IBX-5705: Added support for authentication via GuardAuthenticationProvider #244

Nattfarinn · 2023-06-29T20:12:54Z

Question	Answer
JIRA issue	IBX-5705
Type	improvement
Target Ibexa version	`v4.6`
BC breaks	no

Required by OAuth2 Authentication. Without it even if we successfully authenticate user with JWT token on Symfony security layer, we need to provide user for our PermissionResolver.

Checklist:

Provided PR description.
Tested the solution manually.
Provided automated test coverage.
Checked that target branch is set correctly (main for features, the oldest supported for bugs).
Ran PHP CS Fixer for new PHP code (use $ composer fix-cs).
Asked for a review (ping @ibexa/engineering).

…vider

webhdx · 2023-06-30T06:31:22Z

src/bundle/Core/DependencyInjection/Compiler/SecurityPass.php

@@ -73,6 +74,13 @@ public function process(ContainerBuilder $container)
            [$permissionResolverRef]
        );

+        $guardAuthenticationProviderDef = $container->findDefinition('security.authentication.provider.guard');


Looks like you can possibly decorate this service instead of extending it.

This is the Way of the Core. Or we can consider it as a tribute to Andre.

But sure, we could. WDYT @alongosz ?

As for my opinion, I think it is not perfect but it is good to have all security services defined in one place. Less prone to error that could otherwise be potentially catastrophic.

This is the Way of the Core. Or we can consider it as a tribute to Andre.

This is the way of legacy.

But sure, we could. WDYT @alongosz ?

As for my opinion, I think it is not perfect but it is good to have all security services defined in one place. Less prone to error that could otherwise be potentially catastrophic.

The issue is that the way it works now is a technical debt. If you can decorate it, please do so.