Skip to content

Commit 77fdbbe

Browse files
mvarweaverryan
mvar
authored and
weaverryan
committed
Check user provider type
1 parent f7d7f81 commit 77fdbbe

File tree

1 file changed

+26
-7
lines changed

1 file changed

+26
-7
lines changed

cookbook/security/api_key_authentication.rst

Lines changed: 26 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,12 @@ value and then a User object is created::
5656

5757
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
5858
{
59+
if (!$userProvider instanceof ApiKeyUserProvider) {
60+
throw new \InvalidArgumentException(
61+
'$userProvider must be an instance of "ApiKeyUserProvider".'
62+
);
63+
}
64+
5965
$apiKey = $token->getCredentials();
6066
$username = $userProvider->getUsernameForApiKey($apiKey);
6167

@@ -293,7 +299,8 @@ First, register it as a service.
293299
# ...
294300
295301
apikey_authenticator:
296-
class: AppBundle\Security\ApiKeyAuthenticator
302+
class: AppBundle\Security\ApiKeyAuthenticator
303+
public: false
297304
298305
.. code-block:: xml
299306
@@ -306,7 +313,9 @@ First, register it as a service.
306313
<services>
307314
<!-- ... -->
308315
309-
<service id="apikey_authenticator" class="AppBundle\Security\ApiKeyAuthenticator" />
316+
<service id="apikey_authenticator"
317+
class="AppBundle\Security\ApiKeyAuthenticator"
318+
public="false" />
310319
</services>
311320
</container>
312321
@@ -318,9 +327,9 @@ First, register it as a service.
318327
319328
// ...
320329
321-
$container->setDefinition('apikey_authenticator', new Definition(
322-
'AppBundle\Security\ApiKeyAuthenticator'
323-
));
330+
$definition = new Definition('AppBundle\Security\ApiKeyAuthenticator');
331+
$definition->setPublic(false);
332+
$container->setDefinition('apikey_authenticator', $definition);
324333
325334
Now, activate it and your custom user provider (see :doc:`/cookbook/security/custom_provider`)
326335
in the ``firewalls`` section of your security configuration
@@ -496,6 +505,12 @@ to see if the stored token has a valid User object that can be used::
496505
// ...
497506
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
498507
{
508+
if (!$userProvider instanceof ApiKeyUserProvider) {
509+
throw new \InvalidArgumentException(
510+
'$userProvider must be an instance of "ApiKeyUserProvider".'
511+
);
512+
}
513+
499514
$apiKey = $token->getCredentials();
500515
$username = $userProvider->getUsernameForApiKey($apiKey);
501516

@@ -629,6 +644,7 @@ service:
629644
apikey_authenticator:
630645
class: AppBundle\Security\ApiKeyAuthenticator
631646
arguments: ["@security.http_utils"]
647+
public: false
632648
633649
.. code-block:: xml
634650
@@ -643,6 +659,7 @@ service:
643659
644660
<service id="apikey_authenticator"
645661
class="AppBundle\Security\ApiKeyAuthenticator"
662+
public="false"
646663
>
647664
<argument type="service" id="security.http_utils" />
648665
</service>
@@ -657,11 +674,13 @@ service:
657674
658675
// ...
659676
660-
$container->setDefinition('apikey_authenticator', new Definition(
677+
$definition = new Definition(
661678
'AppBundle\Security\ApiKeyAuthenticator',
662679
array(
663680
new Reference('security.http_utils')
664681
)
665-
));
682+
);
683+
$definition->setPublic(false);
684+
$container->setDefinition('apikey_authenticator', $definition);
666685
667686
That's it! Have fun!

0 commit comments

Comments
 (0)