Skip to content
/ oauth2-esia-bundle Public

Configuration and symfony services for ekapusta/oauth2-esia.

License

MIT license
7 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ekapusta/oauth2-esia-bundle

BranchesTags

Repository files navigation

OAuth2 ESIA bundle

Build Status Software License

Configuration and symfony services for ekapusta/oauth2-esia.

Install

composer require ekapusta/oauth2-esia-bundle

In your kernell add to other bundles:

new Ekapusta\OAuth2EsiaBundle\EkapustaOAuth2EsiaBundle(),

Configuration

Signer

Decide which signer to use and set these params in your config:

ekapusta_oauth2_esia.signer.class_name: Ekapusta\OAuth2Esia\Security\Signer\OpensslCli
ekapusta_oauth2_esia.signer.certificate_path: /path/to/your/certificate/with/public-key-inside.cer
ekapusta_oauth2_esia.signer.private_key_path: /path/to/your/certificates/private.key
ekapusta_oauth2_esia.signer.private_key_password: 'some password'
ekapusta_oauth2_esia.signer.tool_path: /path/to/your/openssl

Provider

You must configure your client_id and redirect_uri.

ekapusta_oauth2_esia.client_id: SOMESYSTEM
ekapusta_oauth2_esia.redirect_uri: https://your-system.domain/auth/finish

Scopes should be configured if you need more info from authorized user. Please note, that you should set here only scopes, for which you have permission to use. Full list of scopes are at methodical recommendations.

ekapusta_oauth2_esia.default_scopes: ['openid', 'fullname', '...']

Test mode

To use test mode put your provider to test portal as:

ekapusta_oauth2_esia.remote_url: 'https://esia-portal1.test.gosuslugi.ru'
ekapusta_oauth2_esia.remote_public_key: '%ekapusta_oauth2_esia.vendor.resources_path%/esia.test.public.key'

RS256 algo

By default we now use GOST algo for remote verification. To use RSA RS256:

ekapusta_oauth2_esia.remote_public_key: '%ekapusta_oauth2_esia.vendor.resources_path%/esia.prod.public.key'
ekapusta_oauth2_esia.remote_signer.algorytm: 'RS256'

Logging

Currently logger is used only at transport level: injected into guzzle http client. You can configure your own logger class by ekapusta_oauth2_esia.logger.class param. Or just redefine at your config service ekapusta_oauth2_esia.logger.

Usage

There are two DI-services available: ekapusta_oauth2_esia.provider and ekapusta_oauth2_esia.service. When you need just authorize user and get information, then you could use ekapusta_oauth2_esia.service. In other cases use ekapusta_oauth2_esia.provider. 2nd is just a simplified facade for 1st.

About

Configuration and symfony services for ekapusta/oauth2-esia.

Topics

oauth2 symfony oauth2-provider openid-connect symfoy-bundle esia

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

7 stars

Watchers

5 watching

Forks

2 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages