2017 © Pedro Peláez
 

library stack-firewall

Firewall Stack middleware

image

dflydev/stack-firewall

Firewall Stack middleware

  • Tuesday, June 28, 2016
  • by simensen
  • Repository
  • 1 Watchers
  • 6 Stars
  • 8,099 Installations
  • PHP
  • 4 Dependents
  • 0 Suggesters
  • 2 Forks
  • 3 Open issues
  • 1 Versions
  • 0 % Grown

The README.md

Firewall Authentication Middleware

A [Stack]0 middleware providing a simple, configurable firewall concept for STACK-2 Authentication compatible middlewares., (*1)

Installation

Through Composer as dflydev/stack-firewall., (*2)

Usage

The Firewall middleware is a thin layer over [dflydev/stack-authentication][4] based STACK-2 Authentication middlewares., (*3)

A firewall is defined as an array of associatve arrays representing paths for which an authentication middleware should be concerned., (*4)

If a requested path does not match a firewalled path, the firewall delegates the request to the next layer immediately., (*5)

If a requested path matches and authentication is missing or invalid and anonymous requests are allowed, the request is allowed through the firewall without setting the stack.authn.token., (*6)

If a requested path matches and authentication is missing or invalid and anonymous requests are NOT allowed, the firewall will challenge immediately., (*7)

If no firewall is defined, the assumed configuration is:, (*8)

[['path' => '/']]

This effectively means that by default the firewall will match all requests and will not allow anonymous requests resulting in returning a challenge., (*9)

<?php

use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\HttpKernelInterface;

// The firewall is an array of associative arrays containing the rules for which
// the authentication middleware should be concerned.
$firewall = [
    ['path' => '/', 'anonymous' => true],
    ['path' => '/protected'],
];

$challenge = function (Response $response) {
    // Assumptions that can be made:
    // * 401 status code
    // * WWW-Authenticate header with a value of "Stack"
    //
    // Expectations:
    // * MAY set WWW-Authenticate header to another value
    // * MAY return a brand new response (does not have to be
    //   the original response)
    // * MUST return a response
    return $response;
};

$authenticate = function (HttpKernelInterface $app, $anonymous) {
    // Assumptions that can be made:
    // * The $app can be delegated to at any time
    // * The anonymous boolean indicates whether or not we
    //   SHOULD allow anonymous requests through or if we
    //   should challenge immediately.
    // * Additional state, like $request, $type, and $catch
    //   should be passed via use statement if they are needed.
    //
    // Expectations:
    // * SHOULD set 'stack.authn.token' attribute on the request
    //   when authentication is successful.
    // * MAY delegate to the passed $app
    // * MAY return a custom response of any status (for example
    //   returning a 302 or 400 status response is allowed)
    // * MUST return a response
};

$app = new Firewall($app, [
    'challenge' => $challenge,
    'authenticate' => $authenticate,
    'firewall' => $firewall,
]);

License

MIT, see LICENSE., (*10)

Community

If you have questions or want to help out, join us in the #stackphp or #dflydev channels on irc.freenode.net., (*11)

The Versions

28/06 2016

dev-master

9999999-dev

Firewall Stack middleware

  Sources   Download

MIT

The Requires

 

The Development Requires

by Beau Simensen
by Dragonfly Development Inc.

stack stack-2