl' => $app['jasig_cas_client']->getLoginUrl($app['request']),
            'error' => $errormsg
        )
    );
});
$app->match('/validation', function() use ($app){});

License

Released under the MIT license. See the LICENSE file for details., (*11)

Code Hard, Party Harder

The Versions

27/01 2015

dev-master

9999999-dev

Cas security service provider for silex to authenticate with the ESN Galaxy

  Sources   Download

MIT

The Requires

 

The Development Requires

by Avatar AlejandroHerr

27/01 2015

dev-dev

dev-dev

Cas security service provider for silex to authenticate with the ESN Galaxy

  Sources   Download

MIT

The Requires

 

The Development Requires

by Avatar AlejandroHerr

27/01 2015

v0.1

0.1.0.0

Cas security service provider for silex to authenticate with the ESN Galaxy

  Sources   Download

MIT

The Requires

 

The Development Requires

by Avatar AlejandroHerr

27/01 2015

0.1.x-dev

0.1.9999999.9999999-dev

Cas security service provider for silex to authenticate with the ESN Galaxy

  Sources   Download

MIT

The Requires

 

The Development Requires

by Avatar AlejandroHerr