oauth-account/DependencyInjection/AuthserverOAuthAccountExten...

<?php
/**
 * Authserver, an OAuth2-based single-signon authentication provider written in PHP.
 *
 * Copyright (C) $today.date  Lars Vierbergen
 *
 * his program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
namespace vierbergenlars\AuthserverOAuthAccountBundle\DependencyInjection;

use Symfony\Component\Config\Definition\Processor;
use Symfony\Component\DependencyInjection\ChildDefinition;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\Config\FileLocator;
use Symfony\Component\DependencyInjection\DefinitionDecorator;
use Symfony\Component\DependencyInjection\Extension\PrependExtensionInterface;
use Symfony\Component\HttpKernel\DependencyInjection\Extension;
use Symfony\Component\DependencyInjection\Loader;
use vierbergenlars\AuthserverExternalAccountBundle\AuthserverExternalAccountBundle;
use vierbergenlars\AuthserverOAuthAccountBundle\ResourceOwner\ResourceOwnerConfig;

class AuthserverOAuthAccountExtension extends Extension implements PrependExtensionInterface
{

    const USER_PROVIDER_SERVICE = 'vierbergenlars.authserver_oauth_account.user_provider';

    const RESOURCE_OWNER_MAP_SERVICE = 'vierbergenlars.authserver_oauth_account.resource_owner_map';

    public function prepend(ContainerBuilder $container)
    {
        $container->prependExtensionConfig('hwi_oauth', [
            'firewall_names' => [
                'public'
            ],
            'connect' => [
                'account_connector' => self::USER_PROVIDER_SERVICE
            ]
        ]);

        $configs = $container->getExtensionConfig($this->getAlias());

        $processor = new Processor();
        $config = $processor->processConfiguration(new Configuration(), $configs);
        $container->prependExtensionConfig('hwi_oauth', [
            'resource_owners' => array_map(function ($resource_owner) {
                return $resource_owner['config'];
            }, $config['resource_owners'])
        ]);

        $container->loadFromExtension('security', [
            'firewalls' => [
                'public' => [
                    'oauth' => [
                        'resource_owners' => array_combine(array_keys($config['resource_owners']), array_map(function ($roName) {
                            return '/login/oauth/' . $roName;
                        }, array_keys($config['resource_owners']))),
                        'login_path' => 'app_login',
                        'failure_path' => 'app_login',
                        'oauth_user_provider' => [
                            'service' => self::USER_PROVIDER_SERVICE
                        ]
                    ]
                ]
            ]
        ]);
    }

    public function load(array $configs, ContainerBuilder $container)
    {
        $servicesDirectory = __DIR__ . '/../Resources/config';
        $fileLocator = new FileLocator($servicesDirectory);
        $xmlLoader = new Loader\XmlFileLoader($container, $fileLocator);
        $xmlLoader->load('services.xml');

        $processor = new Processor();
        $config = $processor->processConfiguration(new Configuration(), $configs);
        $container->getDefinition(self::RESOURCE_OWNER_MAP_SERVICE)->setArgument(0, $config['resource_owners']);

        foreach ($config['resource_owners'] as $name => $_) {
            $service = new DefinitionDecorator('vierbergenlars.authserver_oauth_account.external_account_provider.abstract');
            $service->replaceArgument(0, $name);
            $service->addTag(AuthserverExternalAccountBundle::EXTERNAL_ACCOUNT_PROVIDER_TAG);
            $container->setDefinition('vierbergenlars.authserver_oauth_account.external_account_provider.impl.' . $name, $service);
        }

        $container->setParameter('vierbergenlars.authserver_oauth_account.registration.enabled', $config['registration']['enabled']);
        $container->setParameter('vierbergenlars.authserver_oauth_account.registration.fields', $config['registration']);
        if ($config['registration']['enabled']) {
            $xmlLoader->load('registration_services.xml');
        }
    }

    public function getAlias()
    {
        return 'oauth';
    }
}
Initial commit 8 years ago			`<?php`
			`/**`
			`* Authserver, an OAuth2-based single-signon authentication provider written in PHP.`
			`*`
			`* Copyright (C) $today.date Lars Vierbergen`
			`*`
			`* his program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`
			`namespace vierbergenlars\AuthserverOAuthAccountBundle\DependencyInjection;`

