Symfony Security Component as a Standalone (Part 1)

Amir Modarresi
Jun 22, 2018 · 6 min read
mkdir symfony-security-standalone
{
"require": {
"symfony/security": "^4.1"
},
"autoload": {
"psr-4": {
"App\\": "src"
}
}
}
composer install
<?phpnamespace App;use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\HttpKernelInterface;
class Kernel implements HttpKernelInterface
{
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true)
{
return new Response('Greeting');
}
}
<?phpuse App\Kernel;
use Symfony\Component\HttpFoundation\Request;
require_once __DIR__.'/vendor/autoload.php';$request = Request::createFromGlobals();$kernel = new Kernel();/** @var \Symfony\Component\HttpFoundation\Response $response */
$response = $kernel->handle($request);
$response->send();
<?phpnamespace App;use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Http\Firewall\ListenerInterface;
class SimpleAuthenticationListener implements ListenerInterface
{
private $tokenStorage;
private $authenticationManager;private $providerKey;public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, string $providerKey) {
$this->tokenStorage = $tokenStorage;
$this->authenticationManager = $authenticationManager;
$this->providerKey = $providerKey;
}
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
if ($request->query->has('username') && $request->query->has('password')) {
$username = $request->query->get('username');
$password = $request->query->get('password');
$unauthenticatedToken = new UsernamePasswordToken(
$username,
$password,
$this->providerKey
);
try {
$authenticatedToken = $this
->authenticationManager
->authenticate($unauthenticatedToken);
$this->tokenStorage->setToken($authenticatedToken);
} catch (AuthenticationException $exception) {
$response = new Response($exception->getMessage());
$event->setResponse($response);
}
}
}
}
<?phpnamespace App;use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestMatcher;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
use Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Http\FirewallMap;
class Kernel implements HttpKernelInterface
{
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true)
{
$tokenStorage = new TokenStorage();
$authenticationManager = new AuthenticationProviderManager([]);
$simpleAuthenticationListener = new SimpleAuthenticationListener($tokenStorage, $authenticationManager, 'main');
$firewallMap = new FirewallMap();$requestMatcher = new RequestMatcher('^/');
$listeners = [$simpleAuthenticationListener];
$firewallMap->add($requestMatcher, $listeners);
$eventDispatcher = new EventDispatcher();
$firewall = new Firewall($firewallMap, $eventDispatcher);
return new Response('Greeting');
}
}
<?phpnamespace App;use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\User;
class SimpleAuthenticationProvider implements AuthenticationProviderInterface
{
public function authenticate(TokenInterface $token)
{
$username = $token->getUsername();
$password = $token->getCredentials();
if ($username == 'amir' && $password == 'foo') {
$user = new User($username, $password, ['ROLE_USER']);
$authenticatedToken = new UsernamePasswordToken($user, $password, $token->getProviderKey(), $user->getRoles());

return $authenticatedToken;
}

throw new AuthenticationException("Username or password is invalid.");
}
public function supports(TokenInterface $token)
{
return $token instanceof UsernamePasswordToken && !$token->isAuthenticated();
}
}
<?phpnamespace App;use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestMatcher;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
use Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Http\FirewallMap;
class Kernel implements HttpKernelInterface
{
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true)
{
$tokenStorage = new TokenStorage();
$authenticationManager = new AuthenticationProviderManager([new SimpleAuthenticationProvider()]);
$simpleAuthenticationListener = new SimpleAuthenticationListener($tokenStorage, $authenticationManager, 'main');
$firewallMap = new FirewallMap();$requestMatcher = new RequestMatcher('^/');
$listeners = [$simpleAuthenticationListener];
$firewallMap->add($requestMatcher, $listeners);
$eventDispatcher = new EventDispatcher();
$firewall = new Firewall($firewallMap, $eventDispatcher);
return new Response('Greeting');
}
}
<?phpnamespace App;use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestMatcher;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
use Symfony\Component\Security\Http\Firewall;
use Symfony\Component\Security\Http\FirewallMap;
class Kernel implements HttpKernelInterface
{
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true)
{
$tokenStorage = new TokenStorage();
$authenticationManager = new AuthenticationProviderManager([new SimpleAuthenticationProvider()]);
$simpleAuthenticationListener = new SimpleAuthenticationListener($tokenStorage, $authenticationManager, 'main');
$firewallMap = new FirewallMap();$requestMatcher = new RequestMatcher('^/');
$listeners = [$simpleAuthenticationListener];
$firewallMap->add($requestMatcher, $listeners);
$eventDispatcher = new EventDispatcher();
$firewall = new Firewall($firewallMap, $eventDispatcher);
$eventDispatcher->addSubscriber($firewall);$getResponseEvent = new GetResponseEvent($this, $request, $type);
$eventDispatcher->dispatch(KernelEvents::REQUEST, $getResponseEvent);
if ($getResponseEvent->hasResponse()) {
return $getResponseEvent->getResponse();
}
if (($token = $tokenStorage->getToken()) && $token->getUser()) {
$user = $token->getUsername();
} else {
$user = 'anonymous';
}

return new Response(sprintf('Greeting %s', $user));
}
}

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade