-
-
Notifications
You must be signed in to change notification settings - Fork 9.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security] add CAS 2.0 AccessToken handler #48276
[Security] add CAS 2.0 AccessToken handler #48276
Conversation
Hey! I see that this is your first PR. That is great! Welcome! Symfony has a contribution guide which I suggest you to read. In short:
Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change. When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor! I am going to sit back now and wait for the reviews. Cheers! Carsonbot |
Hey! Thanks for your PR. You are targeting branch "6.2" but it seems your PR description refers to branch "6.3". Cheers! Carsonbot |
src/Symfony/Component/Security/Http/AccessToken/Handler/CasHandler.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/Security/Http/AccessToken/Handler/CasHandler.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/Security/Http/AccessToken/Handler/CasHandler.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/Security/Http/AccessToken/Handler/CasHandler.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/Security/Http/AccessToken/Handler/CasHandler.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/Security/Http/AccessToken/Handler/CasHandler.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/Security/Http/AccessToken/Handler/CasHandler.php
Outdated
Show resolved
Hide resolved
Hello, How about adding proxy authentication while we are at it ? |
Hello @drupol, |
Hello, I do not agree that much. Proxy validation is part of the CAS protocol, therefore, it's better to add it in here... or else you're going to implement half of the protocol here... is this what we want? |
Proxy authentication involves the creation of a specific endpoint on the app and therefore is not part of this PR. I would suggest to not implement the CAS protocol and discard this PR as long as the protocol is not fully implemented. |
I do confirm that the proxy authentication of the cas protocol is optional and this PR, as is, allows us to use CAS protocol with default configuration. |
It's ok if we don't implement the full specification, as long as the design allows implementing the other missing features. |
As « the most noticeable update between versions 2.0 and 3.0 is the ability to return the authentication/user attributes », this PR will also work for simple authentication against CAS3 server. However, the developper will not not get all the data available from the authentication server - which is not a problem, imo, since the main goal of this PR is to deal with auth. |
poke @welcoMattic :-) |
This misses some DI integration in SecurityBundle i.e. the service configuration/registration needed to allow for |
OK as #48272 will ship a brand new factory I'll do that as soon as it's merged! |
32b95c8
to
900b87a
Compare
900b87a
to
f1d7218
Compare
c4cf678
to
d53eecf
Compare
*/ | ||
public function getUserBadgeFrom(string $accessToken): UserBadge | ||
{ | ||
$response = $this->client->request('GET', $this->getvalidationUrl($accessToken)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
$response = $this->client->request('GET', $this->getvalidationUrl($accessToken)); | |
$response = $this->client->request('GET', $this->getValidationUrl($accessToken)); |
6c51e6c
to
a1be5df
Compare
Thank you @nacorp. |
{ | ||
$response = $this->client->request('GET', $this->getValidationUrl($accessToken)); | ||
|
||
$xml = new \SimpleXMLElement($response->getContent(), 0, false, $this->prefix, true); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if the extension is missing?
…ersion (alamirault) This PR was merged into the 7.1 branch. Discussion ---------- [Security] Update CAS 2.0 AccessTokenHandler changelog version | Q | A | ------------- | --- | Branch? | 7.1 | Bug fix? | no | New feature? | no <!-- please update src/**/CHANGELOG.md files --> | Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files --> | Issues | Fix #... <!-- prefix each issue number with "Fix #", no need to create an issue if none exists, explain below instead --> | License | MIT #48276 has been merged in 7.1, not 6.4 Commits ------- 56e2a41 [Security] Update CAS 2.0 AccessTokenHandler changelog version
Hello,
Thanks to the new access token, I've added the CAS one.
In order to make it work :
services.yaml
Thank you @welcoMattic for the conference at the SymfonyCon and @jeremyFreeAgent for your support on my first PR on this project!