happyr / auth0-bundle Goto Github PK
View Code? Open in Web Editor NEWSymfony integration for Auth0
License: MIT License
Symfony integration for Auth0
License: MIT License
This is my config.
I post it here for reference. Maybe we should add it to the docs.
happyr_auth0:
sdk:
domain: '%env(AUTH0_DOMAIN)%'
customDomain: '%env(AUTH0_LOGIN_DOMAIN)%'
clientId: '%env(AUTH0_CLIENT_ID)%'
clientSecret: '%env(AUTH0_SECRET)%'
tokenCache: 'cache.redis'
managementTokenCache: 'cache.redis'
cookieSecret: '%kernel.secret%'
transientStorage: 'auth0.storage.transient'
sessionStorage: 'auth0.storage.session'
scope:
- openid # "openid" is required.
- profile
- email
firewall:
check_route: default_login_check
failure_path: default_logout
default_target_path: startpage
services:
auth0.sdk_cookie_config:
class: Auth0\SDK\Configuration\SdkConfiguration
arguments:
- cookieSecret: '%kernel.secret%'
domain: '%env(AUTH0_DOMAIN)%'
customDomain: '%env(AUTH0_LOGIN_DOMAIN)%'
clientId: '%env(AUTH0_CLIENT_ID)%'
clientSecret: '%env(AUTH0_SECRET)%'
auth0.storage.cookie_transient:
class: Auth0\SDK\Store\CookieStore
factory: ['@auth0.sdk_cookie_config', 'getTransientStorage']
auth0.storage.cookie_session:
class: Auth0\SDK\Store\CookieStore
factory: ['@auth0.sdk_cookie_config', 'getSessionStorage']
auth0.storage.transient:
class: Auth0\SDK\Store\Psr6Store
arguments: ['@auth0.storage.cookie_transient', '@cache.redis']
auth0.storage.session:
class: Auth0\SDK\Store\Psr6Store
arguments: ['@auth0.storage.cookie_session', '@cache.redis']
when@test:
services:
test.auth0.session_storage:
class: Auth0\SDK\Store\MemoryStore
test.auth0.transient_storage:
class: Auth0\SDK\Store\MemoryStore
happyr_auth0:
sdk:
transientStorage: test.auth0.transient_storage
sessionStorage: test.auth0.session_storage
Hey there,
I was planning to use this bundle as a way to grab and confirm a JWT token issued by Auth0 and can see that this is not really supported in the current codebase. I've been able to get a very basic version of this up and running by supplying an encoder to the LexikJWTBundle and wondered if you would want this added to the bundle as an optional extra?
Let me know your thoughts and then I can look to making the code below actually work with the bundle.
The encoder would look something like this (untested)
<?php
namespace App\Encoder;
use Auth0\SDK\Configuration\SdkConfiguration;
use Auth0\SDK\Exception\InvalidTokenException;
use Auth0\SDK\Token;
use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
class Auth0JWTEncoder implements JWTEncoderInterface
{
private SdkConfiguration $sdkConfiguration;
public function __construct(SdkConfiguration $sdkConfiguration)
{
$this->sdkConfiguration = $sdkConfiguration;
}
public function encode(array $data)
{
// Not be needed but required by interface
}
public function decode($token): array
{
$auth0TokenVerifier = $this->createTokenVerifyer($token);
try {
$auth0TokenVerifier->validate();
$auth0TokenVerifier->verify();
} catch (InvalidTokenException $e) {
throw new AuthenticationException('Invalid Auth0 token', 0, $e);
}
return $auth0TokenVerifier->toArray();
}
private function createTokenVerifyer(string $token): Token
{
return new Token($this->sdkConfiguration, $token, Token::TYPE_ID_TOKEN);
}
}
Thanks for this, it looks great. Seeing an exception at install in Symfony 5.2
Executing script cache:clear [KO]
[KO]
Script cache:clear returned with error code 1
!!
!! In ArrayNode.php line 222:
!!
!! The child config "domain" under "happyr_auth0" must be configured.
!!
!!
!!
Hi @Nyholm,
Inside the Auth0Authenticator::authenticate
method, there is a call to Auth0\SDK\API\Authentication::userinfo
from access_token to retriev user informations.
In the case of social_login, the payload doesn't contain a user_id key, and the UserBadge can't be constructed with an Exception
Hi @Nyholm,
The auth0-php:@8.0.0-BETA1
fail to issue login link without defining cookieSecret
parameter for SdkConfiguration
(however defined as optionnal in code and documentation).
Configuration injected in the SdkConfiguration
$oponfiguration argument is fixed the ConfigurationProvider
service declaration.
How can we allow to define all available configuration:
What do you think ?
Hi there,
I want to use this within API platform which currently uses Symfony v6 components. I noticed that the bundle is labelled working for 5 but not for 6 but thought I would try it. As expected it's not working but I have forked the project and begun to make a branch that is compatible with 6.0 but it will break backwards compatibility. I have yet to test this so it's a bit of a draft for now.
You can find the branch here - https://github.com/chrisl-peopleplus/auth0-bundle/tree/symfony-6.
As soon as I am confident it's working I'll submit a PR
Hi @Nyholm,
I encounter an issue when trying this bundle, in [email protected], every classes are final.
In my project, I got the symfony/proxy-manager-bridge
component installed. As you declared services as lazy in the configuration, it ends up with the following error:
ProxyManager\Exception\InvalidProxiedClassException: Provided class "Auth0\SDK\API\Authentication" is final and cannot be proxied
Do you think we can simply remove the lazy services configuration ?
If OK for you, i will push a PR.
We should either remove the config value (because it is never used) or make sure to use it.
https://auth0.com/docs/custom-domains/configure-features-to-use-custom-domains#apis
I've always used the "login domain" as a page where you redirect the users to login. All API requests is done with the normal tenant domain.
Created new Symfony 5.3 project, tried to install the bundle and got this error message:
Problem 1
- Root composer.json requires happyr/auth0-bundle ^0.8.1 -> satisfiable by happyr/auth0-bundle[0.8.1].
- happyr/auth0-bundle 0.8.1 requires psr/log ^1.0 -> found psr/log[1.0.0, ..., 1.1.4] but the package is fixed to 2.0.0 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.
Is there any particular reason to lock psr/log
to version ^1?
... because you abandoned it.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.