Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
While this patch gets committed (#1890878: Add modular authentication system, including Http Basic; deprecate global $user) in core, we can start making this module support the Authentication Management system that will be put in place.
Comment | File | Size | Author |
---|---|---|---|
#7 | oauth-authentication-provider-2027863-7.patch | 1.81 KB | juampynr |
#7 | interdiff.txt | 412 bytes | juampynr |
#4 | oauth-authentication-provider-2027863-4.patch | 1.98 KB | juampynr |
#4 | interdiff.txt | 640 bytes | juampynr |
#3 | oauth-authentication-provider-2027863-3.patch | 1.71 KB | juampynr |
Comments
Comment #1
juampynr CreditAttribution: juampynr commentedFirst pass. I am getting the following error when REST module is enabled and then I enable OAuth:
Comment #2
ygerasimov CreditAttribution: ygerasimov commentedPlease have a key authentication.oauth when registering service in container.
From latest patch of #1890878.
Comment #3
juampynr CreditAttribution: juampynr commentedGreat! The provider is picked up now. I am looking at how the authenticate() method should work.
Comment #4
juampynr CreditAttribution: juampynr commentedFigured out. Now moving on to how to use the authenticate() method to authenticate the request.
Comment #5
juampynr CreditAttribution: juampynr commentedImproving title.
Comment #6
corvus_ch CreditAttribution: corvus_ch commentedNice work so far. Just a few notes from my side.
This will path in the config service to the constructor. You currently do not need it so this line can be deleted.
If you have the feeling that you might need the config service. Implement a constructor and store the config to a class variable. See
Drupal\Core\Authentication\Provider\ HttpBasic
You might want to reduce that. Basic Auth has a priority of 100. Applying the same priority will be sufficient.
Comment #7
juampynr CreditAttribution: juampynr commentedDone :D
Continuing with the authenticate() method.
Comment #8
pcambraComment #9
juampynr CreditAttribution: juampynr commentedThere are several errors in CMI when importing rest.settings.yml. I want to set this up first in core before starting to work in authenticating requests (there is no way to set this up if rest.settings.yml cannot be imported).
Comment #10
juampynr CreditAttribution: juampynr commentedREST module configured locally (fixed a confusing bug in core while setting it up).
I have committed the above patch at 8.x-1.x.
I have been reading the docs of the OAuth PECL library
Now I am implementing two-legged-authentication at the authenticate() method of OAuthProvider class based in this example:
http://svn.php.net/viewvc/pecl/oauth/trunk/examples/provider/2legged.php...
More soon.
Comment #11
juampynr CreditAttribution: juampynr commentedAdded basic implementation that supports the PECL library.
http://drupalcode.org/project/oauth.git/commitdiff/81db8ad
TODO:
* Improve README.txt
* Test the _auth option at a route to verify that a resource can only be accessed when the request is signed with OAuth.
* Implement the three-legged authentication.
* Implement the UI so users can obtain/manage OAuth Authorizations.
Comment #12
juampynr CreditAttribution: juampynr commentedMarking as fixed. Follow up is #2084373: Port logic to manage OAuth consumers for two-legged authentication