diff --git a/app/AppKernel.php b/app/AppKernel.php
index 08e14b8f7..6315fcde9 100644
--- a/app/AppKernel.php
+++ b/app/AppKernel.php
@@ -26,6 +26,8 @@ class AppKernel extends Kernel
new Wallabag\ApiBundle\WallabagApiBundle(),
new Bazinga\Bundle\HateoasBundle\BazingaHateoasBundle(),
new Lexik\Bundle\FormFilterBundle\LexikFormFilterBundle(),
+ new FOS\OAuthServerBundle\FOSOAuthServerBundle(),
+ new Wallabag\UserBundle\WallabagUserBundle(),
);
if (in_array($this->getEnvironment(), array('dev', 'test'))) {
diff --git a/app/config/config.yml b/app/config/config.yml
index f623ab237..0d893ecfb 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -110,7 +110,9 @@ fos_rest:
routing_loader:
default_format: json
-nelmio_api_doc: ~
+nelmio_api_doc:
+ sandbox:
+ enabled: false
nelmio_cors:
defaults:
@@ -156,4 +158,16 @@ liip_theme:
fos_user:
db_driver: orm
firewall_name: main
- user_class: Wallabag\CoreBundle\Entity\User
+ user_class: Wallabag\UserBundle\Entity\User
+ registration:
+ confirmation:
+ enabled: true
+
+fos_oauth_server:
+ db_driver: orm
+ client_class: Wallabag\ApiBundle\Entity\Client
+ access_token_class: Wallabag\ApiBundle\Entity\AccessToken
+ refresh_token_class: Wallabag\ApiBundle\Entity\RefreshToken
+ auth_code_class: Wallabag\ApiBundle\Entity\AuthCode
+ service:
+ user_provider: fos_user.user_manager
diff --git a/app/config/config_prod.yml b/app/config/config_prod.yml
index c45f0fa66..342837a03 100644
--- a/app/config/config_prod.yml
+++ b/app/config/config_prod.yml
@@ -17,11 +17,6 @@ monolog:
type: fingers_crossed
action_level: error
handler: nested
- wsse:
- type: stream
- path: %kernel.logs_dir%/%kernel.environment%.wsse.log
- level: error
- channels: [wsse]
nested:
type: stream
path: "%kernel.logs_dir%/%kernel.environment%.log"
diff --git a/app/config/routing.yml b/app/config/routing.yml
index e8bf08a57..af3e32b18 100644
--- a/app/config/routing.yml
+++ b/app/config/routing.yml
@@ -10,16 +10,6 @@ doc-api:
resource: "@NelmioApiDocBundle/Resources/config/routing.yml"
prefix: /api/doc
-login:
- pattern: /login
- defaults: { _controller: WallabagCoreBundle:Security:login }
-
-login_check:
- pattern: /login_check
-
-logout:
- path: /logout
-
rest :
type : rest
resource : "routing_rest.yml"
@@ -30,3 +20,9 @@ homepage:
defaults: { _controller: WallabagCoreBundle:Entry:showUnread, page : 1 }
requirements:
page: \d+
+
+fos_user:
+ resource: "@FOSUserBundle/Resources/config/routing/all.xml"
+
+fos_oauth_server_token:
+ resource: "@FOSOAuthServerBundle/Resources/config/routing/token.xml"
diff --git a/app/config/security.yml b/app/config/security.yml
index 988466562..576cfd25d 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -1,9 +1,6 @@
security:
encoders:
- Wallabag\CoreBundle\Entity\User:
- algorithm: sha1
- encode_as_base64: false
- iterations: 1
+ FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
@@ -11,18 +8,23 @@ security:
providers:
administrators:
- entity: { class: WallabagCoreBundle:User, property: username }
+ entity: { class: WallabagUserBundle:User, property: username }
fos_userbundle:
id: fos_user.user_provider.username
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
- wsse_secured:
- pattern: /api/.*
- wsse: true
- stateless: true
- anonymous: true
+ oauth_token:
+ pattern: ^/oauth/v2/token
+ security: false
+
+ api:
