From 59e4bd4c2a6d23d02f518cc83a21fe2cbbfad6dc Mon Sep 17 00:00:00 2001
From: Benjamin Bourot <bourot.benjamin@gmail.com>
Date: Fri, 4 Apr 2014 15:22:13 +0200
Subject: [PATCH 1/2] Update api_key_authentication.rst - POST Method

---
 cookbook/security/api_key_authentication.rst | 26 ++++++++++++++------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/cookbook/security/api_key_authentication.rst b/cookbook/security/api_key_authentication.rst
index 0add181f1c0..1a542793731 100644
--- a/cookbook/security/api_key_authentication.rst
+++ b/cookbook/security/api_key_authentication.rst
@@ -45,15 +45,25 @@ value and then a User object is created::
 
         public function createToken(Request $request, $providerKey)
         {
-            if (!$request->query->has('apikey')) {
-                throw new BadCredentialsException('No API key found');
+            if ($request->query->has('apikey')) {
+    			return new PreAuthenticatedToken(
+    				'anon.',
+    				$request->query->get('apikey'),
+    				$providerKey
+    			);
             }
-
-            return new PreAuthenticatedToken(
-                'anon.',
-                $request->query->get('apikey'),
-                $providerKey
-            );
+    		else if($request->request->has('apikey'))
+    		{
+    			return new PreAuthenticatedToken(
+    				'anon.',
+    				$request->request->get('apikey'),
+    				$providerKey
+    			);
+    		}
+    		else
+    		{
+                throw new BadCredentialsException('No API key found');
+    		}
         }
 
         public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)

From 529675a9d946bebb81eb86a436aa48fe9c86820c Mon Sep 17 00:00:00 2001
From: Benjamin Bourot <bourot.benjamin@gmail.com>
Date: Thu, 12 Jun 2014 18:38:05 +0200
Subject: [PATCH 2/2] Check for api_key in request

---
 cookbook/security/api_key_authentication.rst | 32 +++++++++-----------
 1 file changed, 14 insertions(+), 18 deletions(-)

diff --git a/cookbook/security/api_key_authentication.rst b/cookbook/security/api_key_authentication.rst
index 1a542793731..0feefca9a4b 100644
--- a/cookbook/security/api_key_authentication.rst
+++ b/cookbook/security/api_key_authentication.rst
@@ -45,25 +45,21 @@ value and then a User object is created::
 
         public function createToken(Request $request, $providerKey)
         {
-            if ($request->query->has('apikey')) {
-    			return new PreAuthenticatedToken(
-    				'anon.',
-    				$request->query->get('apikey'),
-    				$providerKey
-    			);
-            }
-    		else if($request->request->has('apikey'))
-    		{
-    			return new PreAuthenticatedToken(
-    				'anon.',
-    				$request->request->get('apikey'),
-    				$providerKey
-    			);
-    		}
-    		else
-    		{
+            // look for an apikey query parameter
+            $apiKey = $request->query->get('apikey');
+
+            // or if you want to use an "apikey" header, then do something like this:
+            // $apiKey = $request->headers->get('apikey');
+
+            if (!$apiKey) {
                 throw new BadCredentialsException('No API key found');
-    		}
+            }
+
+            return new PreAuthenticatedToken(
+                'anon.',
+                $apiKey,
+                $providerKey
+            );
         }
 
         public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)