diff --git a/cookbook/security/api_key_authentication.rst b/cookbook/security/api_key_authentication.rst
index 8fb6dfbdb38..35db1d890fc 100644
--- a/cookbook/security/api_key_authentication.rst
+++ b/cookbook/security/api_key_authentication.rst
@@ -22,8 +22,8 @@ Your exact situation may differ, but in this example, a token is read
from an ``apikey`` query parameter, the proper username is loaded from that
value and then a User object is created::
- // src/Acme/HelloBundle/Security/ApiKeyAuthenticator.php
- namespace Acme\HelloBundle\Security;
+ // src/AppBundle/Security/ApiKeyAuthenticator.php
+ namespace AppBundle\Security;
use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -142,8 +142,8 @@ used by Symfony's core user provider system).
The ``$userProvider`` might look something like this::
- // src/Acme/HelloBundle/Security/ApiKeyUserProvider.php
- namespace Acme\HelloBundle\Security;
+ // src/AppBundle/Security/ApiKeyUserProvider.php
+ namespace AppBundle\Security;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\User;
@@ -187,6 +187,41 @@ The ``$userProvider`` might look something like this::
}
}
+Now register your user provider as service:
+
+.. configuration-block::
+
+ .. code-block:: yaml
+
+ # app/config/services.yml
+ services:
+ api_key_user_provider:
+ class: AppBundle\Security\ApiKeyUserProvider
+
+ .. code-block:: xml
+
+
+
+
+
+
+
+
+
+
+
+ .. code-block:: php
+
+ // app/config/services.php
+
+ // ...
+ $container
+ ->register('api_key_user_provider', 'AppBundle\Security\ApiKeyUserProvider');
+
.. note::
Read the dedicated article to learn
@@ -226,8 +261,8 @@ you can use to create an error ``Response``.
.. code-block:: php
- // src/Acme/HelloBundle/Security/ApiKeyAuthenticator.php
- namespace Acme\HelloBundle\Security;
+ // src/AppBundle/Security/ApiKeyAuthenticator.php
+ namespace AppBundle\Security;
use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
@@ -265,8 +300,8 @@ your custom user provider as a service called ``your_api_key_user_provider``
# ...
apikey_authenticator:
- class: Acme\HelloBundle\Security\ApiKeyAuthenticator
- arguments: ["@your_api_key_user_provider"]
+ class: AppBundle\Security\ApiKeyAuthenticator
+ arguments: ["@api_key_user_provider"]
.. code-block:: xml
@@ -280,9 +315,9 @@ your custom user provider as a service called ``your_api_key_user_provider``
-
+
@@ -296,8 +331,8 @@ your custom user provider as a service called ``your_api_key_user_provider``
// ...
$container->setDefinition('apikey_authenticator', new Definition(
- 'Acme\HelloBundle\Security\ApiKeyAuthenticator',
- array(new Reference('your_api_key_user_provider'))
+ 'AppBundle\Security\ApiKeyAuthenticator',
+ array(new Reference('api_key_user_provider'))
));
Now, activate it in the ``firewalls`` section of your security configuration
@@ -318,6 +353,10 @@ using the ``simple_preauth`` key:
simple_preauth:
authenticator: apikey_authenticator
+ providers:
+ api_key_user_provider:
+ id: api_key_user_provider
+
.. code-block:: xml
@@ -336,6 +375,8 @@ using the ``simple_preauth`` key:
>
+
+
@@ -355,6 +396,11 @@ using the ``simple_preauth`` key:
),
),
),
+ 'providers' => array(
+ 'api_key_user_provider' => array(
+ 'id' => 'api_key_user_provider',
+ ),
+ ),
));
That's it! Now, your ``ApiKeyAuthentication`` should be called at the beginning
@@ -394,6 +440,10 @@ configuration or set it to ``false``:
simple_preauth:
authenticator: apikey_authenticator
+ providers:
+ api_key_user_provider:
+ id: api_key_user_provider
+
.. code-block:: xml
@@ -412,6 +462,8 @@ configuration or set it to ``false``:
>
+
+
@@ -430,6 +482,11 @@ configuration or set it to ``false``:
),
),
),
+ 'providers' => array(
+ 'api_key_user_provider' => array(
+ 'id' => 'api_key_user_provider',
+ ),
+ ),
));
Even though the token is being stored in the session, the credentials - in this
@@ -437,7 +494,7 @@ case the API key (i.e. ``$token->getCredentials()``) - are not stored in the ses
for security reasons. To take advantage of the session, update ``ApiKeyAuthenticator``
to see if the stored token has a valid User object that can be used::
- // src/Acme/HelloBundle/Security/ApiKeyAuthenticator.php
+ // src/AppBundle/Security/ApiKeyAuthenticator.php
// ...
class ApiKeyAuthenticator implements SimplePreAuthenticatorInterface
@@ -491,7 +548,7 @@ stored in the database, then you may want to re-query for a fresh version
of the user to make sure it's not out-of-date. But regardless of your requirements,
``refreshUser()`` should now return the User object::
- // src/Acme/HelloBundle/Security/ApiKeyUserProvider.php
+ // src/AppBundle/Security/ApiKeyUserProvider.php
// ...
class ApiKeyUserProvider implements UserProviderInterface
@@ -531,7 +588,7 @@ a certain URL (e.g. the redirect URL in OAuth).
Fortunately, handling this situation is easy: just check to see what the
current URL is before creating the token in ``createToken()``::
- // src/Acme/HelloBundle/Security/ApiKeyAuthenticator.php
+ // src/AppBundle/Security/ApiKeyAuthenticator.php
// ...
use Symfony\Component\Security\Http\HttpUtils;
@@ -543,7 +600,7 @@ current URL is before creating the token in ``createToken()``::
protected $httpUtils;
- public function __construct(ApiKeyUserProviderInterface $userProvider, HttpUtils $httpUtils)
+ public function __construct(UserProviderInterface $userProvider, HttpUtils $httpUtils)
{
$this->userProvider = $userProvider;
$this->httpUtils = $httpUtils;
@@ -579,8 +636,8 @@ service:
# ...
apikey_authenticator:
- class: Acme\HelloBundle\Security\ApiKeyAuthenticator
- arguments: ["@your_api_key_user_provider", "@security.http_utils"]
+ class: AppBundle\Security\ApiKeyAuthenticator
+ arguments: ["@api_key_user_provider", "@security.http_utils"]
.. code-block:: xml
@@ -594,9 +651,9 @@ service:
-
+
@@ -611,9 +668,9 @@ service:
// ...
$container->setDefinition('apikey_authenticator', new Definition(
- 'Acme\HelloBundle\Security\ApiKeyAuthenticator',
+ 'AppBundle\Security\ApiKeyAuthenticator',
array(
- new Reference('your_api_key_user_provider'),
+ new Reference('api_key_user_provider'),
new Reference('security.http_utils')
)
));