我正在用symfony 3.4构建API Rest。我需要使用Oauth系统在api上对用户进行身份验证。
所以,我在symfony上使用了警卫系统。我创建了一个身份验证器,该身份验证器在客户端发送的请求中获得了access_token。
这是我的配置(security.yml):
oauth:
pattern: ^/
stateless: true
simple_preauth:
authenticator: Oauth_authenticator
provider: provider.google_user
我的Oauth_authenticator:
class OauthAuthenticator implements SimplePreAuthenticatorInterface,AuthenticationFailureHandlerInterface
{
public function createToken(Request $request, $providerKey)
{
$bearer = $request->headers->get('Authorization');
$accessToken = substr($bearer, 7);
return new PreAuthenticatedToken(
'anon.',
$accessToken,
$providerKey
);
}
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
$accessToken = $token->getCredentials();
$user = $userProvider->loadUserByUsername($accessToken);
return new PreAuthenticatedToken(
$user,
$accessToken,
$providerKey,
['ROLE_USER']
);
}
/**
* This is called when an interactive authentication attempt fails. This is
* called by authentication listeners inheriting from
* AbstractAuthenticationListener.
*
* @return Response The response to return, never null
*/
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
return new Response("Authentication Failed ", 401);
}
public function supportsToken(TokenInterface $token, $providerKey)
{
return $token instanceof PreAuthenticatedToken && $token->getProviderKey() === $providerKey;
}
}
但是,就像您看到的那样,现在,我直接注入“ google_provider”。
实现同一系统,但将来由我的两个提供商(谷歌和facebook)或更多个提供商实现的最佳方法是什么?
谢谢