Ibrows HMAC Bundle adds a SecurityListenerFactor which provide a hmac authentication for configured firewall This is a recommend way to sign and verify RESTful Web API requests
-
Add IbrowsHmacBundle in your composer.json:
{ "require": { "ibrows/hmac-bundle": "~1.0", } }
-
Now tell composer to download the bundle by running the command:
$ php composer.phar update ibrows/hmac-bundle
-
Add the bundle to your
AppKernelclass// app/AppKernerl.php public function registerBundles() { $bundles = array( // ... new \Ibrows\HmacBundle\IbrowsHmacBundle(), // ... ); // ... }
-
Sample Configuration of your security.yml
security: firewalls: api: pattern: ^/api stateless: true anonymous: ~ provider: api_provider ibrows_hmac: authentication_provider_key: me access_control: - { path: ^/api/, roles: ROLE_API } password_hashers: Symfony\Component\Security\Core\User\User: plaintext providers: api_provider: memory: users: test: password: test roles: ['ROLE_API']