Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Symfony2 OpenID security extension

This branch is 4 commits ahead and 164 commits behind master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 Bridge
Octocat-spinner-32 Consumer
Octocat-spinner-32 Controller
Octocat-spinner-32 DependencyInjection
Octocat-spinner-32 Event
Octocat-spinner-32 EventListener
Octocat-spinner-32 Resources
Octocat-spinner-32 Security
Octocat-spinner-32 Tests
Octocat-spinner-32 .gitignore
Octocat-spinner-32 .gitmodules draft version September 15, 2011
Octocat-spinner-32 FpOpenIdBundle.php
Octocat-spinner-32 LICENSE
Octocat-spinner-32 README.markdown
Octocat-spinner-32 composer.json
Octocat-spinner-32 phpunit.xml.dist
README.markdown

Overview

Integrates OpenId feature to symfony's security layer. Supports these 3rd party libraries:

Get started

The master branch does not supports symfony 2.0 please use branch 1.0.

  • Setup LightOpenId

    git submodule add git://gitorious.org/lightopenid/lightopenid.git /path/to/vendor/LightOpenId
    
  • Setup Bundle

    git submodule add git@github.com:formapro/FpOpenIdBundle.git /path/to/vendor/bundles/Fp/OpenIdBundle
    
  • Configure autioload.php

    use Symfony\Component\ClassLoader\UniversalClassLoader;
    use Symfony\Component\ClassLoader\MapClassLoader;
    
    $universalLoader = new UniversalClassLoader;
    $universalLoader->registerNamespaces(array(
        'Fp' => '/path/to/vendor/bundles'
    ));
    
    $universalLoader->register();
    
    $mapLoader = new MapClassLoader(array(
        'LightOpenID' => '/path/to/venodr/LightOpenId/openid.php'
    ));
    
    $mapLoader->register();
    
  • Configure AppKernel.php

    class AppKernel extends Kernel
    {
        public function registerBundles()
        {
            $bundles = array(
                new Fp\OpenIdBundle\FpOpenIdBundle()
            );
        }
    }
    
  • Configure the bundle

    fp_open_id:
        provider:
            return_route:             'login_check_route'
            roles:                    [ROLE_USER]
    
       consumers:
            light_open_id:
                trust_root:           'example.com'
    
  • Configure security bundle

    security:
        factories:
            -                         /path/to/vendor/bundles/Fp/OpenIdBundle/Resources/config/security_factories.xml
    
        firewalls:
            secured_area:
                pattern:              ^/
                anonymous:            ~
                logout:
                    path:             /logout
                    target:           /
                openid:               true
    
  • Render simple form

    {% render "FpOpenIdBundle:OpenId:simpleForm" %}
    
  • Try it with:

    https://www.google.com/accounts/o8/id
    

Manual

Request for additional parameters:

  • Define options you want to request:

    fp_open_id:
        consumers:
            light_open_id
                required:             [ contact/email ]
                optional:             [ namePerson, namePerson/first ]
    
  • After success registration you can fetch them from the token:

    $token->getAttribute('contact/email');
    $token->getAttribute('namePerson/first');
    

Post auth action

  • Define a route for post auth operations:

    fp_open_id:
        provider:
            approve_route:            'openid_approve_user'
    
        consumers:
            light_open_id
                required:             [ contact/email ]
    
  • Create an action which do post auth job:

    public function approveUserAccount($request)
    {
        $tokenPersister = $this->get('fp_openid.security.authentication.token_persister');
    
        $token = $tokenPersister->get();
    
        $user = $this->get('user.repository')->findBy(array('email' => $token->getAttribute('contact/email')));
    
        // IMPORTANT: It is required to set a user to token (UserInterface)
        $newToken = new OpenIdToken($token->getIdentifier(), $user->getRoles());
        $newToken->setUser($user);
    
        $tokenPersister->set($newToken);
    
        // IMPORTANT: It is required make a redirect to `login_check` with parameter `openid_approved`
        return $this->redirect($this->generateUrl('login_check_route', array('openid_approved' => 1)));
    }
    
Something went wrong with that request. Please try again.