cosmonova-rnd/auth

Simple OAuth 2 library for Symfony projects

Simple OAuth 2.0 library for Symfony 4 projects

At this time, library allow to auth using JWT with OAuth2 Authorization Code flow., _(*1)

Installation

Install package using composer, _(*2)

composer req cosmonova-rnd/auth, _(*3)

Basic configuration

1. Enable session handler in your application

framework:
    session:
        handler_id: ~

1. Configure DB connection, then add new entity manager auth to your application config

doctrine:
    orm:
        entity_managers:
            auth:
                connection: default ## may be your custom connection
                default_repository_class: 'CosmonovaRnD\Auth\Repository\UserRepository'
                mappings:
                    Auth:
                        is_bundle: false
                        type: annotation
                        dir: '%kernel.project_dir%/vendor/cosmonova-rnd/auth/src/Entity'
                        prefix: 'CosmonovaRnD\Auth\Entity'
                        alias: Auth

1. Configure encoder and provider in security section

security:
    encoders:
        CosmonovaRnD\Auth\Entity\User:
            algorithm: plaintext
    providers:
        auth_provider:
            id: CosmonovaRnD\Auth\Security\UserProvider

Configuration of authentication through OAuth2 service (authorization_code flow)

1. Configure your main firewall to use package provider and set login form config like bellow

security:
    firewalls:
        main:
            ### If you want to use OAuth2 Access Code authentication flow
            provider: auth_provider
            anonymous: ~
            logout: ~
            form_login:
                login_path: auth
                check_path: auth            

1. Add access control rules

access_control:
    - { path: ^/auth, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: IS_AUTHENTICATED_FULLY }

Configuration for checking authentication using JSON Web Token

In this case we use Authorization: Bearer <MY JWT> header, _(*4)

1. Configure any provider (such like a memory)

security:
    providers:
        in_memory: { memory: ~ }

1. Then add to your main firewall this provider and guard authenticator

security:
    firewalls:
        main:
            provider: in_memory
            guard:
                authenticators:
                    - CosmonovaRnD\Auth\Security\Authenticator\JwtAuthenticator
            stateless: true

1. Also configure your access rules if needed

access_control:
    - { path: ^/, roles: IS_AUTHENTICATED_FULLY }

@ Cosmonova | Research & Development