			`use Symfony\Component\Config\Definition\Processor;`
Move more logic to ExternalAccountBundle for a more centralized view 7 years ago			`use Symfony\Component\DependencyInjection\ChildDefinition;`
Initial commit 8 years ago			`use Symfony\Component\DependencyInjection\ContainerBuilder;`
			`use Symfony\Component\Config\FileLocator;`
Move more logic to ExternalAccountBundle for a more centralized view 7 years ago			`use Symfony\Component\DependencyInjection\DefinitionDecorator;`
Initial commit 8 years ago			`use Symfony\Component\DependencyInjection\Extension\PrependExtensionInterface;`
			`use Symfony\Component\HttpKernel\DependencyInjection\Extension;`
			`use Symfony\Component\DependencyInjection\Loader;`
Move more logic to ExternalAccountBundle for a more centralized view 7 years ago			`use vierbergenlars\AuthserverExternalAccountBundle\AuthserverExternalAccountBundle;`
Initial commit 8 years ago			`use vierbergenlars\AuthserverOAuthAccountBundle\ResourceOwner\ResourceOwnerConfig;`

			`class AuthserverOAuthAccountExtension extends Extension implements PrependExtensionInterface`
			`{`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago
Initial commit 8 years ago			`const USER_PROVIDER_SERVICE = 'vierbergenlars.authserver_oauth_account.user_provider';`

Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`const RESOURCE_OWNER_MAP_SERVICE = 'vierbergenlars.authserver_oauth_account.resource_owner_map';`

Initial commit 8 years ago			`public function prepend(ContainerBuilder $container)`
			`{`
			`$container->prependExtensionConfig('hwi_oauth', [`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`'firewall_names' => [`
			`'public'`
			`],`
Initial commit 8 years ago			`'connect' => [`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`'account_connector' => self::USER_PROVIDER_SERVICE`
Initial commit 8 years ago			`]`
			`]);`

			`$configs = $container->getExtensionConfig($this->getAlias());`

			`$processor = new Processor();`
			`$config = $processor->processConfiguration(new Configuration(), $configs);`
			`$container->prependExtensionConfig('hwi_oauth', [`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`'resource_owners' => array_map(function ($resource_owner) {`
Move more logic to ExternalAccountBundle for a more centralized view 7 years ago			`return $resource_owner['config'];`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`}, $config['resource_owners'])`
Initial commit 8 years ago			`]);`

			`$container->loadFromExtension('security', [`
			`'firewalls' => [`
			`'public' => [`
			`'oauth' => [`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`'resource_owners' => array_combine(array_keys($config['resource_owners']), array_map(function ($roName) {`
			`return '/login/oauth/' . $roName;`
Initial commit 8 years ago			`}, array_keys($config['resource_owners']))),`
			`'login_path' => 'app_login',`
			`'failure_path' => 'app_login',`
			`'oauth_user_provider' => [`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`'service' => self::USER_PROVIDER_SERVICE`
			`]`
			`]`
Initial commit 8 years ago			`]`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`]`
Initial commit 8 years ago			`]);`
			`}`

			`public function load(array $configs, ContainerBuilder $container)`
			`{`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`$servicesDirectory = __DIR__ . '/../Resources/config';`
Initial commit 8 years ago			`$fileLocator = new FileLocator($servicesDirectory);`
			`$xmlLoader = new Loader\XmlFileLoader($container, $fileLocator);`
			`$xmlLoader->load('services.xml');`

			`$processor = new Processor();`
			`$config = $processor->processConfiguration(new Configuration(), $configs);`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`$container->getDefinition(self::RESOURCE_OWNER_MAP_SERVICE)->setArgument(0, $config['resource_owners']);`
Initial commit 8 years ago
Make registration with external account (and prefilled/forced fields) configurable 7 years ago			`foreach ($config['resource_owners'] as $name => $_) {`
Move more logic to ExternalAccountBundle for a more centralized view 7 years ago			`$service = new DefinitionDecorator('vierbergenlars.authserver_oauth_account.external_account_provider.abstract');`
			`$service->replaceArgument(0, $name);`
			`$service->addTag(AuthserverExternalAccountBundle::EXTERNAL_ACCOUNT_PROVIDER_TAG);`
Add parameter to trust or not trust the verification of email addresses from an external service. Trusted services will mark the email address as verified upon registration. The user is still allowed to modify the email address in the registration form, but if an other email address is provided, it will not be verified automatically. 7 years ago			`$container->setDefinition('vierbergenlars.authserver_oauth_account.external_account_provider.impl.' . $name, $service);`
Move more logic to ExternalAccountBundle for a more centralized view 7 years ago			`}`
Make registration with external account (and prefilled/forced fields) configurable 7 years ago
			`$container->setParameter('vierbergenlars.authserver_oauth_account.registration.enabled', $config['registration']['enabled']);`
			`$container->setParameter('vierbergenlars.authserver_oauth_account.registration.fields', $config['registration']);`
			`if ($config['registration']['enabled']) {`
			`$xmlLoader->load('registration_services.xml');`
			`}`
Initial commit 8 years ago			`}`

			`public function getAlias()`
			`{`
			`return 'oauth';`
			`}`
			`}`