search

zfcampus / zf-apigility-skeleton

BSD 3-Clause "New" or "Revised" License
444 stars 123 forks source link

ModuleRouteListener won't Trigger MvcAuthEvents #127

Open disasterdrop opened 8 years ago

disasterdrop commented 8 years ago

Hi,

i have updated Apigility today and run in to this behaviour:

The oauth2 authentication rules did not work and everything was outside of authentication and served without checking if user has right Authorization header set.

What i found was that, whe i change this code in module/Application/Module.php

$moduleRouteListener = new ModuleRouteListener();
$moduleRouteListener->attach($eventManager);

to

$mvcAuthEvent = new MvcAuthEvent($e, $serviceManager->get('authentication'), $serviceManager->get('authorization'));
$moduleRouteListener = new MvcRouteListener($mvcAuthEvent, $eventManager, $serviceManager->get('authentication'));
$moduleRouteListener->attach($eventManager);

everything is working again. Was it intended to change it manually, so that you could use your own AuthListener or was it removed for ZF3 purpose?

I'm curious why nobody else was running into this... And if it's not a bug, is it a valid approach to use the MvcAuthEvent like this?

Iraecio commented 8 years ago

same problem here i updated 23/07

how u use $serviceManager

disasterdrop commented 8 years ago

@Iraecio You can access the Service Manager over the MvcEvent with: $serviceManager = $e->getApplication()->getServiceManager();

weierophinney commented 4 years ago

This repository has been closed and moved to laminas-api-tools/api-tools-skeleton; a new issue has been opened at https://github.com/laminas-api-tools/api-tools-skeleton/issues/10.