I'm writing an application using Symfony2 which will interface with the Wordnik REST API.
Currently, the Wordnik API does not offer OAuth capabilities, so I have to accept a username and password which I'll then transparently pass to the API interface.
I'd like to integrate this API authentication into Symfony2's security system, but so far I haven't been able to identify what the best implementation route is.
I don't think the custom user provider is correct, because the password is not stored in my system. All examples regarding custom authentication providers seem to pertain to the securing of a part of an application as an API, rather than against a REST API.
It's not clear to me to what extent the FOSUserBundle helps to solve this problem either.
The ideal flow:
- User provides credentials.
- Credentials are passed to the 3rd party REST API
- If the credentials are correct:
- A corresponding "third party user" Entity is created by my application, if it doesn't exist.
- The user is authenticated using this "third party user" Entity.
What is the best way to implement this within a Symfony2 security context?
Thanks!
Related Questions:
- Problems configuring user authentication by external API on Symfony2
you have to implement a custom authentication provider as described in:
http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
I can't tell you what the best way is but just to help you get started:
You create a listener, a token, a provider and a factory.
The attemptAuthentication method of the listener takes the credentials provided by the user and creates a new Token with that input. At the end of the method you'll add a:
return $this->authenticationManager->authenticate($token);
Your provider will use this token in the authenticate method to send the API request.
For non-existing users you have two options:
- create a user in the authenticate method after the API call and after you check whether it already exists which I believe is NOT they way to go
- create your own authentication failure handler which is like https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php but at the top of the onAuthenticationFailure method you add
if ($exception instanceof UsernameNotFoundException && (null !== $token = $exception->getToken()) && $token instanceof YourWordnikToken) {
// create that user here
}
That's just the basic idea how it works...I'm on IRC with the nickname hacfi - let me know if you need further guidance
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 疯言疯语 的文章《Symfony2 authentication via 3rd Party REST API》','https://www.manongdao.com/article-329138.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}