How to register multiple authentication providers in Symfony2?

2
votes

I created my own authentication based on: http://symfony.com/doc/2.0/cookbook/security/custom_authentication_provider.html and it works well.

But now I need to have two authentication providers. AuthenticationProviderManager supports this but I can't find out how to add second auth provider to my security factory.

My code:

security.yml

  firewalls:
    wsse_secured:
      pattern:   /api/.*
      wsse:      true

WsseFactory.php

class WsseFactory implements SecurityFactoryInterface
{
    public function create(ContainerBuilder $container, $id, $config, $userProvider, $defaultEntryPoint)
    {
        $providerId = 'security.authentication.provider.wsse.'.$id;
        $container
            ->setDefinition(
                $providerId, 
                new DefinitionDecorator(
                    'wsse.security.authentication.provider'
                )
            )
            ->replaceArgument(
                0, 
                new Reference($userProvider)
            );

        $listenerId = 'security.authentication.listener.wsse.'.$id;
        $container->setDefinition(
            $listenerId, 
            new DefinitionDecorator(
                'wsse.security.authentication.listener'
            )
        );

        return array($providerId, $listenerId, $defaultEntryPoint);
    }

    public function getPosition()
    {
        return 'pre_auth';
    }

    public function getKey()
    {
        return 'wsse';
    }

    public function addConfiguration(NodeDefinition $node)
    {
    }
}

services.yml:

wsse.security.authentication.provider:
    class: LD\BinaryBackendBundle\Security\Authentication\Provider\WsseProvider
    arguments: ['', %kernel.cache_dir%/security/nonces]

wsse.security.authentication.listener:
    class:  LD\BinaryBackendBundle\Security\Firewall\WsseListener
    arguments: [@security.context, @security.authentication.manager, @logger]

So as you can see I have one auth provider registers. How can I add second?

1
symfony

1 Answers

2
votes

You can add an auth provider just adding it to the firewall configuration, if one fails it passes to the other one,

for example in my application I'm using both form_login and oauth from the HWIOAuthBundle and this is my firewall in security.yml:

firewalls:
    main:
        pattern:                    ^/
        logout:                     true
        anonymous:                  true
        form_login:
            csrf_provider:          form.csrf_provider
            login_path:             /login
            check_path:             /login_check
            default_target_path:    /manager/
        logout:
            path:                   /logout
            target:                 /
        oauth:
            resource_owners:
                google:             /login/check-google
                facebook:           /login/check-facebook
                twitter:            /login/check-twitter
            default_target_path:    /manager/
            login_path:             /login
            failure_path:           /login
            oauth_user_provider:
                service: oauth_user_provider

So depending on the url it uses one auth provider or the other.