+ pattern: /api/.*
+ fos_oauth: true
+ stateless: true
+ anonymous: true
+
login_firewall:
pattern: ^/login$
anonymous: ~
@@ -45,9 +47,9 @@ security:
target: /
access_control:
- - { path: ^/api/salt, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
+ - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
diff --git a/app/config/services.yml b/app/config/services.yml
index 965bc3195..ff6a582bb 100644
--- a/app/config/services.yml
+++ b/app/config/services.yml
@@ -1,9 +1,4 @@
-# Learn more about services, parameters and containers at
-# http://symfony.com/doc/current/book/service_container.html
parameters:
- security.authentication.provider.dao.class: Wallabag\CoreBundle\Security\Authentication\Provider\WallabagAuthenticationProvider
- security.encoder.digest.class: Wallabag\CoreBundle\Security\Authentication\Encoder\WallabagPasswordEncoder
- security.validator.user_password.class: Wallabag\CoreBundle\Security\Validator\WallabagUserPasswordValidator
lexik_form_filter.get_filter.doctrine_orm.class: Wallabag\CoreBundle\Event\Subscriber\CustomDoctrineORMSubscriber
services:
diff --git a/composer.json b/composer.json
index babe9356d..22cb277c4 100644
--- a/composer.json
+++ b/composer.json
@@ -53,7 +53,8 @@
"pagerfanta/pagerfanta": "~1.0.3",
"lexik/form-filter-bundle": "~4.0",
"j0k3r/graby": "~1.0",
- "friendsofsymfony/user-bundle": "dev-master"
+ "friendsofsymfony/user-bundle": "dev-master",
+ "friendsofsymfony/oauth-server-bundle": "^1.4@dev"
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "~2.2.0",
diff --git a/composer.lock b/composer.lock
index 370d8ddd9..606c3678d 100644
--- a/composer.lock
+++ b/composer.lock
@@ -1,10 +1,10 @@
{
"_readme": [
"This file locks the dependencies of your project to a known state",
- "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
+ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
- "hash": "350d05d95be50b6d93e8a046f784e00c",
+ "hash": "7c1f2c88df608eb6e1b4bc7c5ed24acc",
"packages": [
{
"name": "doctrine/annotations",
@@ -858,6 +858,129 @@
],
"time": "2014-05-20 12:10:12"
},
+ {
+ "name": "friendsofsymfony/oauth-server-bundle",
+ "version": "1.4.2",
+ "target-dir": "FOS/OAuthServerBundle",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/FriendsOfSymfony/FOSOAuthServerBundle.git",
+ "reference": "9e15c229eff547443d686445d629e9356ab0672e"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/FriendsOfSymfony/FOSOAuthServerBundle/zipball/9e15c229eff547443d686445d629e9356ab0672e",
+ "reference": "9e15c229eff547443d686445d629e9356ab0672e",
+ "shasum": ""
+ },
+ "require": {
+ "friendsofsymfony/oauth2-php": "~1.1.0",
+ "php": ">=5.3.3",
+ "symfony/framework-bundle": "~2.1",
+ "symfony/security-bundle": "~2.1"
+ },
+ "require-dev": {
+ "doctrine/doctrine-bundle": "~1.0",
+ "doctrine/mongodb-odm": "1.0.*@dev",
+ "doctrine/orm": ">=2.2,<2.5-dev",
+ "symfony/class-loader": "~2.1",
+ "symfony/yaml": "~2.1",
+ "willdurand/propel-typehintable-behavior": "1.0.*"
+ },
+ "suggest": {
+ "doctrine/doctrine-bundle": "*",
+ "doctrine/mongodb-odm-bundle": "*",
+ "propel/propel-bundle": "If you want to use Propel with Symfony2, then you will have to install the PropelBundle",
+ "willdurand/propel-typehintable-behavior": "The Typehintable behavior is useful to add type hints on generated methods, to be compliant with interfaces"
