add support for ssl verification

2020-12-11 18:32:33 +01:00
parent b303c94643
commit 8807f99af1
5 changed files with 14 additions and 2 deletions
--- a/DependencyInjection/ABELkeycloakBearerOnlyAdapterExtension.php
+++ b/DependencyInjection/ABELkeycloakBearerOnlyAdapterExtension.php
@@ -24,6 +24,7 @@ class ABELkeycloakBearerOnlyAdapterExtension extends Extension
        $definition->replaceArgument(1, $config['realm']);
        $definition->replaceArgument(2, $config['client_id']);
        $definition->replaceArgument(3, $config['client_secret']);
        $definition->replaceArgument(4, $config['ssl_verification']);
    }
    public function getAlias()
--- a/DependencyInjection/Configuration.php
+++ b/DependencyInjection/Configuration.php
@@ -31,6 +31,10 @@ class Configuration implements ConfigurationInterface
                ->scalarNode("client_secret")
                    ->isRequired()
                    ->cannotBeEmpty()
                ->end()
                ->scalarNode('ssl_verification')
                    ->defaultFalse()
                    ->treatNullLike(false)
                ->end();
        return $treeBuilder;
--- a/Resources/config/services.xml
+++ b/Resources/config/services.xml
@@ -17,6 +17,7 @@
            <argument/>
            <argument/>
            <argument/>
            <argument/>
        </service>
        <service id="ABEL\Bundle\keycloakBearerOnlyAdapterBundle\Security\User\KeycloakBearerUserProvider" alias="abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider" />
--- a/Security/Authenticator/KeycloakBearerAuthenticator.php
+++ b/Security/Authenticator/KeycloakBearerAuthenticator.php
@@ -210,6 +210,6 @@ class KeycloakBearerAuthenticator extends AbstractGuardAuthenticator
     */
    protected function formatToken(string $token): string
    {
-        return trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $token));
+        return trim(preg_replace('/^(?:\s+)?[B-b]earer\s/', '', $token));
    }
 }
--- a/Security/User/KeycloakBearerUserProvider.php
+++ b/Security/User/KeycloakBearerUserProvider.php
@@ -28,6 +28,10 @@ class KeycloakBearerUserProvider implements UserProviderInterface
     * @var string
     */
    private $client_secret;
    /**
     * @var mixed
     */
    private $sslVerification;
    /**
     * KeycloakBearerUserProvider constructor.
@@ -36,12 +40,13 @@ class KeycloakBearerUserProvider implements UserProviderInterface
     * @param string $client_id
     * @param string $client_secret
     */
-    public function __construct(string $issuer, string $realm, string $client_id, string $client_secret)
+    public function __construct(string $issuer, string $realm, string $client_id, string $client_secret, $sslVerification)
    {
        $this->issuer = $issuer;
        $this->realm = $realm;
        $this->client_id = $client_id;
        $this->client_secret = $client_secret;
        $this->sslVerification = $sslVerification;
    }
    /**
@@ -71,6 +76,7 @@ class KeycloakBearerUserProvider implements UserProviderInterface
                'http'  => '', // Use this proxy with "http"
                'https' => '', // Use this proxy with "https",
            ],
            'verify' => $this->sslVerification,
            'http_errors' => false
        ]);