What are the Slack Archives?
Itβs a history of our time together in the Slack Community! Thereβs a ton of knowledge in here, so feel free to search through the archives for a possible answer to your question.
Because this space is not active, you wonβt be able to create a new post or comment here. If you have a question or want to start a discussion about something, head over to our categories and pick one to post in! You can always refer back to a post from Slack Archives if needed; just copy the link to use it as a reference..
Zed Route Security / Auth: Hi, can someone maybe point me in the right direction :slightly_smiling_
Zed Route Security / Auth:
Hi, can someone maybe point me in the right direction π
Basically I want to have a Zed Controller to consume Akeneo Webhooks and disable the default Zed Auth and instead check the request signature.
I found the \Spryker\Shared\SecurityExtension\Dependency\Plugin\SecurityPluginInterface which could be the right place, but I also did nod find out yet how to use it
Comments
-
Hi David!
You could look into/src/Pyz/Zed/Security/SecurityDependencyProvider.php
for plugin examples. To allow anonymous access to some endpoint you need to add your custom security plugin to the top of the list and use bothaddFirewall
andaddAccesRules
methods in it.UserSecurityPlugin
seems like good example to start with.
This is where I ended up while solving similar problem, so I could miss something or get wrong, please correct me in this case0 -
@U02MQRQHG3E thanks! then I'm at least not completely wrong here π ok I'm trying the addAccessRules to allow access at first. But for some reason it's not working. I guess I have to keep debugging somewhere where the access rules are applied
0 -
Like I mentioned, in my case using both firewall and access rule was necessary. So, if nothing helps, try something like:
class MySecurityPlugin extends AbstractPlugin implements SecurityPluginInterface { protected const SECURITY_FIREWALL_NAME = 'MyFirewall'; protected const MY_ROUTE_PATTERN = '^/my-endpoint'; protected const IS_AUTHENTICATED_ANONYMOUSLY = 'IS_AUTHENTICATED_ANONYMOUSLY'; public function extend(SecurityBuilderInterface $securityBuilder, ContainerInterface $container): SecurityBuilderInterface { $securityBuilder = $this->addFirewall($securityBuilder); $securityBuilder = $this->addAccessRules($securityBuilder); return $securityBuilder; } protected function addFirewall(SecurityBuilderInterface $securityBuilder): SecurityBuilderInterface { $securityBuilder->addFirewall(static::SECURITY_FIREWALL_NAME, [ 'anonymous' => true, 'pattern' => static::MY_ROUTE_PATTERN, ]); return $securityBuilder; } protected function addAccessRules(SecurityBuilderInterface $securityBuilder): SecurityBuilderInterface { $accessRules = [ [ static::MY_ROUTE_PATTERN, static::IS_AUTHENTICATED_ANONYMOUSLY, ], ]; $securityBuilder->addAccessRules($accessRules); return $securityBuilder; } }
And don't forget, plugins order matters - because route patterns might intersect.
0 -
thx π it seems to work, but then later he still tries to get a user from the session. It seems I still have to add the route to the ignorable paths in the acl module somewhere
0 -
giovanni.piemontese Technical Lead @ LΓΆffelhardt Spryker Solution Partner Posts: 871 π§π»βπ - Cadet
u have to ignore your route here ->
\Pyz\Zed\SecurityGui\SecurityGuiConfig::IGNORABLE_ROUTE_PATTERN
and here ->\Spryker\Shared\Acl\AclConstants::ACL_DEFAULT_RULES
0 -
ok this works, but I'll check if I can add the rules maybe somewhere using a plugin
0 -
but it works for now! Thank you π
0
Categories
- All Categories
- 42 Getting Started & Guidelines
- 7 Getting Started in the Community
- 8 Additional Resources
- 7 Community Ideas and Feedback
- 76 Spryker News
- 929 Developer Corner
- 787 Spryker Development
- 89 Spryker Dev Environment
- 362 Spryker Releases
- 3 Oryx frontend framework
- 35 Propel ORM
- 68 Community Projects
- 3 Community Ideation Board
- 30 Hackathon
- 3 PHP Bridge
- 6 Gacela Project
- 26 Job Opportunities
- 3.2K π Slack Archives
- 116 Academy
- 5 Business Users
- 370 Docker
- 551 Slack General
- 2K Help
- 75 Knowledge Sharing
- 6 Random Stuff
- 4 Code Testing
- 32 Product & Business Questions
- 70 Spryker Safari Questions
- 50 Random