+ },
+ "type": "symfony-bundle",
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.4-dev"
+ }
+ },
+ "autoload": {
+ "psr-0": {
+ "FOS\\OAuthServerBundle": ""
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Arnaud Le Blanc",
+ "email": "arnaud.lb@gmail.com"
+ },
+ {
+ "name": "FriendsOfSymfony Community",
+ "homepage": "https://github.com/FriendsOfSymfony/FOSOAuthServerBundle/contributors"
+ }
+ ],
+ "description": "Symfony2 OAuth Server Bundle",
+ "homepage": "http://friendsofsymfony.github.com",
+ "keywords": [
+ "oauth",
+ "oauth2",
+ "server"
+ ],
+ "time": "2014-10-31 13:44:14"
+ },
+ {
+ "name": "friendsofsymfony/oauth2-php",
+ "version": "1.1.1",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/FriendsOfSymfony/oauth2-php.git",
+ "reference": "23e76537c4a02e666ab4ba5abe67a69a886a0310"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/FriendsOfSymfony/oauth2-php/zipball/23e76537c4a02e666ab4ba5abe67a69a886a0310",
+ "reference": "23e76537c4a02e666ab4ba5abe67a69a886a0310",
+ "shasum": ""
+ },
+ "require": {
+ "php": ">=5.3.2",
+ "symfony/http-foundation": "~2.0"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "~4.0"
+ },
+ "type": "library",
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.1.x-dev"
+ }
+ },
+ "autoload": {
+ "psr-4": {
+ "OAuth2\\": "lib/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Arnaud Le Blanc",
+ "email": "arnaud.lb@gmail.com"
+ },
+ {
+ "name": "FriendsOfSymfony Community",
+ "homepage": "https://github.com/FriendsOfSymfony/oauth2-php/contributors"
+ }
+ ],
+ "description": "OAuth2 library",
+ "homepage": "https://github.com/FriendsOfSymfony/oauth2-php",
+ "keywords": [
+ "oauth",
+ "oauth2"
+ ],
+ "time": "2014-11-03 10:21:20"
+ },
{
"name": "friendsofsymfony/rest-bundle",
"version": "1.7.1",
@@ -2787,12 +2910,12 @@
"version": "v2.7.0",
"source": {
"type": "git",
- "url": "https://github.com/symfony/AsseticBundle.git",
+ "url": "https://github.com/symfony/assetic-bundle.git",
"reference": "3ae5c8ca3079b6e0033cc9fbfb6500e2bc964da5"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/AsseticBundle/zipball/3ae5c8ca3079b6e0033cc9fbfb6500e2bc964da5",
+ "url": "https://api.github.com/repos/symfony/assetic-bundle/zipball/3ae5c8ca3079b6e0033cc9fbfb6500e2bc964da5",
"reference": "3ae5c8ca3079b6e0033cc9fbfb6500e2bc964da5",
"shasum": ""
},
@@ -2857,12 +2980,12 @@
"version": "v2.7.1",
"source": {
"type": "git",
- "url": "https://github.com/symfony/MonologBundle.git",
+ "url": "https://github.com/symfony/monolog-bundle.git",
"reference": "9320b6863404c70ebe111e9040dab96f251de7ac"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/MonologBundle/zipball/9320b6863404c70ebe111e9040dab96f251de7ac",
+ "url": "https://api.github.com/repos/symfony/monolog-bundle/zipball/9320b6863404c70ebe111e9040dab96f251de7ac",
"reference": "9320b6863404c70ebe111e9040dab96f251de7ac",
"shasum": ""
},
@@ -2916,12 +3039,12 @@
"version": "v2.3.8",
"source": {
"type": "git",
- "url": "https://github.com/symfony/SwiftmailerBundle.git",
+ "url": "https://github.com/symfony/swiftmailer-bundle.git",
"reference": "970b13d01871207e81d17b17ddda025e7e21e797"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/SwiftmailerBundle/zipball/970b13d01871207e81d17b17ddda025e7e21e797",
