Comments (11)
Ok, I'll try.
Something to keep in mind is that I am using it with the Authentication and Authorization plugins.
from cakephp-tinyauth.
Can you Show the details? Like URLs and Controller code?
from cakephp-tinyauth.
Initialize on AppController.php (non-prefixed)
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
$this->loadComponent('FormProtection', [
'validationFailureCallback' => function (BadRequestException $exception) {
$this->Flash->error(__('Something went wrong... <strong>Please refresh the page.</strong>'), ['escape' => false]);
return $this->redirect( $this->request->referer() );
}
]);
$this->loadComponent('TinyAuth.Authentication');
$this->loadComponent('TinyAuth.Authorization');
Initialize on AppController.php (Api prefixed, inside Api folder)
$this->loadComponent('RequestHandler');
$this->loadComponent('TinyAuth.Authentication');
$this->loadComponent('TinyAuth.Authorization');
CountriesController.php (common CRUD functions)
CountriesController.php on Api folder (only index function)
auth_allow.ini
Api/Countries = index
Application.php
getAuthenticationService function:
if (strpos($path, '/api') === 0) {
$service->loadAuthenticator('Authentication.Jwt', [
'returnPayload' => false
]);
$service->loadAuthenticator('ApiForm');
$service->loadIdentifier('Authentication.JwtSubject', [
'resolver' => [
'className' => 'Authentication.Orm',
'finder' => 'jwt'
]
]);
$service->loadIdentifier('Password', [
'fields' => $pwd_fields,
'resolver' => [
'className' => 'Authentication.Orm',
'finder' => 'jwt'
]
]);
return $service;
}
$service->setConfig([
'unauthenticatedRedirect' => '/backoffice',
//'queryParam' => 'redirect',
]);
$service->loadAuthenticator('Authentication.Session');
$service->loadAuthenticator('Authentication.Form', [
'fields' => $form_fields,
'loginUrl' => '/backoffice',
]);
$service->loadAuthenticator('Authentication.Cookie', [
'fields' => $form_fields,
'loginUrl' => '/backoffice',
'cookie' => [
'expires' => new \DateTime('+1 week')
]
]);
$service->loadIdentifier('Password', [
'fields' => $pwd_fields,
]);
getAuthorizationService function:
$resolver = new MapResolver();
$policy = new RequestPolicy([
'includeAuthentication' => true,
]);
$resolver->map(ServerRequest::class, $policy);
return new AuthorizationService($resolver);
Let me know if you need more code or something else.
Thanks!
from cakephp-tinyauth.
@dereuromark, have you found anything or do you have any ideas to fix this problem? Thanks in advance
from cakephp-tinyauth.
Are you able to reproduce sth similar with demo actions on the sandbox?
https://github.com/dereuromark/cakephp-sandbox
That would help, as once reproduced it is easy to track down and find the issue or a fix.
from cakephp-tinyauth.
I think I found something.
In AllowTrait.php:
protected function _getAllowRule(array $params) {
$rules = $this->_getAllow($this->getConfig('allowFilePath'));
$allowDefaults = $this->_getAllowDefaultsForCurrentParams($params);
foreach ($rules as $rule) {
if ($params['plugin'] && $params['plugin'] !== $rule['plugin']) {
continue;
}
if (!empty($params['prefix']) && $params['prefix'] !== $rule['prefix']) {
continue;
}
/*
* this check is missing when the prefix key is not set in the parameter array and the prefix is set in the rule
*/
if (empty($params['prefix']) && !empty($rule['prefix'])) {
continue;
}
/* */
if ($params['controller'] !== $rule['controller']) {
continue;
}
if ($allowDefaults) {
$rule['allow'] = array_merge($rule['allow'], $allowDefaults);
}
return $rule;
}
return [
'allow' => $allowDefaults,
'deny' => [],
];
}
These are the $params
[
'controller' => 'Countries',
'pass' => [ ],
'action' => 'index',
'plugin' => null,
'_matchedRoute' => '/{controller}',
'_ext' => null,
]
And this is the returned $rule
[
'plugin' => null,
'prefix' => 'Api',
'controller' => 'Countries',
'map' => [
(int) 0 => 'index',
],
'deny' => [ ],
'allow' => [
(int) 0 => 'index',
],
]
from cakephp-tinyauth.
Do u have a fix as well? That would solve the issue?
from cakephp-tinyauth.
This resolves this particular scenario.
Maybe we need to run some tests.
Is there a scenario like plugin key or any other key is not present?
from cakephp-tinyauth.
Another way is to fill missing keys in params before send to "_getAllowRule()".
In AuthenticationComponent.php there is a "_prepareAuthentication()" function, maybe we can fill missing params there before calling _getAllowRule().
This is in line 99 of AuthenticationComponent.php
$rule = $this->_getAllowRule($this->_registry->getController()->getRequest()->getAttribute('params'));
change to
$params = $this->_registry->getController()->getRequest()->getAttribute('params');
if ( !isset($params['plugin']) ) {
$params['plugin'] = NULL;
}
if ( !isset($params['prefix']) ) {
$params['prefix'] = NULL;
}
$rule = $this->_getAllowRule($params);
from cakephp-tinyauth.
And this for _getAllowRule()
protected function _getAllowRule(array $params) {
$rules = $this->_getAllow($this->getConfig('allowFilePath'));
$allowDefaults = $this->_getAllowDefaultsForCurrentParams($params);
foreach ($rules as $rule) {
if ( isset($params['plugin']) && !is_null($params['plugin']) ) {
if ($params['plugin'] !== $rule['plugin']) {
continue;
}
} else {
if (!empty($rule['plugin'])) {
continue;
}
}
if ( isset($params['prefix']) && !is_null($params['prefix']) ) {
if ($params['prefix'] !== $rule['prefix']) {
continue;
}
} else {
if (!empty($rule['prefix'])) {
continue;
}
}
if ($params['controller'] !== $rule['controller']) {
continue;
}
if ($allowDefaults) {
$rule['allow'] = array_merge($rule['allow'], $allowDefaults);
}
return $rule;
}
return [
'allow' => $allowDefaults,
'deny' => [],
];
}
Because same behavior for Plugin Routes such as Api.Countries = index
from cakephp-tinyauth.
Are u able to make a PR with suggested change?
from cakephp-tinyauth.
Related Issues (20)
- Adding PHP, YAML, ... adapters? HOT 2
- Cake4 - Documentation suggestions HOT 3
- Missing TinyAuth role id field (Auth.User.user_role) in user session (CakePHP 4) HOT 4
- Not working with Authentication and Authorization plugins HOT 10
- Cake 3.x Auth component mentioned in docs HOT 3
- Problem with multipleRoles option on HOT 5
- AuthPanel in DebugKit is not working HOT 2
- How to log in an User HOT 4
- Problem when using new Cakephp Authentication Plugin HOT 1
- Not getting the latest version with composer HOT 5
- Integration with authentication plugin and JWT HOT 3
- Incompatibility with CRUD plugin HOT 1
- Scoped Prefix Routing Bug HOT 4
- Fatal error : Public function getAuthorizationService HOT 2
- Authorization plugin and TinyAuth together HOT 3
- set config - authorization HOT 6
- Vulnerability in laminas/laminas-diactoros HOT 1
- Read ID of Roles table from config HOT 3
- Table class for alias roles_users could not be found. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cakephp-tinyauth.