OsLab security API bundle
A bundle for securing ReST api calls.
Introduction
This bundle allows you to add an authentication mechanism with a token easily to your APIs.
Once you've configured everything, you'll be able to authenticate by adding an key parameter to the query string, like http://example.com/api/users?key=1x4c40nwh96080gk70f7k5awz9k6tczqs3jr01z94849n or add through a header your token.
Installation
Composer
Step 1: Download OsLabSecurityApiBundle usingRequire the bundle with composer:
$ composer require oslab/security-api-bundle:"~1.0"
Or you can add it in the composer.json. Just check Packagist for the version you want to install (in the following example, we used "1.0") and add it to your composer.json:
{
"require": {
"oslab/security-api-bundle": "~1.0"
}
}
Step 2: Enable the bundle
Finally, enable the bundle in the kernel:
// app/AppKernel.php
public function registerBundles()
{
$bundles = array(
// ...
new OsLab\SecurityApiBundle\OsLabSecurityApiBundle(),
);
}
Step 3: Configure your application's security.yml
role_hierarchy:
ROLE_API: ROLE_API
...
providers:
chain_provider:
chain:
providers: [api_provider]
...
api_provider:
memory_api:
users:
micro_service_asset:
password: '1x4c40nwh96080gk70f7k5awz9k6tczqs3jr01z94849n'
roles: 'ROLE_API'
external_api_customer:
password: 'j6eef2w0689a6if50c365v2zq0c855ywgyt106j2b6q5h'
roles: 'ROLE_API'
...
firewalls:
...
api_secured:
pattern: ^/api/*
stateless: true
simple_preauth:
authenticator: oslab_security_api.security.authentication.authenticator
provider: api_provider
main:
anonymous: ~
...
access_control:
...
- { path: ^/api/*, roles: [ROLE_API]}
...
Credits
License
Security API bundle is released under the MIT License, you agree to license your code under the MIT license