+ "url": "https://api.github.com/repos/symfony/swiftmailer-bundle/zipball/970b13d01871207e81d17b17ddda025e7e21e797",
"reference": "970b13d01871207e81d17b17ddda025e7e21e797",
"shasum": ""
},
@@ -2970,20 +3093,20 @@
},
{
"name": "symfony/symfony",
- "version": "v2.7.5",
+ "version": "v2.7.4",
"source": {
"type": "git",
"url": "https://github.com/symfony/symfony.git",
- "reference": "619528a274647cffc1792063c3ea04c4fa8266a0"
+ "reference": "1fdf23fe28876844b887b0e1935c9adda43ee645"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/symfony/zipball/619528a274647cffc1792063c3ea04c4fa8266a0",
- "reference": "619528a274647cffc1792063c3ea04c4fa8266a0",
+ "url": "https://api.github.com/repos/symfony/symfony/zipball/1fdf23fe28876844b887b0e1935c9adda43ee645",
+ "reference": "1fdf23fe28876844b887b0e1935c9adda43ee645",
"shasum": ""
},
"require": {
- "doctrine/common": "~2.4",
+ "doctrine/common": "~2.3",
"php": ">=5.3.9",
"psr/log": "~1.0",
"twig/twig": "~1.20|~2.0"
@@ -3036,9 +3159,9 @@
},
"require-dev": {
"doctrine/data-fixtures": "1.0.*",
- "doctrine/dbal": "~2.4",
+ "doctrine/dbal": "~2.2",
"doctrine/doctrine-bundle": "~1.2",
- "doctrine/orm": "~2.4,>=2.4.5",
+ "doctrine/orm": "~2.2,>=2.2.3",
"egulias/email-validator": "~1.2",
"ircmaxell/password-compat": "~1.0",
"monolog/monolog": "~1.11",
@@ -3088,7 +3211,7 @@
"keywords": [
"framework"
],
- "time": "2015-09-25 11:16:52"
+ "time": "2015-09-08 14:26:39"
},
{
"name": "tecnickcom/tcpdf",
@@ -4488,7 +4611,8 @@
"aliases": [],
"minimum-stability": "dev",
"stability-flags": {
- "friendsofsymfony/user-bundle": 20
+ "friendsofsymfony/user-bundle": 20,
+ "friendsofsymfony/oauth-server-bundle": 20
},
"prefer-stable": true,
"prefer-lowest": false,
diff --git a/config/deploy.rb b/config/deploy.rb
index be18ce5af..c2562965b 100644
--- a/config/deploy.rb
+++ b/config/deploy.rb
@@ -4,8 +4,8 @@ lock '3.4.0'
set :application, 'wallabag'
set :repo_url, 'git@github.com:wallabag/wallabag.git'
-set :ssh_user, 'ssh_user'
-server 'server_ip', user: fetch(:ssh_user), roles: %w{web app db}
+set :ssh_user, 'framasoft_bag'
+server '78.46.248.87', user: fetch(:ssh_user), roles: %w{web app db}
set :scm, :git
diff --git a/config/deploy/staging.rb b/config/deploy/staging.rb
index d67d7247d..ccd05b4d9 100644
--- a/config/deploy/staging.rb
+++ b/config/deploy/staging.rb
@@ -1,2 +1,2 @@
set :branch, 'v2'
-set :deploy_to, '/var/www/'
+set :deploy_to, '/var/www/v2.wallabag.org/web/'
diff --git a/src/Wallabag/ApiBundle/Controller/WallabagRestController.php b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
index 349229f38..1fee56ad1 100644
--- a/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
+++ b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
@@ -2,8 +2,8 @@
namespace Wallabag\ApiBundle\Controller;
+use FOS\RestBundle\Controller\FOSRestController;
use Nelmio\ApiDocBundle\Annotation\ApiDoc;
-use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Wallabag\CoreBundle\Entity\Entry;
@@ -11,7 +11,7 @@ use Wallabag\CoreBundle\Entity\Tag;
use Hateoas\Configuration\Route;
use Hateoas\Representation\Factory\PagerfantaFactory;
-class WallabagRestController extends Controller
+class WallabagRestController extends FOSRestController
{
/**
* @param Entry $entry
@@ -38,29 +38,11 @@ class WallabagRestController extends Controller
}
}
- /**
- * Retrieve salt for a giver user.
