Make Oauth module an AuthenticationProvider [#2027863]

While this patch gets committed (#1890878: Add modular authentication system, including Http Basic; deprecate global $user) in core, we can start making this module support the Authentication Management system that will be put in place.

Comment	File	Size	Author
#7	oauth-authentication-provider-2027863-7.patch	1.81 KB	juampynr
#7
#7	interdiff.txt	412 bytes	juampynr
#4	oauth-authentication-provider-2027863-4.patch	1.98 KB	juampynr
#4
#4	interdiff.txt	640 bytes	juampynr
#3	oauth-authentication-provider-2027863-3.patch	1.71 KB	juampynr
#3
#1	2027863-oauth-authentication-provider.patch	1.68 KB	juampynr
#1

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

juampynr CreditAttribution: juampynr commented 25 June 2013 at 16:35

Status:

Active

» Needs review

File	Size
2027863-oauth-authentication-provider.patch	1.68 KB

First pass. I am getting the following error when REST module is enabled and then I enable OAuth:

ReflectionException: Class Drupal\oauth\Authentication\Provider\OAuthProvider does not exist in ReflectionClass->__construct() (line 961 of /home/juampy/projects/drupal8b/core/vendor/symfony/dependency-injection/Symfony/Component/DependencyInjection/ContainerBuilder.php).
The website has encountered an error. Please try again later.

Comment #2

ygerasimov CreditAttribution: ygerasimov commented 25 June 2013 at 16:41

Status:

Needs review

» Needs work

+++ b/oauth.services.ymlundefined
@@ -0,0 +1,6 @@
+services:
+  oauth.provider:
+    class: Drupal\oauth\Authentication\Provider\OAuthProvider
+    arguments: ['@config.factory']

Please have a key authentication.oauth when registering service in container.

From latest patch of #1890878.

+  public function addProvider($provider_id, AuthenticationProviderInterface $provider, $priority = 0) {
+    $provider_id = substr($provider_id, strlen('authentication.'));
+
+    $this->providers[$provider_id] = $provider;
+    $this->providerOrders[$priority][$provider_id] = $provider;
+    // Force the builders to be re-sorted.
+    $this->sortedProviders = NULL;
+  }

Comment #3

juampynr CreditAttribution: juampynr commented 26 June 2013 at 09:53

File	Size
oauth-authentication-provider-2027863-3.patch	1.71 KB

Great! The provider is picked up now. I am looking at how the authenticate() method should work.

Comment #4

juampynr CreditAttribution: juampynr commented 26 June 2013 at 11:50

File	Size
interdiff.txt	640 bytes
oauth-authentication-provider-2027863-4.patch	1.98 KB

Figured out. Now moving on to how to use the authenticate() method to authenticate the request.

Comment #5

juampynr CreditAttribution: juampynr commented 26 June 2013 at 11:51

Title:

Make Oauth an AuthenticationProvider

» Make Oauth module an AuthenticationProvider

Improving title.

Comment #6

corvus_ch CreditAttribution: corvus_ch commented 26 June 2013 at 12:04

Nice work so far. Just a few notes from my side.

+++ b/oauth.services.ymlundefined
@@ -0,0 +1,6 @@
+    arguments: ['@config.factory']

This will path in the config service to the constructor. You currently do not need it so this line can be deleted.

If you have the feeling that you might need the config service. Implement a constructor and store the config to a class variable. See Drupal\Core\Authentication\Provider\ HttpBasic

+++ b/oauth.services.ymlundefined
@@ -0,0 +1,6 @@
+      - { name: authentication_provider, priority: 1000 }

You might want to reduce that. Basic Auth has a priority of 100. Applying the same priority will be sufficient.

Comment #7

juampynr CreditAttribution: juampynr commented 26 June 2013 at 12:21

File	Size
interdiff.txt	412 bytes
oauth-authentication-provider-2027863-7.patch	1.81 KB

Done :D

Continuing with the authenticate() method.

Comment #8

pcambra

he/him

Spanish

Asturies

CreditAttribution: pcambra commented 26 June 2013 at 14:23

Status:

Needs work

» Needs review

Comment #9

juampynr CreditAttribution: juampynr commented 1 July 2013 at 23:27

Status:

Needs review

» Postponed

There are several errors in CMI when importing rest.settings.yml. I want to set this up first in core before starting to work in authenticating requests (there is no way to set this up if rest.settings.yml cannot be imported).

Comment #10

juampynr CreditAttribution: juampynr commented 9 July 2013 at 10:15

Status:

Postponed

» Active

REST module configured locally (fixed a confusing bug in core while setting it up).

I have committed the above patch at 8.x-1.x.

I have been reading the docs of the OAuth PECL library

Now I am implementing two-legged-authentication at the authenticate() method of OAuthProvider class based in this example:

http://svn.php.net/viewvc/pecl/oauth/trunk/examples/provider/2legged.php...

More soon.

Comment #11

juampynr CreditAttribution: juampynr commented 28 July 2013 at 18:12

Added basic implementation that supports the PECL library.

http://drupalcode.org/project/oauth.git/commitdiff/81db8ad

TODO:
* Improve README.txt
* Test the _auth option at a route to verify that a resource can only be accessed when the request is signed with OAuth.
* Implement the three-legged authentication.
* Implement the UI so users can obtain/manage OAuth Authorizations.