Ultimately, the FpOpenIdBundle files should be downloaded to the vendor/fp directory.
This can be done in several ways, depending on your preference. The method described here is the standard method for Symfony 2.1, using composer. If you prefer use git submodule read this tutorial and resume to step 2.
Add the following lines in your composer.json file:
{
"require": {
"fp/openid-bundle": "dev-master"
}
}Note: You may want to adapt this line to use a specific version. For example, to use 1.3 (Symfony 2.1), "fp/openid-bundle": "1.3.*"
Now, run composer.phar to download the bundle:
$ php composer.phar installNote: You can immediately start using it. The autoloading files have been generated by composer and already included to the app autoload file.
Finally, enable the bundle in the kernel:
<?php
// app/AppKernel.php
public function registerBundles()
{
$bundles = array(
// ...
new Fp\OpenIdBundle\FpOpenIdBundle(),
);
}In order for Symfony's security component to use the FpOpenIdBundle, you must
tell it to do so in the security.yml file. The security.yml file is where the
basic configuration for the security of your application is contained.
Below is a minimal example of the configuration necessary to use FpOpenIdBundle in your application:
# app/config/security.yml
security:
firewalls:
main:
pattern: ^/
fp_openid: ~
logout: true
anonymous: true
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
access_control:
- { path: ^/login_openid$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secured_area, role: IS_AUTHENTICATED_OPENID }Take a look at the firewalls section.
Here we have declared a
firewall named main. By specifying fp_openid, you have told the Symfony2
framework that any time a request is made to this firewall where the
user need to authenticate himself, he will be redirected to a form
where he will be able to enter identity provider url.
The access_control section is where you specify the credentials necessary for
users trying to access specific parts of your application. The bundle requires
the login form to be available to unauthenticated users but to use the same firewall as
the pages you want to secure with the bundle. This is why you have specified that
any request matching the /login_openid pattern is available to anonymous users.
You have also specified that any request beginning with /secured_area will require
a user to have the IS_AUTHENTICATED_OPENID role.
Finaly, there are no modifications on the providers section, it just follows Symfony2 rules.
For more information on configuring the security.yml file please read the Symfony2
security component documentation or
check the security.yml reference.
Now that you have activated and configured the bundle, all that is left to do is to import the FpOpenIdBundle routing file.
In YAML:
# app/config/routing.yml
fp_openid_security:
resource: "@FpOpenIdBundle/Resources/config/routing/security.xml"
Or if you prefer XML:
<!-- app/config/routing.xml -->
<import resource="@FpOpenIdBundle/Resources/config/routing/security.xml"/>Go to the /login_openid page. You should see a form which asks you to enter an identity provider url.
Let's use Google as authentication provider, enter:
https://www.google.com/accounts/o8/id
You may be asked to login to your Google account.
Congratulations! You have been authenticated by Google. Now, you can try access /secured_area.
Your are now ready to configure an UserProvider