- *
- * @ApiDoc(
- * parameters={
- * {"name"="username", "dataType"="string", "required"=true, "description"="username"}
- * }
- * )
- *
- * @return array
- */
- public function getSaltAction($username)
+ private function validateAuthentication()
{
- $user = $this
- ->getDoctrine()
- ->getRepository('WallabagCoreBundle:User')
- ->findOneByUsername($username);
-
- if (is_null($user)) {
- throw $this->createNotFoundException();
+ if (false === $this->get('security.context')->isGranted('IS_AUTHENTICATED_FULLY')) {
+ throw new AccessDeniedException();
}
-
- return array($user->getSalt() ?: null);
}
/**
@@ -82,6 +64,8 @@ class WallabagRestController extends Controller
*/
public function getEntriesAction(Request $request)
{
+ $this->validateAuthentication();
+
$isArchived = $request->query->get('archive');
$isStarred = $request->query->get('star');
$sort = $request->query->get('sort', 'created');
@@ -122,7 +106,8 @@ class WallabagRestController extends Controller
*/
public function getEntryAction(Entry $entry)
{
- $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
+ $this->validateAuthentication();
+ $this->validateUserAccess($entry->getUser()->getId());
$json = $this->get('serializer')->serialize($entry, 'json');
@@ -144,6 +129,8 @@ class WallabagRestController extends Controller
*/
public function postEntriesAction(Request $request)
{
+ $this->validateAuthentication();
+
$url = $request->request->get('url');
$entry = $this->get('wallabag_core.content_proxy')->updateEntry(
@@ -184,7 +171,8 @@ class WallabagRestController extends Controller
*/
public function patchEntriesAction(Entry $entry, Request $request)
{
- $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
+ $this->validateAuthentication();
+ $this->validateUserAccess($entry->getUser()->getId());
$title = $request->request->get('title');
$isArchived = $request->request->get('is_archived');
@@ -228,7 +216,8 @@ class WallabagRestController extends Controller
*/
public function deleteEntriesAction(Entry $entry)
{
- $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
+ $this->validateAuthentication();
+ $this->validateUserAccess($entry->getUser()->getId());
$em = $this->getDoctrine()->getManager();
$em->remove($entry);
@@ -250,7 +239,8 @@ class WallabagRestController extends Controller
*/
public function getEntriesTagsAction(Entry $entry)
{
- $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
+ $this->validateAuthentication();
+ $this->validateUserAccess($entry->getUser()->getId());
$json = $this->get('serializer')->serialize($entry->getTags(), 'json');
@@ -271,7 +261,8 @@ class WallabagRestController extends Controller
*/
public function postEntriesTagsAction(Request $request, Entry $entry)
{
- $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
+ $this->validateAuthentication();
+ $this->validateUserAccess($entry->getUser()->getId());
$tags = $request->request->get('tags', '');
if (!empty($tags)) {
@@ -299,7 +290,8 @@ class WallabagRestController extends Controller
*/
public function deleteEntriesTagsAction(Entry $entry, Tag $tag)
{
- $this->validateUserAccess($entry->getUser()->getId(), $this->getUser()->getId());
+ $this->validateAuthentication();
+ $this->validateUserAccess($entry->getUser()->getId());
$entry->removeTag($tag);
$em = $this->getDoctrine()->getManager();
@@ -318,6 +310,7 @@ class WallabagRestController extends Controller
*/
public function getTagsAction()
{
+ $this->validateAuthentication();
$json = $this->get('serializer')->serialize($this->getUser()->getTags(), 'json');
return $this->renderJsonResponse($json);
@@ -334,7 +327,8 @@ class WallabagRestController extends Controller
*/
public function deleteTagAction(Tag $tag)
{
- $this->validateUserAccess($tag->getUser()->getId(), $this->getUser()->getId());
+ $this->validateAuthentication();
+ $this->validateUserAccess($tag->getUser()->getId());
$em = $this->getDoctrine()->getManager();
$em->remove($tag);
@@ -350,12 +344,12 @@ class WallabagRestController extends Controller
* If not, throw exception. It means a user try to access information from an other user.
