From 2a97f924e49335baf4358cf5d8eb9b1765fdee6f Mon Sep 17 00:00:00 2001 From: jannisp Date: Thu, 22 Apr 2021 14:42:22 +0200 Subject: [PATCH] install security-bundle --- composer.json | 1 + composer.lock | 582 +++++++++++++++++++++++++++++++++- config/bundles.php | 1 + config/packages/security.yaml | 24 ++ symfony.lock | 30 ++ 5 files changed, 637 insertions(+), 1 deletion(-) create mode 100644 config/packages/security.yaml diff --git a/composer.json b/composer.json index 0dd760e..ef0c947 100644 --- a/composer.json +++ b/composer.json @@ -11,6 +11,7 @@ "symfony/dotenv": "5.2.*", "symfony/flex": "^1.3.1", "symfony/framework-bundle": "5.2.*", + "symfony/security-bundle": "5.2.*", "symfony/twig-bundle": "5.2.*", "symfony/yaml": "5.2.*", "twig/extra-bundle": "^2.12|^3.0", diff --git a/composer.lock b/composer.lock index 063db0d..bbcea49 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "fee0444f3bce0bd9f6d19f7caab000fc", + "content-hash": "51e5644c96ea19474ba8c98725bd9d64", "packages": [ { "name": "psr/cache", @@ -2019,6 +2019,177 @@ ], "time": "2021-01-07T16:49:33+00:00" }, + { + "name": "symfony/property-access", + "version": "v5.2.4", + "source": { + "type": "git", + "url": "https://github.com/symfony/property-access.git", + "reference": "3af8ed262bd3217512a13b023981fe68f36ad5f3" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/property-access/zipball/3af8ed262bd3217512a13b023981fe68f36ad5f3", + "reference": "3af8ed262bd3217512a13b023981fe68f36ad5f3", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1", + "symfony/polyfill-php80": "^1.15", + "symfony/property-info": "^5.2" + }, + "require-dev": { + "symfony/cache": "^4.4|^5.0" + }, + "suggest": { + "psr/cache-implementation": "To cache access methods." + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\PropertyAccess\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides functions to read and write from/to an object or array using a simple string notation", + "homepage": "https://symfony.com", + "keywords": [ + "access", + "array", + "extraction", + "index", + "injection", + "object", + "property", + "property path", + "reflection" + ], + "support": { + "source": "https://github.com/symfony/property-access/tree/v5.2.4" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-01-27T10:15:41+00:00" + }, + { + "name": "symfony/property-info", + "version": "v5.2.4", + "source": { + "type": "git", + "url": "https://github.com/symfony/property-info.git", + "reference": "7185bbc74e6f49c3f1b5936b4d9e4ca133921189" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/property-info/zipball/7185bbc74e6f49c3f1b5936b4d9e4ca133921189", + "reference": "7185bbc74e6f49c3f1b5936b4d9e4ca133921189", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1", + "symfony/polyfill-php80": "^1.15", + "symfony/string": "^5.1" + }, + "conflict": { + "phpdocumentor/reflection-docblock": "<3.2.2", + "phpdocumentor/type-resolver": "<1.4.0", + "symfony/dependency-injection": "<4.4" + }, + "require-dev": { + "doctrine/annotations": "^1.10.4", + "phpdocumentor/reflection-docblock": "^3.0|^4.0|^5.0", + "symfony/cache": "^4.4|^5.0", + "symfony/dependency-injection": "^4.4|^5.0", + "symfony/serializer": "^4.4|^5.0" + }, + "suggest": { + "phpdocumentor/reflection-docblock": "To use the PHPDoc", + "psr/cache-implementation": "To cache results", + "symfony/doctrine-bridge": "To use Doctrine metadata", + "symfony/serializer": "To use Serializer metadata" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\PropertyInfo\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Kévin Dunglas", + "email": "dunglas@gmail.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Extracts information about PHP class' properties using metadata of popular sources", + "homepage": "https://symfony.com", + "keywords": [ + "doctrine", + "phpdoc", + "property", + "symfony", + "type", + "validator" + ], + "support": { + "source": "https://github.com/symfony/property-info/tree/v5.2.4" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-02-17T15:24:54+00:00" + }, { "name": "symfony/routing", "version": "v5.2.6", @@ -2109,6 +2280,415 @@ ], "time": "2021-03-14T13:53:33+00:00" }, + { + "name": "symfony/security-bundle", + "version": "v5.2.6", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-bundle.git", + "reference": "26550782d6e6db6fbfd7702ae0ccef7964c3535d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-bundle/zipball/26550782d6e6db6fbfd7702ae0ccef7964c3535d", + "reference": "26550782d6e6db6fbfd7702ae0ccef7964c3535d", + "shasum": "" + }, + "require": { + "ext-xml": "*", + "php": ">=7.2.5", + "symfony/config": "^4.4|^5.0", + "symfony/dependency-injection": "^5.2", + "symfony/deprecation-contracts": "^2.1", + "symfony/event-dispatcher": "^5.1", + "symfony/http-kernel": "^5.0", + "symfony/polyfill-php80": "^1.15", + "symfony/security-core": "^5.2", + "symfony/security-csrf": "^4.4|^5.0", + "symfony/security-guard": "^5.2", + "symfony/security-http": "^5.2" + }, + "conflict": { + "symfony/browser-kit": "<4.4", + "symfony/console": "<4.4", + "symfony/framework-bundle": "<4.4", + "symfony/ldap": "<4.4", + "symfony/twig-bundle": "<4.4" + }, + "require-dev": { + "doctrine/doctrine-bundle": "^2.0", + "symfony/asset": "^4.4|^5.0", + "symfony/browser-kit": "^4.4|^5.0", + "symfony/console": "^4.4|^5.0", + "symfony/css-selector": "^4.4|^5.0", + "symfony/dom-crawler": "^4.4|^5.0", + "symfony/expression-language": "^4.4|^5.0", + "symfony/form": "^4.4|^5.0", + "symfony/framework-bundle": "^5.2", + "symfony/process": "^4.4|^5.0", + "symfony/rate-limiter": "^5.2", + "symfony/serializer": "^4.4|^5.0", + "symfony/translation": "^4.4|^5.0", + "symfony/twig-bridge": "^4.4|^5.0", + "symfony/twig-bundle": "^4.4|^5.0", + "symfony/validator": "^4.4|^5.0", + "symfony/yaml": "^4.4|^5.0", + "twig/twig": "^2.13|^3.0.4" + }, + "type": "symfony-bundle", + "autoload": { + "psr-4": { + "Symfony\\Bundle\\SecurityBundle\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides a tight integration of the Security component into the Symfony full-stack framework", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-bundle/tree/v5.2.6" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-03-23T12:45:44+00:00" + }, + { + "name": "symfony/security-core", + "version": "v5.2.6", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-core.git", + "reference": "9dcedab1c2c637fc9a377b3a9313a61087609760" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-core/zipball/9dcedab1c2c637fc9a377b3a9313a61087609760", + "reference": "9dcedab1c2c637fc9a377b3a9313a61087609760", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1", + "symfony/event-dispatcher-contracts": "^1.1|^2", + "symfony/polyfill-php80": "^1.15", + "symfony/service-contracts": "^1.1.6|^2" + }, + "conflict": { + "symfony/event-dispatcher": "<4.4", + "symfony/ldap": "<4.4", + "symfony/security-guard": "<4.4", + "symfony/validator": "<5.2" + }, + "require-dev": { + "psr/container": "^1.0|^2.0", + "psr/log": "~1.0", + "symfony/event-dispatcher": "^4.4|^5.0", + "symfony/expression-language": "^4.4|^5.0", + "symfony/http-foundation": "^4.4|^5.0", + "symfony/ldap": "^4.4|^5.0", + "symfony/translation": "^4.4|^5.0", + "symfony/validator": "^5.2" + }, + "suggest": { + "psr/container-implementation": "To instantiate the Security class", + "symfony/event-dispatcher": "", + "symfony/expression-language": "For using the expression voter", + "symfony/http-foundation": "", + "symfony/ldap": "For using LDAP integration", + "symfony/validator": "For using the user password constraint" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Core\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - Core Library", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-core/tree/v5.2.6" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-03-10T22:10:15+00:00" + }, + { + "name": "symfony/security-csrf", + "version": "v5.2.4", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-csrf.git", + "reference": "e22ef49d5d3773014942f3dfe301b168a4a833dc" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-csrf/zipball/e22ef49d5d3773014942f3dfe301b168a4a833dc", + "reference": "e22ef49d5d3773014942f3dfe301b168a4a833dc", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/security-core": "^4.4|^5.0" + }, + "conflict": { + "symfony/http-foundation": "<4.4" + }, + "require-dev": { + "symfony/http-foundation": "^4.4|^5.0" + }, + "suggest": { + "symfony/http-foundation": "For using the class SessionTokenStorage." + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Csrf\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - CSRF Library", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-csrf/tree/v5.2.4" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-01-27T10:01:46+00:00" + }, + { + "name": "symfony/security-guard", + "version": "v5.2.4", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-guard.git", + "reference": "a191352047f2ea0d927c62e1a2f261cf906d1bde" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-guard/zipball/a191352047f2ea0d927c62e1a2f261cf906d1bde", + "reference": "a191352047f2ea0d927c62e1a2f261cf906d1bde", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/polyfill-php80": "^1.15", + "symfony/security-core": "^5.0", + "symfony/security-http": "^4.4.1|^5.0.1" + }, + "require-dev": { + "psr/log": "~1.