2017 © Pedro Peláez
 

symfony-bundle wsse-authentication-bundle

Symfony2 bundle to implement WSSE authentication

image

lutskanu/wsse-authentication-bundle

Symfony2 bundle to implement WSSE authentication

  • Monday, May 23, 2016
  • by lutskanu
  • Repository
  • 2 Watchers
  • 0 Stars
  • 202 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 56 Forks
  • 0 Open issues
  • 15 Versions
  • 3 % Grown

The README.md

Build Status, (*1)

Introduction

The EscapeWSSEAuthentication bundle is a simple and easy way to implement WSSE authentication in Symfony applications, (*2)

Installation

Command Line, (*3)

composer require escapestudios/wsse-authentication-bundle

composer.json, (*4)

"require": {
    ...
    "escapestudios/wsse-authentication-bundle": "^2.2",
    ...
}

app/AppKernel.php, (*5)

public function registerBundles()
{
    return array(
        //...
        new Escape\WSSEAuthenticationBundle\EscapeWSSEAuthenticationBundle(),
        //...
    );
    ...

Commands

Delete expired nonces via the escape:wsseauthentication:nonces:delete command that ships with this bundle; it takes the firewall name as a (required) parameter., (*6)

php app/console --env=dev escape:wsseauthentication:nonces:delete wsse_secured, (*7)

Quick usage example

app/config/security.yml, (*8)

firewalls:
    wsse_secured:
        pattern:   ^/api/.*
        stateless: true
        wsse:
            realm: "Secured with WSSE" #identifies the set of resources to which the authentication information will apply (WWW-Authenticate)
            profile: "UsernameToken" #WSSE profile (WWW-Authenticate)

...that's it! Your "wsse_secured"-firewall is now secured via the (out-of-the-box) WSSE Authentication setup. You can now start calling your API endpoints: generate a X-WSSE header (Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder) and add it to your request (cUrl). It is strongly recommended to have a read through the more advanced configuration below once you're up and running with the basics..., (*9)

Advanced configuration

Specify a custom token lifetime

Default value: 300, (*10)

app/config/security.yml, (*11)

firewalls:
    wsse_secured:
        #...
        wsse:
            #...
            lifetime: 300 # or -1 for infinite lifetime tokens (please use with extreme care!)

Specify a custom date format

Default value: see regular expression below for ISO8601 (check out), (*12)

app/config/security.yml, (*13)

firewalls:
    wsse_secured:
        #...
        wsse:
            #...
            date_format: '/^([\+-]?\d{4}(?!\d{2}\b))((-?)((0[1-9]|1[0-2])(\3([12]\d|0[1-9]|3[01]))?|W([0-4]\d|5[0-2])(-?[1-7])?|(00[1-9]|0[1-9]\d|[12]\d{2}|3([0-5]\d|6[1-6])))([T\s]((([01]\d|2[0-3])((:?)[0-5]\d)?|24\:?00)([\.,]\d+(?!:))?)?(\17[0-5]\d([\.,]\d+)?)?([zZ]|([\+-])([01]\d|2[0-3]):?([0-5]\d)?)?)?)?$/'

Specify a custom digest algorithm

Default value: base 64-encoded sha1 with 1 iteration, (*14)

:warning: Please change the digest algorithm to a stronger one, like bcrypt :warning:, (*15)

app/config/security.yml, (*16)

firewalls:
    wsse_secured:
        #...
        wsse:
            #...
            encoder: #digest algorithm
                algorithm: sha1
                encodeHashAsBase64: true
                iterations: 1

Specify a custom nonce cache

Default value: Doctrine\Common\Cache\PhpFileCache in %kernel.cache_dir%/security/nonces, (*17)

app/config/security.yml, (*18)

services:
    #...
    cache_nonces:
        class: Doctrine\Common\Cache\PhpFileCache
        arguments: [%kernel.cache_dir%/security/nonces]

app/config/security.yml, (*19)

firewalls:
    wsse_secured:
        #...
        wsse:
            #...
            nonce_cache_service_id: cache_nonces

Use multiple providers

app/config/security.yml, (*20)

providers:
    provider_one:
        #...
    provider_two:
        #...

firewalls:
    wsse_secured_by_provider_one:
        provider: provider_one
        wsse:
            #...

    wsse_secured_by_provider_two:
        provider: provider_two
        wsse:
            #...

Make use of a specific user provider on a firewall with WSSE as one of multiple authentication mechanisms

app/config/security.yml, (*21)

providers:
    users:
        #...
    wsse_users:
        memory:
            users:
                - { name: 'someuser', password: 'somesecret' }

firewalls:
    secured:
        provider: users
        wsse:
            #...
            provider: wsse_users #don't make use of firewall's "users"-provider, but "wsse_users"-provider for WSSE

Specify custom authentication class(es)

app/config/config.yml, (*22)

# Escape WSSE authentication configuration
escape_wsse_authentication:
    authentication_provider_class: Escape\WSSEAuthenticationBundle\Security\Core\Authentication\Provider\Provider
    authentication_listener_class: Escape\WSSEAuthenticationBundle\Security\Http\Firewall\Listener
    authentication_entry_point_class: Escape\WSSEAuthenticationBundle\Security\Http\EntryPoint\EntryPoint
    authentication_encoder_class: Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder

The Versions

10/04 2015

2.0.2

2.0.2.0 https://github.com/escapestudios/EscapeWSSEAuthenticationBundle

Symfony2 bundle to implement WSSE authentication

  Sources   Download

MIT

The Requires

 

The Development Requires

authentication bundle wsse

19/01 2015

2.0.1

2.0.1.0 https://github.com/escapestudios/EscapeWSSEAuthenticationBundle

Symfony2 bundle to implement WSSE authentication

  Sources   Download

MIT

The Requires

 

The Development Requires

authentication bundle wsse

05/12 2014

2.0.0

2.0.0.0 https://github.com/escapestudios/EscapeWSSEAuthenticationBundle

Symfony2 bundle to implement WSSE authentication

  Sources   Download

MIT

The Requires

 

The Development Requires

authentication bundle wsse

05/12 2014

1.1.0

1.1.0.0 https://github.com/escapestudios/EscapeWSSEAuthenticationBundle

Symfony2 bundle to implement WSSE authentication

  Sources   Download

MIT

The Requires

 

The Development Requires

authentication bundle wsse

16/07 2014

1.0.2

1.0.2.0 https://github.com/escapestudios/EscapeWSSEAuthenticationBundle

Symfony2 bundle to implement WSSE authentication

  Sources   Download

MIT

The Requires

 

The Development Requires

authentication bundle wsse

10/06 2014

1.0.1

1.0.1.0 https://github.com/escapestudios/EscapeWSSEAuthenticationBundle

Symfony2 bundle to implement WSSE authentication

  Sources   Download

MIT

The Requires

 

The Development Requires

authentication bundle wsse

09/06 2014

1.0.0

1.0.0.0 https://github.com/escapestudios/EscapeWSSEAuthenticationBundle

Symfony2 bundle to implement WSSE authentication

  Sources   Download

MIT

The Requires

 

The Development Requires

authentication bundle wsse