search

ecphp / cas-bundle

CAS Bundle, a standard Symfony bundle for authentication using CAS protocol.
https://ecphp-cas-bundle.readthedocs.io
BSD 3-Clause "New" or "Revised" License
43 stars 9 forks source link

Is it possible to use a custom user provider? #83

Closed cctgteddy closed 1 month ago

cctgteddy commented 1 year ago

Hi I'm coming back to this after failing to do so with issue #73. I think us being on PHP 7.4 at the time and Symfony 5.4 may have contributed, or I may have misconfigured the security config.

Either way, I successfully have it working now however I'd like to use a custom user provider.

We have a shared bundle across all our internal apps which includes a custom user class giving us access to many of our internal-specific user functionality.

When I've used PRayno/casauth-bundle I was able to use its authenticator without using its provider. More recently just wrapped phpCAS into Symfony I was able to do this but I'm finding occasionally my custom wrapper is a bit janky.

This bundle is hard-coding the CasUserProvider into the CasAuthenticator.

Sorry if I'm not being clear, short version: I want to use the CasAuthenticator class, but I want to provide my own User and UserProvider classes.

Is this possible?

cctgteddy commented 1 year ago

Alternatively - if this bundle permitted me to add custom roles to my user object that would be sufficient. Our current user class & provider adds some ROLE_INTERNAL, ROLE_TEAM_X etc to our users...including ROLE_ALLOWED_TO_SWITCH.

I don't specifically need the custom user provider if I can add application-defined roles to the user.

drupol commented 1 year ago

Hello,

Which version of CAS-Bundle are you using?

Long story short, there was a time where the user provider was hard coded in the authenticator, but it's not the case anymore.

cctgteddy commented 1 year ago

I'm using 2.5.5

Correct me if I'm wrong, but isn't that still hard-coding EcPhp\CasBundle\Security\Core\User\CasUserProviderInterface as the type hint? That's the one I'd like to switch to another provider.

drupol commented 1 year ago

Absolutely not.

CasUserProviderInterface is an interface. Therefore, you can inject any concrete implementation as long as it is implementing that interface, it will be fine.

The default User provider is binded to this interface in the container, see here.

If you want to use your own user provider, I would suggest to make a decorator of the existing one, like it is done in eu-login-bundle at: https://github.com/ecphp/eu-login-bundle/blob/master/src/Resources/config/services.php#L32

Let me know if you need more help on this.