peekabooauth / peekaboo-bundle
Peekaboo Bundle
Installs: 14 120
Dependents: 1
Suggesters: 0
Security: 0
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Type:symfony-bundle
pkg:composer/peekabooauth/peekaboo-bundle
Requires
- php: >=8.4
- ext-json: *
- psr/log: ^3.0
- symfony/framework-bundle: ^7.4|^8.0
- symfony/http-client: ^7.4|^8.0
- symfony/http-foundation: ^7.4|^8.0
- symfony/http-kernel: ^7.4|^8.0
- symfony/routing: ^7.4|^8.0
- symfony/security-bundle: ^7.4|^8.0
- symfony/security-core: ^7.4|^8.0
- symfony/security-http: ^7.4|^8.0
- symfony/validator: ^7.4|^8.0
Requires (Dev)
- phpstan/phpstan: ^2.1
- phpunit/phpunit: ^11.5
- roave/security-advisories: dev-latest
- dev-main
- 1.7.0
- 1.6.0
- 1.5.0
- 1.4.1
- 1.4.0
- 1.3.6
- 1.3.5
- 1.3.4
- 1.3.3
- 1.3.2
- 1.3.1
- 1.3.0
- 1.2.7
- 1.2.6
- 1.2.5
- 1.2.4
- 1.2.3
- 1.2.1
- 1.2.0
- 1.1.10
- 1.1.9
- 1.1.8
- 1.1.7
- 1.1.6
- 1.1.5
- 1.1.4
- 1.1.3
- 1.1.2
- 1.1.1
- 1.1.0
- 1.0.18
- 1.0.17
- 1.0.16
- 1.0.15
- 1.0.14
- 1.0.13
- 1.0.12
- 1.0.11
- 1.0.10
- 1.0.9
- v1.0.8
- v1.0.6
- v1.0.5
- v1.0.4
- v1.0.3
- v1.0.2
- v1.0.1
- v1.0.0
- dev-feature/fix-auth-by-API_KEY
This package is auto-updated.
Last update: 2026-01-19 12:36:04 UTC
README
Symfony bundle for authentication integration with the Peekaboo identity server.
Requirements
- PHP 8.4+
- Symfony 7.4+ or 8.0+
Install
composer require peekabooauth/peekaboo-bundle
Add to config/bundles.php
Peekabooauth\PeekabooBundle\PeekabooBundle::class => ['all' => true]
Add to config/routes/annotations.yaml
peekaboo: resource: '@PeekabooBundle/Resources/config/routes.yaml'
Add to config/packages/security.yaml
#...... providers: peekaboo_user_provider: id: Peekabooauth\PeekabooBundle\UserProvider\UserProvider #...... firewalls: peekaboo: pattern: ^/ custom_authenticators: - Peekabooauth\PeekabooBundle\Security\PeekabooAuthenticator provider: peekaboo_user_provider #....... access_control: - { path: ^/peekaboo/auth, roles: PUBLIC_ACCESS }
Authentication Methods
The bundle supports multiple authentication methods, checked in priority order:
| Priority | Method | How to use |
|---|---|---|
| 1 | JWT Token | Authorization: Bearer <token> header, or bearer query/body parameter |
| 2 | API Key | x-api-key header, or apikey query/body parameter |
| 3 | Basic Auth | Authorization: Basic <credentials> header |
| 4 | Session | Automatic after OAuth redirect flow |
JWT Token Authentication
# Via Authorization header curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..." https://app.example.com/api/endpoint # Via query parameter curl "https://app.example.com/api/endpoint?bearer=eyJhbGciOiJIUzI1NiIs..."
API Key Authentication
# Via x-api-key header curl -H "x-api-key: your-api-key" https://app.example.com/api/endpoint # Via query parameter curl "https://app.example.com/api/endpoint?apikey=your-api-key"
Basic Auth
curl -u "username:password" https://app.example.com/api/endpoint
Getting a JWT Token
curl -X POST -H "Content-Type: application/json" \ https://peekabooauth.com/api/login_check \ -d '{"username":"user@example.com","password":"123456"}'
Environment Variables
| Variable | Description | Default |
|---|---|---|
IDENTITY_SERVER_URL_EXTERNAL |
Public URL of identity server (for browser redirects) | https://peekabooauth.com |
IDENTITY_SERVER_URL_INTERNAL |
Internal URL of identity server (for server-to-server calls) | https://peekabooauth.com |
IDENTITY_SERVER_AUTH_PATH |
Path to authentication endpoint | /identity/auth |
IDENTITY_SERVER_LOGOUT_PATH |
Path to logout endpoint | /identity/logout |
ROUTE_AFTER_REDIRECT |
Route name to redirect after successful auth | homepage |
PEEKABOO_APPLICATION_NAME |
Your application name registered with Peekaboo | dev |
PEEKABOO_APPLICATION_SECRET |
Your application secret | (required) |
PEEKABOO_AUTOLOGIN |
Auto-login provider (see below) | (empty) |
Example .env:
IDENTITY_SERVER_URL_EXTERNAL=https://peekabooauth.com IDENTITY_SERVER_URL_INTERNAL=https://peekabooauth.com IDENTITY_SERVER_AUTH_PATH=/identity/auth IDENTITY_SERVER_LOGOUT_PATH=/identity/logout ROUTE_AFTER_REDIRECT=homepage PEEKABOO_APPLICATION_NAME=myapp PEEKABOO_APPLICATION_SECRET=your-secret-key PEEKABOO_AUTOLOGIN=
Local Development
To test your app without connecting to the real identity server (useful for offline development), set:
IDENTITY_SERVER_URL_INTERNAL=https://peekabooauth.dev
This returns a hardcoded admin user with the following properties:
- Email:
admin@localhost.net - Name:
dev - Roles:
ROLE_ADMIN,ROLE_USER,ROLE_API,ROLE_DEV
Autologin
Set PEEKABOO_AUTOLOGIN to skip the login form and authenticate automatically:
| Value | Behavior |
|---|---|
google |
Redirect directly to Google login |
facebook |
Redirect directly to Facebook login |
google_js |
Show login page, auto-click Google button |
facebook_js |
Show login page, auto-click Facebook button |
| (empty) | Show login form without autologin |
Development
# Install dependencies composer install # Run tests composer test # Run static analysis composer analyze
License
GPL-3.0-only