diff options
Diffstat (limited to 'deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src')
5 files changed, 192 insertions, 0 deletions
diff --git a/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/bootstrap.php b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/bootstrap.php new file mode 100644 index 0000000000..f7bf096faf --- /dev/null +++ b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/bootstrap.php @@ -0,0 +1,136 @@ +<?php + +require_once __DIR__.'/../vendor/autoload.php'; + +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; +use Symfony\Component\Security\Core\User\InMemoryUserProvider; +use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager; +use Symfony\Component\Security\Core\Authorization\AccessDecisionManager; +use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; +use RabbitMQAuth\Authentication\Authenticator; +use RabbitMQAuth\Authentication\ChainAuthenticationChecker; +use RabbitMQAuth\Authentication\UserPasswordTokenChecker; +use RabbitMQAuth\Authentication\UserTokenChecker; +use RabbitMQAuth\Authorization\DefaultVoter; +use RabbitMQAuth\Controller\AuthController; +use RabbitMQAuth\Security; +use Monolog\Handler\StreamHandler; +use Monolog\Logger; + +/** + * You must can edit the following users and theyre roles (tags) + */ +$userProvider = new InMemoryUserProvider(array( + //Admin user + 'Anthony' => array( + 'password' => 'anthony-password', + 'roles' => array( + 'administrator', + // 'impersonator', // report to https://www.rabbitmq.com/validated-user-id.html + ), + ), + 'James' => array( + 'password' => 'bond', + 'roles' => array( + 'management', + ), + ), + 'Roger' => array( + 'password' => 'rabbit', + 'roles' => array( + 'monitoring', + ), + ), + 'Bunny' => array( + 'password' => 'bugs', + 'roles' => array( + 'policymaker', + ), + ), +)); + +/** + * You can edit the user permissions here + * + * $permissions = arrray( + * '{USERNAME}' => array( + * '{VHOST}' => array( + * 'ip' => '{REGEX_IP}', + * 'read' => '{REGEX_READ}', + * 'write' => '{REGEX_WRITE}', + * 'configure' => '{REGEX_CONFIGURE}', + * ), + * ), + * ); + */ +$permissions = array( + 'Anthony' => array( + 'isAdmin' => true, + ), + 'James' => array( + '/' => array( + 'ip' => '.*', + 'read' => '.*', + 'write' => '.*', + 'configure' => '.*', + ), + ), +); + +/** + * Authenticator initialisation + * + * His gonna to find the user (with user provider) and to check the authentication with the authentication checker. + * + * We are 2 types of access token: + * - UserPasswordToken use with the user endpoint (to check the username and the password validity) + * - UserToken use with resource/topic/vhost endpoint (to check the username existence) + */ +$authenticator = new Authenticator( + $userProvider, + new ChainAuthenticationChecker(array( + new UserPasswordTokenChecker(), + new UserTokenChecker(), + )) +); + +/** + * DefaultVoter is used to check the authorization. + * + * This class has the same implementation of default RabbitMQ authorization process. + * + * $permission is the configured user permission + */ +$defaultVoter = new DefaultVoter($permissions); + +/** + * This class is the initialisation of the symfony/security component + */ +$authenticationManager = new AuthenticationProviderManager(array($authenticator)); +$accessDecisionManager = new AccessDecisionManager(array($defaultVoter)); + +$tokenStorage = new TokenStorage(); + +$authorizationChecker = new AuthorizationChecker( + $tokenStorage, + $authenticationManager, + $accessDecisionManager +); + +/** + * The security class is the main class + */ +$security = new Security($authenticationManager, $authorizationChecker); + +/** + * This is the auth controller. + * + * It take the http request and return the http response + */ +$authController = new AuthController($tokenStorage, $security); + +/** Add a logger */ +$stream = new StreamHandler(__DIR__.'/../var/log.log', Logger::DEBUG); +$authenticator->setLogger((new Logger('rabbitmq_authenticator'))->pushHandler($stream)); +$defaultVoter->setLogger((new Logger('rabbitmq_default_voter'))->pushHandler($stream)); +$security->setLogger((new Logger('rabbitmq_security'))->pushHandler($stream)); diff --git a/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/resource.php b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/resource.php new file mode 100644 index 0000000000..9b2448b867 --- /dev/null +++ b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/resource.php @@ -0,0 +1,14 @@ +<?php + +require_once '../vendor/autoload.php'; +require_once 'bootstrap.php'; + +/** + * The resource action handle the request and check the authentication + authorization of the request params + * It check the QUERYSTRING params before the payload. + */ +$response = $authController->resourceAction( + \Symfony\Component\HttpFoundation\Request::createFromGlobals() // Create an request object +); + +$response->send(); // send the http response diff --git a/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/topic.php b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/topic.php new file mode 100644 index 0000000000..1ad5b4f72e --- /dev/null +++ b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/topic.php @@ -0,0 +1,14 @@ +<?php + +require_once '../vendor/autoload.php'; +require_once 'bootstrap.php'; + +/** + * The resource action handle the request and check the authentication + authorization of the request params + * It check the QUERYSTRING params before the payload. + */ +$response = $authController->topicAction( + \Symfony\Component\HttpFoundation\Request::createFromGlobals() // Create an request object +); + +$response->send(); // send the http response diff --git a/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/user.php b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/user.php new file mode 100644 index 0000000000..a8b372325a --- /dev/null +++ b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/user.php @@ -0,0 +1,14 @@ +<?php + +require_once '../vendor/autoload.php'; +require_once 'bootstrap.php'; + +/** + * The resource action handle the request and check the authentication + authorization of the request params + * It check the QUERYSTRING params before the payload. + */ +$response = $authController->userAction( + \Symfony\Component\HttpFoundation\Request::createFromGlobals() // Create an request object +); + +$response->send(); // send the http response diff --git a/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/vhost.php b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/vhost.php new file mode 100644 index 0000000000..3f49de4a88 --- /dev/null +++ b/deps/rabbitmq_auth_backend_http/examples/rabbitmq_auth_backend_php/src/vhost.php @@ -0,0 +1,14 @@ +<?php + +require_once '../vendor/autoload.php'; +require_once 'bootstrap.php'; + +/** + * The resource action handle the request and check the authentication + authorization of the request params + * It check the QUERYSTRING params before the payload. + */ +$response = $authController->vhostAction( + \Symfony\Component\HttpFoundation\Request::createFromGlobals() // Create an request object +); + +$response->send(); // send the http response |