问题
I'm writing an application using Symfony2 which will interface with the Wordnik REST API.
Currently, the Wordnik API does not offer OAuth capabilities, so I have to accept a username and password which I'll then transparently pass to the API interface.
I'd like to integrate this API authentication into Symfony2's security system, but so far I haven't been able to identify what the best implementation route is.
I don't think the custom user provider is correct, because the password is not stored in my system. All examples regarding custom authentication providers seem to pertain to the securing of a part of an application as an API, rather than against a REST API.
It's not clear to me to what extent the FOSUserBundle helps to solve this problem either.
The ideal flow:
- User provides credentials.
- Credentials are passed to the 3rd party REST API
- If the credentials are correct:
- A corresponding "third party user" Entity is created by my application, if it doesn't exist.
- The user is authenticated using this "third party user" Entity.
What is the best way to implement this within a Symfony2 security context?
Thanks!
Related Questions:
- Problems configuring user authentication by external API on Symfony2
回答1:
you have to implement a custom authentication provider as described in: http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
I can't tell you what the best way is but just to help you get started: You create a listener, a token, a provider and a factory.
The attemptAuthentication method of the listener takes the credentials provided by the user and creates a new Token with that input. At the end of the method you'll add a: return $this->authenticationManager->authenticate($token);
Your provider will use this token in the authenticate method to send the API request.
For non-existing users you have two options: - create a user in the authenticate method after the API call and after you check whether it already exists which I believe is NOT they way to go - create your own authentication failure handler which is like https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php but at the top of the onAuthenticationFailure method you add if ($exception instanceof UsernameNotFoundException && (null !== $token = $exception->getToken()) && $token instanceof YourWordnikToken) { // create that user here }
That's just the basic idea how it works...I'm on IRC with the nickname hacfi - let me know if you need further guidance
来源:https://stackoverflow.com/questions/14928514/symfony2-authentication-via-3rd-party-rest-api