uecode / api-key-bundle Goto Github PK

Hi, followed your instructions for installation and have hit a problems
I am getting error that no authenication listener is registered for firewall auth
Any ideas ?

I'm getting the following exception:

ServiceNotFoundException: The service "security.authentication.manager" has a dependency on a non-existent service "security.user.provider.concrete.fos_userbundle".

When using the following security configuration:

providers:
    db:
        id: uecode.api_key.provider.user_provider

Is there more configuration I'm missing? Because I'm migrating from the FOSUserBundle to this, and it seems a bit... underwhelming in the documentation.

Hi,

I've some trouble with your bundle.

I've got this error : No Authentication Provider found for token of class "Uecode\Bundle\ApiKeyBundle\Security\Authentication\Token\ApiKeyUserToken".

My config.yml :

#FOS User Configuration
fos_user:
   db_driver: orm
   firewall_name: auth
   user_class: LIG\Bundle\UserBundle\Entity\UserApi

My security.yml :

security:
    providers:
        db:
            id: uecode.api_key.provider.user_provider
        fos_userbundle:
            id: fos_user.user_provider.username
        in_memory:
            memory:
                users:
                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
                    admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        auth:
            pattern: ^/api/.*
            api_key: true
            stateless: true

Can you tell me what's wrong ?

Thx a lot for your time.

Best regards

Lets said I have a restful API open to the world and I don't want that, instead I want to secure the endpoint. This is part of my security.yml file:

access_control:
    - { path: ^/api/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

As you can see any can access the API so this area needs to be secured in somehow. My idea? By passing a parameter at the request header. Since my client is an iOs app then they need to take care of send that parameter when request any API endpoint. The parameter is named X-PDONE-SESSION-ID and basically it holds a PHP session. How I can protect the API? Any ideas using this bundle or any other ideas?

Looking for a library to use and noticed you use rand to generate api keys.

You should use random_bytes or similar to securely do this. Rand is not appropriate.

Is it mandatory to require FOSUserBundle ~2.0@dev ? why not just last stable ~1.3 ?

My config:

When i execute:
http://warehouse.dev/app_dev.php/api/hello?api_key=MmJmY2YzMGQzMzQ2ZDRmOWM1NmY3NDRiMmY2YzFkOWM0Y2YzMW

Symfony redirect me to FosUserBundle login page.
What I'm doing wrong with my configuration?

How to from controller get user related with apikey for current request?

Any issues from #11 or #12?

The method doAuth throw exception with messages, so it should be customable.
One way to do it is by extending the class but since doAuth is a private method, you can't.
Would you take this in consideration ?

Thanks for your awesome code,
Cyrille

Hi,

i'm working on a fork of this bundle to remove the FOSUserBundle dependency and just rely on Doctrine. Would you support it in this way? So i would make a Pull Request. Otherwise, I'll refactor it it my own Namespace and add some more stuff.

I'm using this bundle with FOSRestBundle and FOSUserBundle.

In order to produce a JSON response to a failed authentication I've found that I need to modify:

vendor/uecode/api-key-bundle/src/Uecode/Bundle/ApiKeyBundle/Security/Firewall/ApiKeyListener.php:73

        //throw $failed;
        $message = $failed->getMessage();

Is this a bug, or should I not need to do this to get a JSON response?

Hi.

Quick question: What in the FOSUserBundle is this bundle dependent on? In other words, what is it with the UserEntity in the FOSUserBundle it needs? Or is the dependency elsewhere? As you might understand, what I really want to know is if it's any way to use this without using the FOSUserBundle.