Create Glue API authorization strategies
Edit on GitHubThis document describes how to create a new authorization strategy.
Integrate authorization following the Integrating Authorization Enabler guide.
The first step is creating a strategy that is a plugin responsible for performing the authorization:
CustomAuthorizationStrategyPlugin implementing AuthorizationStrategyPluginInterface
<?php
namespace Pyz\Client\Customer\Plugin\Authorization;
use Generated\Shared\Transfer\AuthorizationRequestTransfer;
use Spryker\Client\AuthorizationExtension\Dependency\Plugin\AuthorizationStrategyPluginInterface;
use Spryker\Glue\Kernel\AbstractPlugin;
class CustomAuthorizationStrategyPlugin extends AbstractPlugin implements AuthorizationStrategyPluginInterface
{
/**
* @var string
*/
public const STRATEGY_NAME = 'CustomAuthorizationStrategy';
/**
* {@inheritDoc}
*
* @api
*
* @param \Generated\Shared\Transfer\AuthorizationRequestTransfer $authorizationRequestTransfer
*
* @return bool
*/
public function authorize(AuthorizationRequestTransfer $authorizationRequestTransfer): bool
{
//$result = $this->getClient();
// Call any client or make an external service call.
return $result;
}
/**
* {@inheritDoc}
*
* @api
*
* @return string
*/
public function getStrategyName(): string
{
return static::STRATEGY_NAME;
}
}
The plugin has to be registered in \Spryker\Client\Authorization\AuthorizationDependencyProvider::getAuthorizationStrategyPlugins
.
AuthorizationClient::authorize()
runs the plugins from this stack.
To connect the resources and custom routes with this strategy, they need to implement AuthorizationStrategyAwareResourceRoutePluginInterface
pointing to the strategy:
DummyStoresResource implementing AuthorizationStrategyAwareResourceRoutePluginInterface
<?php
namespace Pyz\Glue\DummyStoresApi\Plugin;
use Generated\Shared\Transfer\RouteAuthorizationConfigTransfer;
use Spryker\Glue\GlueApplication\Plugin\GlueApplication\AbstractResourcePlugin;
use Spryker\Glue\GlueApplicationAuthorizationConnectorExtension\Dependency\Plugin\AuthorizationStrategyAwareResourceRoutePluginInterface;
use Spryker\Glue\GlueJsonApiConventionExtension\Dependency\Plugin\JsonApiResourceInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Spryker\Client\Customer\Plugin\Authorization\CustomAuthorizationStrategyPlugin;
class DummyStoresResource extends AbstractResourcePlugin implements JsonApiResourceInterface, AuthorizationStrategyAwareResourceRoutePluginInterface
{
/**
* @return array<\Generated\Shared\Transfer\RouteAuthorizationConfigTransfer>
*/
public function getRouteAuthorizationConfigurations(): array
{
return [
Request::METHOD_GET => (new RouteAuthorizationConfigTransfer())
->addStrategy(CustomAuthorizationStrategyPlugin::STRATEGY_NAME)
->setApiCode('xx01')
->setHttpStatusCode(Response::HTTP_NOT_FOUND)
->setApiMessage('Authorization failed.'),
];
}
}
FIELD IN ROUTE AUTHORIZATION CONFIG TRANSFER | DESCRIPTION |
---|---|
strategies |
The array of strategies name to be used to evaluate the request. |
apiCode |
API code returned if authorization fails. |
httpStatusCode |
HTTP response status returned if authorization fails. |
apiMessage |
API message returned if authorization fails. |
Thank you!
For submitting the form