Download the PHP package itk-dev/openid-connect-bundle without Composer
On this page you can find all versions of the php package itk-dev/openid-connect-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download itk-dev/openid-connect-bundle
More information about itk-dev/openid-connect-bundle
Files in itk-dev/openid-connect-bundle
Package openid-connect-bundle
Short Description Symfony bundle for openid-connect
License MIT
Informations about the package openid-connect-bundle
OpenId Connect Bundle
Symfony bundle for authorization via OpenID Connect.
Installation
To install run
Usage
Before being able to use the bundle, you must have your own User entity and database setup.
Once you have this, you need to
- Configure variables for OpenId Connect
- Create an Authenticator class that extends the bundle authenticator,
OpenIdLoginAuthenticator
- Configure
LoginTokenAuthenticator
in order to use CLI login.
Variable configuration
In /config/packages/
you need the following itkdev_openid_connect.yaml
file
for configuring OpenId Connect variables
With the following .env
environment variables
Set the actual values your env.local
file to ensure they are not committed to Git.
In /config/routes/
you need a similar itkdev_openid_connect.yaml
file for
configuring the routing
It is not necessary to add a prefix to the bundle routes, but in case you want
i.e. another /login
route, it makes distinguishing between them easier.
When invoking the login controller action (route itkdev_openid_connect_login
)
the key of a provider must be set in the provider
parameter, e.g.
Make sure to allow anonymous access to the login controller route, i.e. something along the lines of
CLI login
In order to use the CLI login feature the following environment variable must be set in order for Symfony to be able to generate URLs in commands:
See Symfony documentation: Generating URLs in Commands for more information.
You must also add the bundles CliLoginTokenAuthenticator
to the security.yaml
file:
Finally, configure the Symfony route to use for login links: cli_login_options: route
. If yoy have multiple firewalls that are active for different url patterns
you need to make sure you add LoginTokenAuthenticator
to the firewall active
for the route specified here.
Creating the Authenticator
The bundle can help you get the claims received from the authorizer – the only
functions that need to be implemented are authenticate()
,
onAuthenticationSuccess()
and start()
.
See below for a full authenticator example.
Make sure to add your authenticator to the security.yaml
file - and if you
have more than one to add an entry point.
Example authenticator functions
Here is an example using a User
with a name and email property. First we
extract data from the claims, then check if this user already exists and finally
update/create it based on whether it existed or not.
Sign in from command line
Rather than signing in via OpenId Connect, you can get a sign in url from the
command line by providing a username. Make sure to configure
OIDC_CLI_REDIRECT_URL
. Run
or
for details.
Be aware that a login token only can be used once before it is removed, and if
you used email as your user provider property the email goes into the username
argument.
Development Setup
A docker-compose.yml
file with a PHP 8.1 image is
included in this project. To install the dependencies you can run
Unit Testing
A PhpUnit setup is included in this library. To run the unit tests:
Psalm static analysis
We’re using Psalm for static analysis. To run psalm do
Check Coding Standard
The following command let you test that the code follows the coding standard for the project.
-
PHP files (PHP-CS-Fixer)
- Markdown files (markdownlint standard rules)
Apply Coding Standards
To attempt to automatically fix coding style
-
PHP files (PHP-CS-Fixer)
- Markdown files (markdownlint standard rules)
CI
GitHub Actions are used to run the test suite and code style checks on all PRs.
If you wish to test against the jobs locally you can install act. Then do:
Versioning
We use SemVer for versioning. For the versions available, see the tags on this repository.
License
This project is licensed under the MIT License - see the LICENSE.md file for details
All versions of openid-connect-bundle with dependencies
ext-json Version *
ext-openssl Version *
doctrine/orm Version ^2.8
itk-dev/openid-connect Version ^3.1
symfony/cache Version ^5.4|^6.0
symfony/framework-bundle Version ^5.4|^6.0
symfony/security-bundle Version ^5.4|^6.0
symfony/uid Version ^5.4|^6.0
symfony/yaml Version ^5.4|^6.0