Silex

[araneta]

How to use this library with Silex? Could you give me some example?

[glena]

Is it an API using JWT or a webapp using session?

[araneta]

JWT

[glena]

It is simple, you can add a middleware to do the JWT verification like the following:

...

use Auth0\SDK\JWTVerifier;

...

$app->before(function (Request $request, Application $app) {
    $authorization = $request->headers->get('authorization', null);

    if ($authorization === null) {
        // you can reject the request or pass along without the decoded user. You can also add a second middleware to reject request in those cases were the route should be secure.
    }

    $parts = explode(' ', $authorization);

    if (count($parts) !== 2) {
        // invalid header, fail
    }

    if (strtolower($parts[0]) !== 'bearer') {
        // invalid header, fail
    }

   $jwt = $parts[1];

    try {
        $verifier = new JWTVerifier([
            'valid_audiences' => [$client_id],
            'client_secret' => $client_secret
        ]);

        $decoded = $verifier->verifyAndDecode($jwt);

        $request->attributes->set('user', $decoded);
    }
    catch (\Exception $e) {
        // invalid token, fail
    }
});

Also, check the docs about silex middlewares if you are not familiar with them http://silex.sensiolabs.org/doc/2.0/middlewares.html

[araneta]

I cant install composer require auth0/auth0-php on Silex 2 Your requirements could not be resolved to an installable set of packages.

Problem 1

• herrera-io/silex-pdo 1.2.1 requires silex/silex 1.* -> satisfiable by silex/silex[1.0.x-dev, 1.1.x-dev, 1.2.x-dev, 1.3.x-dev, v1.0.0, v1.0.1, v1.0.2, v1.1.0, v1.1.1, v1.1.2, v1.2.0, v1.2.1, v1.2.2, v1.2.3, v1.2.4, v1.2.5, v1.3.0, v1.3.1, v1.3.2, v1.3.3, v1.3.4, v1.3.5] but these conflict with your requirements or minimum-stability.
• herrera-io/silex-pdo 1.2.0 requires silex/silex 1.* -> satisfiable by silex/silex[1.0.x-dev, 1.1.x-dev, 1.2.x-dev, 1.3.x-dev, v1.0.0, v1.0.1, v1.0.2, v1.1.0, v1.1.1, v1.1.2, v1.2.0, v1.2.1, v1.2.2, v1.2.3, v1.2.4, v1.2.5, v1.3.0, v1.3.1, v1.3.2, v1.3.3, v1.3.4, v1.3.5] but these conflict with your requirements or minimum-stability.
• herrera-io/silex-pdo 1.1.0 requires silex/silex 1.* -> satisfiable by silex/silex[1.0.x-dev, 1.1.x-dev, 1.2.x-dev, 1.3.x-dev, v1.0.0, v1.0.1, v1.0.2, v1.1.0, v1.1.1, v1.1.2, v1.2.0, v1.2.1, v1.2.2, v1.2.3, v1.2.4, v1.2.5, v1.3.0, v1.3.1, v1.3.2, v1.3.3, v1.3.4, v1.3.5] but these conflict with your requirements or minimum-stability.
• herrera-io/silex-pdo 1.0.0 requires silex/silex 1.* -> satisfiable by silex/silex[1.0.x-dev, 1.1.x-dev, 1.2.x-dev, 1.3.x-dev, v1.0.0, v1.0.1, v1.0.2, v1.1.0, v1.1.1, v1.1.2, v1.2.0, v1.2.1, v1.2.2, v1.2.3, v1.2.4, v1.2.5, v1.3.0, v1.3.1, v1.3.2, v1.3.3, v1.3.4, v1.3.5] but these conflict with your requirements or minimum-stability.
• Installation request for herrera-io/silex-pdo 1.* -> satisfiable by herrera-io/silex-pdo[1.0.0, 1.1.0, 1.2.0, 1.2.1].

Installation failed, reverting ./composer.json to its original content.

Please help

[glena]

that issue seems to be related to silex-pdo (which has no dependency in common with auth0-php) not the auth0 sdk. If you remove herrera-io/silex-pdo does it run well?

[araneta]

thanks its working

[araneta]

then how to integrate it with the login process? and how to protect this route /api/** ? Thanks

[glena]

about the login process, I would recommend you to check our docs for example (https://auth0.com/docs/architecture-scenarios). Also you can check any of our SPA seed projects to see how the client should integrate with auth0 to fetch a token when the user logs in and how to send it to the api https://auth0.com/docs/quickstart/spa/vanillajs (this is one with vanilla js, there are other options too)

About protecting /api you just need to add this middleware to the routes you want to secure.

[github-actions[bot]]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.