Integrate the API Key authorization

Edit on GitHub

This document describes how to integrate the API Key authorization to Backend API applications in a Spryker project.

Install feature core

Follow the steps below to install the API Key authorization feature core.

Prerequisites

Install the required features:

NAME VERSION INSTALLATION GUIDE
Spryker Core latest Install the Spryker Core feature
Backend API Application Integrate Backend API

1) Install the required modules

Install the required modules using Composer:

commposer require spryker/api-key-authorization-connector:"^1.1.0" \
spryker/spryker/glue-backend-api-application-authorization-connector:"^1.7.0"
Verification

Make sure that the following modules have been installed:

MODULE EXPECTED DIRECTORY
ApiKey vendor/spryker/api-key
ApiKeyGui vendor/spryker/api-key-gui
Authorization vendor/spryker/authorization
ApiKeyAuthorizationConnector vendor/spryker/api-key-authorization-connector
GlueBackendApiApplicationAuthorizationConnector vendor/spryker/glue-backend-api-application-authorization-connector

2) Set up database schema and transfer objects

Apply database changes and generate entity and transfer changes:

vendor/bin/console transfer:generate
vendor/bin/console propel:install
vendor/bin/console transfer:generate
Verification

Ensure that the following changes have occurred in the database:

DATABASE ENTITY TYPE EVENT
spy_api_key table created

Ensure that the following changes have occurred in transfer objects:

TRANSFER TYPE EVENT PATH
ApiKey class created src/Generated/Shared/Transfer/ApiKeyTransfer
ApiKeyCollectionRequest class created src/Generated/Shared/Transfer/ApiKeyCollectionRequestTransfer
ApiKeyCollectionReqsponse class created src/Generated/Shared/Transfer/ApiKeyCollectionReqsponseTransfer
ApiKeyCollectionDeleteCriteria class created src/Generated/Shared/Transfer/ApiKeyCollectionDeleteCriteriaTransfer
ApiKeyCollection class created src/Generated/Shared/Transfer/ApiKeyCollectionTransfer
ApiKeyCriteria class created src/Generated/Shared/Transfer/ApiKeyCriteriaTransfer
ApiKeyConditions class created src/Generated/Shared/Transfer/ApiKeyConditionsTransfer
CriteriaRangeFilter class created src/Generated/Shared/Transfer/CriteriaRangeFilterTransfer
GlueRequest class created src/Generated/Shared/Transfer/GlueRequestTransfer
AuthorizationIdentity class created src/Generated/Shared/Transfer/AuthorizationIdentityTransfer
AuthorizationEntity class created src/Generated/Shared/Transfer/AuthorizationEntityTransfer
AuthorizationRequest class created src/Generated/Shared/Transfer/AuthorizationRequestTransfer
AuthorizationResponse class created src/Generated/Shared/Transfer/AuthorizationResponseTransfer

3) Set up configuration

Add the configuration to your project:

CONFIGURATION SPECIFICATION NAMESPACE
AuthorizationConfig::isMultistrategyAuthorizationAllowed() Returns true if the multiple strategies authorization is allowed. Pyz\Zed\Authorization\AuthorizationConfig
src/Pyz/Zed/Authorization/AuthorizationConfig.php
<?php

namespace Pyz\Zed\Authorization;

 use Spryker\Zed\Authorization\AuthorizationConfig as SprykerAuthorizationConfig;

 class AuthorizationConfig extends SprykerAuthorizationConfig
 {
     /**
      * {@inheritDoc}
      *
      * @return bool
      */
     public function isMultistrategyAuthorizationAllowed(): bool
     {
         return true;
     }
 }

4) Set up behavior

  1. Activate the following plugins:
PLUGIN SPECIFICATION NAMESPACE
ApiKeyAuthorizationRequestExpanderPlugin Expands the request by the API Key provided. Spryker\Glue\ApiKeyAuthorizationConnector\Plugin\GlueBackendApiApplicationAuthorizationConnector
ApiKeyAuthorizationStrategyPlugin Executes the API Key verification process. Spryker\Zed\ApiKeyAuthorizationConnector\Communication\Plugin\Authorization
src/Pyz/Glue/GlueBackendApiApplicationAuthorizationConnector/GlueBackendApiApplicationAuthorizationConnectorDependencyProvider.php
<?php

namespace Pyz\Glue\GlueBackendApiApplicationAuthorizationConnector;

use Spryker\Glue\ApiKeyAuthorizationConnector\Plugin\GlueBackendApiApplicationAuthorizationConnector\ApiKeyAuthorizationRequestExpanderPlugin;
use Spryker\Glue\GlueBackendApiApplicationAuthorizationConnector\GlueBackendApiApplicationAuthorizationConnectorDependencyProvider as SprykerGlueBackendApiApplicationAuthorizationConnectorDependencyProvider;

class GlueBackendApiApplicationAuthorizationConnectorDependencyProvider extends SprykerGlueBackendApiApplicationAuthorizationConnectorDependencyProvider
{
    /**
     * @return array<\Spryker\Glue\GlueApplicationExtension\Dependency\Plugin\AuthorizationRequestExpanderPluginInterface>
     */
    protected function getAuthorizationRequestExpanderPlugins(): array
    {
        return [
            new ApiKeyAuthorizationRequestExpanderPlugin(),
        ];
    }
}

src/Pyz/Zed/Authorization/AuthorizationDependencyProvider.php
<?php

namespace Pyz\Zed\Authorization;

use Spryker\Zed\ApiKeyAuthorizationConnector\Communication\Plugin\Authorization\ApiKeyAuthorizationStrategyPlugin;
use Spryker\Zed\Authorization\AuthorizationDependencyProvider as SprykerAuthorizationDependencyProvider;

class AuthorizationDependencyProvider extends SprykerAuthorizationDependencyProvider
{
    /**
     * @return array<\Spryker\Zed\AuthorizationExtension\Dependency\Plugin\AuthorizationStrategyPluginInterface>
     */
    protected function getAuthorizationStrategyPlugins(): array
    {
        return [
            new ApiKeyAuthorizationStrategyPlugin(),
        ];
    }
}

Verification

Follow the instructions from Use API Key authorization to check that the API Key authorization has been integrated properly.