projects/file-explorer
projects/file-explorer
1
0
Fork 1
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
Constantin Simonis 2024-12-06 16:31:18 +01:00
parent a67b93ac99
commit 86a40d9d77
Signed by: csimonis
GPG Key ID: 3878FF77C24AF4D2
11 changed files with 1505 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
composer.json
View File

@ -7,6 +7,7 @@
"php": ">=8.2", "php": ">=8.2",
"ext-ctype": "*", "ext-ctype": "*",
"ext-iconv": "*", "ext-iconv": "*",
"knpuniversity/oauth2-client-bundle": "^2.18",
"symfony/apache-pack": "^1.0", "symfony/apache-pack": "^1.0",
"symfony/asset-mapper": "^7.1", "symfony/asset-mapper": "^7.1",
"symfony/console": "7.1.*", "symfony/console": "7.1.*",
@ -17,6 +18,7 @@
"symfony/framework-bundle": "7.1.*", "symfony/framework-bundle": "7.1.*",
"symfony/mime": "7.1.*", "symfony/mime": "7.1.*",
"symfony/runtime": "7.1.*", "symfony/runtime": "7.1.*",
"symfony/security-bundle": "7.1.*",
"symfony/stimulus-bundle": "^2.22", "symfony/stimulus-bundle": "^2.22",
"symfony/twig-bundle": "7.1.*", "symfony/twig-bundle": "7.1.*",
"symfony/ux-icons": "^2.22", "symfony/ux-icons": "^2.22",

1408
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

2
config/bundles.php
View File

@ -8,4 +8,6 @@ return [
Symfonycasts\TailwindBundle\SymfonycastsTailwindBundle::class => ['all' => true], Symfonycasts\TailwindBundle\SymfonycastsTailwindBundle::class => ['all' => true],
Symfony\UX\StimulusBundle\StimulusBundle::class => ['all' => true], Symfony\UX\StimulusBundle\StimulusBundle::class => ['all' => true],
Symfony\Bundle\WebProfilerBundle\WebProfilerBundle::class => ['dev' => true, 'test' => true], Symfony\Bundle\WebProfilerBundle\WebProfilerBundle::class => ['dev' => true, 'test' => true],
KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true],
]; ];

10
config/packages/knpu_oauth2_client.yaml Normal file
View File

@ -0,0 +1,10 @@
knpu_oauth2_client:
clients:
auth:
type: generic
provider_class: App\Service\Security\Provider
client_id: '%env(AUTHENTIK_CLIENT_ID)%'
client_secret: '%env(AUTHENTIK_CLIENT_SECRET)%'
redirect_route: auth_callback
redirect_params: {}

45
config/packages/security.yaml Normal file
View File

@ -0,0 +1,45 @@
security:
# https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
password_hashers:
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
providers:
app_user_provider:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
lazy: true
provider: app_user_provider
custom_authenticators:
- App\Security\Authenticator
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#the-firewall
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
- { path: /, roles: ROLE_USER }
when@test:
security:
password_hashers:
# By default, password hashers are resource intensive and take time. This is
# important to generate secure password hashes. In tests however, secure hashes
# are not important, waste resources and increase test times. The following
# reduces the work factor to the lowest possible values.
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface:
algorithm: auto
cost: 4 # Lowest possible value for bcrypt
time_cost: 3 # Lowest possible value for argon
memory_cost: 10 # Lowest possible value for argon

3
config/routes/security.yaml Normal file
View File

@ -0,0 +1,3 @@
_security_logout:
resource: security.route_loader.logout
type: service

19
src/Controller/AuthenticationController.php Normal file
View File

@ -0,0 +1,19 @@
<?php
declare(strict_types=1);
namespace App\Controller;
use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Attribute\Route;
class AuthenticationController extends AbstractController
{
#[Route(path: '/auth/callback', name: 'auth_callback', methods: Request::METHOD_GET)]
public function __invoke(ClientRegistry $clientRegistry): Response
{
$clientRegistry->getClient('auth')->fetchUser();
}
}

21
src/Entity/User.php Normal file
View File

@ -0,0 +1,21 @@
<?php
declare(strict_types=1);
namespace App\Entity;
use League\OAuth2\Client\Provider\ResourceOwnerInterface;
class User implements ResourceOwnerInterface
{
private int $id;
public function getId(): int
{
return $this->id;
}
public function toArray(): array
{
return ['id' => $this->id];
}
}

33
src/Security/Authenticator.php Normal file
View File

@ -0,0 +1,33 @@
<?php
declare(strict_types=1);
namespace App\Security;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
class Authenticator extends AbstractAuthenticator
{
public function supports(Request $request): ?bool
{
return $request->attributes->get('_route') === 'auth_callback';
}
public function authenticate(Request $request): Passport
{
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
// TODO: Implement onAuthenticationSuccess() method.
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{
// TODO: Implement onAuthenticationFailure() method.
}
}

43
src/Service/Security/Provider.php Normal file
View File

@ -0,0 +1,43 @@
<?php
declare(strict_types=1);
namespace App\Service\Security;
use League\OAuth2\Client\Provider\AbstractProvider;
use League\OAuth2\Client\Provider\GenericResourceOwner;
use League\OAuth2\Client\Token\AccessToken;
use Psr\Http\Message\ResponseInterface;
class Provider extends AbstractProvider
{
public function getBaseAuthorizationUrl(): string
{
return 'https://oauth.simonis.lol/application/o/authorize/';
}
public function getBaseAccessTokenUrl(array $params): string
{
return 'https://oauth.simonis.lol/application/o/token/';
}
public function getResourceOwnerDetailsUrl(AccessToken $token)
{
return 'https://oauth.simonis.lol/application/o/userinfo/';
}
protected function getDefaultScopes(): array
{
return ['email', 'profile', 'openid'];
}
protected function checkResponse(ResponseInterface $response, $data)
{
}
protected function createResourceOwner(array $response, AccessToken $token)
{
dd($response);
}
}

25
symfony.lock
View File

@ -1,4 +1,16 @@
{ {
"knpuniversity/oauth2-client-bundle": {
"version": "2.18",
"recipe": {
"repo": "github.com/symfony/recipes-contrib",
"branch": "main",
"version": "1.20",
"ref": "1ff300d8c030f55c99219cc55050b97a695af3f6"
},
"files": [
"config/packages/knpu_oauth2_client.yaml"
]
},
"symfony/apache-pack": { "symfony/apache-pack": {
"version": "1.0", "version": "1.0",
"recipe": { "recipe": {
@ -82,6 +94,19 @@
"config/routes.yaml" "config/routes.yaml"
] ]
}, },
"symfony/security-bundle": {
"version": "7.1",
"recipe": {
"repo": "github.com/symfony/recipes",
"branch": "main",
"version": "6.4",
"ref": "2ae08430db28c8eb4476605894296c82a642028f"
},
"files": [
"config/packages/security.yaml",
"config/routes/security.yaml"
]
},
"symfony/stimulus-bundle": { "symfony/stimulus-bundle": {
"version": "2.22", "version": "2.22",
"recipe": { "recipe": {