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Guard\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - Guard", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-guard/tree/v5.2.4" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-01-27T10:15:41+00:00" + }, + { + "name": "symfony/security-http", + "version": "v5.2.6", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-http.git", + "reference": "a4b3d122ee0c263850ca1ed620faa1b3a8e7584b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-http/zipball/a4b3d122ee0c263850ca1ed620faa1b3a8e7584b", + "reference": "a4b3d122ee0c263850ca1ed620faa1b3a8e7584b", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1", + "symfony/http-foundation": "^5.2", + "symfony/http-kernel": "^5.2", + "symfony/polyfill-php80": "^1.15", + "symfony/property-access": "^4.4|^5.0", + "symfony/security-core": "^5.2" + }, + "conflict": { + "symfony/event-dispatcher": "<4.3", + "symfony/security-csrf": "<4.4" + }, + "require-dev": { + "psr/log": "~1.0", + "symfony/cache": "^4.4|^5.0", + "symfony/rate-limiter": "^5.2", + "symfony/routing": "^4.4|^5.0", + "symfony/security-csrf": "^4.4|^5.0", + "symfony/translation": "^4.4|^5.0" + }, + "suggest": { + "symfony/routing": "For using the HttpUtils class to create sub-requests, redirect the user, and match URLs", + "symfony/security-csrf": "For using tokens to protect authentication/logout attempts" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Http\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - HTTP Integration", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-http/tree/v5.2.6" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-03-28T17:23:00+00:00" + }, { "name": "symfony/service-contracts", "version": "v2.4.0", diff --git a/config/bundles.php b/config/bundles.php index 4ce0d70..21b501d 100644 --- a/config/bundles.php +++ b/config/bundles.php @@ -4,4 +4,5 @@ return [ Symfony\Bundle\FrameworkBundle\FrameworkBundle::class => ['all' => true], Symfony\Bundle\TwigBundle\TwigBundle::class => ['all' => true], Twig\Extra\TwigExtraBundle\TwigExtraBundle::class => ['all' => true], + Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true], ]; diff --git a/config/packages/security.yaml b/config/packages/security.yaml new file mode 100644 index 0000000..0e4cf3d --- /dev/null +++ b/config/packages/security.yaml @@ -0,0 +1,24 @@ +security: + # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers + providers: + users_in_memory: { memory: null } + firewalls: + dev: + pattern: ^/(_(profiler|wdt)|css|images|js)/ + security: false + main: + anonymous: true + lazy: true + provider: users_in_memory + + # activate different ways to authenticate + # https://symfony.com/doc/current/security.html#firewalls-authentication + + # https://symfony.com/doc/current/security/impersonating_user.html + # switch_user: true + + # Easy way to control access for large sections of your site + # Note: Only the *first* access control that matches will be used + access_control: + # - { path: ^/admin, roles: ROLE_ADMIN } + # - { path: ^/profile, roles: ROLE_USER } diff --git a/symfony.lock b/symfony.lock index 1834b8c..fbd03f9 100644 --- a/symfony.lock +++ b/symfony.lock @@ -112,6 +112,12 @@ "symfony/polyfill-php80": { "version": "v1.22.1" }, + "symfony/property-access": { + "version": "v5.2.4" + }, + "symfony/property-info": { + "version": "v5.2.4" + }, "symfony/routing": { "version": "5.1", "recipe": { @@ -126,6 +132,30 @@ "config/routes.yaml" ] }, + "symfony/security-bundle": { + "version": "5.1", + "recipe": { + "repo": "github.com/symfony/recipes", + "branch": "master", + "version": "5.1", + "ref": "0a4bae19389d3b9cba1ca0102e3b2bccea724603" + }, + "files": [ + "config/packages/security.yaml" + ] + }, + "symfony/security-core": { + "version": "v5.2.6" + }, + "symfony/security-csrf": { + "version": "v5.2.4" + }, + "symfony/security-guard": { + "version": "v5.2.4" + }, + "symfony/security-http": { + "version": "v5.2.6" + }, "symfony/service-contracts": { "version": "v2.4.0" },