Skip to content

Commit

Permalink
configurable firewall name via container parameter (#196)
Browse files Browse the repository at this point in the history
  • Loading branch information
@solverat
solverat authored Feb 12, 2024
1 parent 9bd03e8 commit 8156c64
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 2 deletions.
1 change: 1 addition & 0 deletions UPGRADE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

### 4.1.2
- **[IMPROVEMENT]**: Introduce `OAUTH_RESOURCE_MAPPING_REFRESH` Event
- **[IMPROVEMENT]**: Configurable Firewall Name via container parameter `members.firewall_name`

### 4.1.1
- **[BUGFIX]**: Also respect original asset paths in protected env
Expand Down
8 changes: 8 additions & 0 deletions docs/SSO/20_Installation.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,14 @@ members:
activation_type: 'complete_profile' # choose between "complete_profile" and "instant"
```

## Configure Firewall
If your using a different name for your firewall than `members_fe` you need to configure the container parameter:

```yaml
parameters:
members.firewall_name: your_fw_name
```

## Configure Client
Every provider comes with its own configuration.
In this example, we're going to setup the google client:
Expand Down
10 changes: 8 additions & 2 deletions src/MembersBundle/DependencyInjection/MembersExtension.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,10 @@ public function prepend(ContainerBuilder $container): void
$configs = $container->getExtensionConfig($this->getAlias());
$config = $this->processConfiguration($this->getConfiguration([], $container), $configs);

if (!$container->hasParameter('members.firewall_name')) {
$container->setParameter('members.firewall_name', 'members_fe');
}

$oauthEnabled = false;
if ($container->hasExtension('security') === true && $config['oauth']['enabled'] === true) {
$oauthEnabled = true;
Expand Down Expand Up @@ -116,6 +120,8 @@ protected function enableOauth(ContainerBuilder $container, array $config): void

protected function extendPimcoreSecurityConfiguration(ContainerBuilder $container, bool $oauthEnabled): void
{
$firewallName = $container->getParameter('members.firewall_name');

if ($this->authenticatorIsEnabled($container) === false) {

$container->loadFromExtension('pimcore', [
Expand All @@ -129,7 +135,7 @@ protected function extendPimcoreSecurityConfiguration(ContainerBuilder $containe
if ($oauthEnabled === true) {
$container->loadFromExtension('security', [
'firewalls' => [
'members_fe' => [
$firewallName => [
'guard' => [
'authenticators' => [
\MembersBundle\Security\OAuthIdentityAuthenticator::class
Expand All @@ -154,7 +160,7 @@ protected function extendPimcoreSecurityConfiguration(ContainerBuilder $containe
if ($oauthEnabled === true) {
$container->loadFromExtension('security', [
'firewalls' => [
'members_fe' => [
$firewallName => [
'custom_authenticators' => [
OAuthIdentityAuthenticator::class
]
Expand Down
4 changes: 4 additions & 0 deletions src/MembersBundle/Resources/config/packages/security_auth_manager.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
# if you're using a different firewall name, you need to enable this parameter
# parameters:
# members.firewall_name: 'your_fw_name'

security:

enable_authenticator_manager: true
Expand Down
2 changes: 2 additions & 0 deletions src/MembersBundle/Resources/config/services/event.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ services:

# event: check auth
MembersBundle\EventListener\AuthenticationListener:
arguments:
$firewallName: '%members.firewall_name%'
tags:
- { name: kernel.event_subscriber }

Expand Down

0 comments on commit 8156c64

Please sign in to comment.