poirot/mod-authorization

There is no license information available for the latest version (dev-devel) of this package.

Maintainers

Details

github.com/phPoirot/Module-Authorization

Source

Issues

Installs: 213

Dependents: 2

Suggesters: 1

Security: 0

Stars: 0

Watchers: 2

Forks: 0

dev-devel 2019-07-16 19:24 UTC

Requires

Unknown License 1814b09069c2dfa3ca4b6ede5b810106e2f3983e

  • Payam Naderi <naderi.payam.woop@gmail.com>

This package is auto-updated.

Last update: 2025-02-24 21:54:03 UTC

README

Module Configuration

# Authorization:

\Module\Authorization\Module::CONF_KEY => array(
    ServiceAuthenticatorsContainer::CONF => array(
        'plugins_container' => array(
            // these configurations are same as container builder settings...
            /** @see BuilderContainer */
            'services' => array(
                'realm_name' => instanceof (Poirot\AuthSystem\Authenticate\Authenticator)
            ),
        ),
    ),
    ServiceGuardsContainer::CONF => array(
        'plugins_container' => array(
            // these configurations are same as container builder settings...
            /** @see BuilderContainer */
            'services' => array(
                // Guards Services
                'guard_name' => instaceof (iGuard),
            ),
        ),
    ),
),

An example of ServiceAuthenticator plugin

/**
 * Authenticator Service That Register in Module Authorize as
 * authenticators capped plugin.
 *
 */
class ServiceAuthenticatorDefault
    extends aServiceContainer
{
    protected $name = \Module\OAuth2\Module::REALM;
    
    
    /**
     * Create Service
     *
     * @return Authenticator
     */
    function newService()
    {
        ## Set Credential Repo Behalf Of Users Repository
        $repoUsers = \Module\OAuth2\Services\Repository\IOC::Users();
        $credentialAdapter = __(new RepoUserPassCredential)->setRepoUsers($repoUsers);


        ### Attain Login Continue If Has
        /** @var iHttpRequest $request */
        $request  = \IOC::GetIoC()->get('/HttpRequest');

        $authenticator = new Authenticator(
            __(new IdentifierWrapIdentityMap(
                // TODO using cookie+session identifier to recognize user and feature to remember me!!
                __(new IdentifierSession)->setIssuerException(function(exAuthentication $e) use ($request) {
                    $loginUrl = (string) \Module\HttpFoundation\Actions::url('main/oauth/login'); // ensure routes loaded
                    $continue = \Module\Foundation\Actions::path(sprintf(
                        '$baseUrl/%s'
                        , ltrim($request->getTarget(), '/'))
                    );
                    $loginUrl .= '?continue='.urlencode($continue);
                    header('Location: '.$loginUrl);
                })
                /** @see Users::findOneMatchBy */
                , new IdentityFulfillmentLazy($repoUsers, 'uid')
            ))->setRealm(aIdentifier::DEFAULT_REALM)
            , $credentialAdapter // Identity Username --------^
        );

        return $authenticator;
    }

    /**
     * @override
     * !! Access Only In Capped Collection; No Nested Containers Here
     *
     * Get Service Container
     *
     * @return ContainerAuthenticatorsCapped
     */
    function services()
    {
        return parent::services();
    }
}

An Example of Http Guard

class ServiceAuthGuard
    extends aServiceContainer
{
    /**
     * Create Service
     *
     * @return GuardRoute
     */
    function newService()
    {
        $guard = new GuardRoute;
        $auth  = \Module\Authorization\Actions::Authenticator( \Module\OAuth2\Module::REALM );
        $guard->setAuthenticator( $auth );
        $guard->setRoutesDenied([
            'main/oauth/authorize',
            'main/oauth/me/*',
        ]);

        return $guard;
    }
}