tothbt/keycloak-bundle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add support for ssl verification

Browse Source
This commit is contained in:
ELMAKHROUBI
2020-12-11 18:32:33 +01:00
parent b303c94643
commit 8807f99af1
5 changed files with 14 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
DependencyInjection/ABELkeycloakBearerOnlyAdapterExtension.php
View File

@@ -24,6 +24,7 @@ class ABELkeycloakBearerOnlyAdapterExtension extends Extension
$definition->replaceArgument(1, $config['realm']);
$definition->replaceArgument(2, $config['client_id']);
$definition->replaceArgument(3, $config['client_secret']);
$definition->replaceArgument(4, $config['ssl_verification']);
}
public function getAlias()

4
DependencyInjection/Configuration.php
View File

@@ -31,6 +31,10 @@ class Configuration implements ConfigurationInterface
->scalarNode("client_secret")
->isRequired()
->cannotBeEmpty()
->end()
->scalarNode('ssl_verification')
->defaultFalse()
->treatNullLike(false)
->end();
return $treeBuilder;

1
Resources/config/services.xml
View File

@@ -17,6 +17,7 @@
<argument/>
<argument/>
<argument/>
<argument/>
</service>
<service id="ABEL\Bundle\keycloakBearerOnlyAdapterBundle\Security\User\KeycloakBearerUserProvider" alias="abel_keycloak_bearer_only_adapter.keycloak_bearer_user_provider" />

2
Security/Authenticator/KeycloakBearerAuthenticator.php
View File

@@ -210,6 +210,6 @@ class KeycloakBearerAuthenticator extends AbstractGuardAuthenticator
*/
protected function formatToken(string $token): string
{
return trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $token));
return trim(preg_replace('/^(?:\s+)?[B-b]earer\s/', '', $token));
}
}

8
Security/User/KeycloakBearerUserProvider.php
View File

@@ -28,6 +28,10 @@ class KeycloakBearerUserProvider implements UserProviderInterface
* @var string
*/
private $client_secret;
/**
* @var mixed
*/
private $sslVerification;
/**
* KeycloakBearerUserProvider constructor.
@@ -36,12 +40,13 @@ class KeycloakBearerUserProvider implements UserProviderInterface
* @param string $client_id
* @param string $client_secret
*/
public function __construct(string $issuer, string $realm, string $client_id, string $client_secret)
public function __construct(string $issuer, string $realm, string $client_id, string $client_secret, $sslVerification)
{
$this->issuer = $issuer;
$this->realm = $realm;
$this->client_id = $client_id;
$this->client_secret = $client_secret;
$this->sslVerification = $sslVerification;
}
/**
@@ -71,6 +76,7 @@ class KeycloakBearerUserProvider implements UserProviderInterface
'http' => '', // Use this proxy with "http"
'https' => '', // Use this proxy with "https",
],
'verify' => $this->sslVerification,
'http_errors' => false
]);