helthe / security-api
Helthe API Security Component
Installs: 68
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
pkg:composer/helthe/security-api
Requires
- php: >=5.3.3
- symfony/security: ~2.3
This package is auto-updated.
Last update: 2025-09-29 01:38:26 UTC
README
Helthe API Security is a library for doing API key authentication with the Symfony Security Component.
Installation
Using Composer
Manually
Add the following in your composer.json:
{
"require": {
// ...
"helthe/security-api": "~1.0"
}
}
Using the command line
$ composer require 'helthe/security-api=~1.0'
Usage
Authentication Provider
An API authentication provider implementing AuthenticationProviderInterfaceis
supplied supporting the PreAuthenticatedToken. Once authenticated, a user will be
authenticated using a ApiKeyAuthenticatedToken which is an extension of PreAuthenticatedToken
where the api key is not erased.
User Provider
The library provides its own UserProviderInterface that must implemented by the
user provider supplied to the ApiKeyAuthenticationProvider.
Example
use Helthe\Component\Security\Api\Authentication\Provider\ApiKeyAuthenticationProvider; use Symfony\Component\Security\Core\User\UserChecker; // Helthe\Component\Security\Api\User\UserProviderInterface $userProvider = new InMemoryUserProvider( array( 'admin' => array( 'api_key' => 'foo', ), ) ); // for some extra checks: is account enabled, locked, expired, etc.? $userChecker = new UserChecker(); $provider = new ApiKeyAuthenticationProvider( $userProvider, $userChecker, 'your_api', ); $provider->authenticate($unauthenticatedToken);
Firewall
Two firewall listeners are available extending AbstractPreAuthenticatedListener.
HttpHeaderListener checks for the api key in the Request headers and QueryStringListener
checks in the Request query string.
Bugs
For bugs or feature requests, please create an issue.