*
* @param int $requestUserId User id from the requested source
- * @param int $currentUserId User id from the retrieved source
*/
- private function validateUserAccess($requestUserId, $currentUserId)
+ private function validateUserAccess($requestUserId)
{
- if ($requestUserId != $currentUserId) {
- throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$currentUserId);
+ $user = $this->get('security.context')->getToken()->getUser();
+ if ($requestUserId != $user->getId()) {
+ throw $this->createAccessDeniedException('Access forbidden. Entry user id: '.$requestUserId.', logged user id: '.$user->getId());
}
}
diff --git a/src/Wallabag/ApiBundle/DependencyInjection/Security/Factory/WsseFactory.php b/src/Wallabag/ApiBundle/DependencyInjection/Security/Factory/WsseFactory.php
deleted file mode 100644
index 402eb8692..000000000
--- a/src/Wallabag/ApiBundle/DependencyInjection/Security/Factory/WsseFactory.php
+++ /dev/null
@@ -1,40 +0,0 @@
-setDefinition($providerId, new DefinitionDecorator('wsse.security.authentication.provider'))
- ->replaceArgument(0, new Reference($userProvider))
- ;
-
- $listenerId = 'security.authentication.listener.wsse.'.$id;
- $listener = $container->setDefinition($listenerId, new DefinitionDecorator('wsse.security.authentication.listener'));
-
- return array($providerId, $listenerId, $defaultEntryPoint);
- }
-
- public function getPosition()
- {
- return 'pre_auth';
- }
-
- public function getKey()
- {
- return 'wsse';
- }
-
- public function addConfiguration(NodeDefinition $node)
- {
- }
-}
diff --git a/src/Wallabag/ApiBundle/DependencyInjection/WallabagApiExtension.php b/src/Wallabag/ApiBundle/DependencyInjection/WallabagApiExtension.php
index c5cc204e0..cde43aedb 100644
--- a/src/Wallabag/ApiBundle/DependencyInjection/WallabagApiExtension.php
+++ b/src/Wallabag/ApiBundle/DependencyInjection/WallabagApiExtension.php
@@ -3,9 +3,7 @@
namespace Wallabag\ApiBundle\DependencyInjection;
use Symfony\Component\DependencyInjection\ContainerBuilder;
-use Symfony\Component\Config\FileLocator;
use Symfony\Component\HttpKernel\DependencyInjection\Extension;
-use Symfony\Component\DependencyInjection\Loader;
class WallabagApiExtension extends Extension
{
@@ -13,9 +11,6 @@ class WallabagApiExtension extends Extension
{
$configuration = new Configuration();
$config = $this->processConfiguration($configuration, $configs);
-
- $loader = new Loader\YamlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
- $loader->load('services.yml');
}
public function getAlias()
diff --git a/src/Wallabag/ApiBundle/Entity/AccessToken.php b/src/Wallabag/ApiBundle/Entity/AccessToken.php
new file mode 100644
index 000000000..b1f4e7de2
--- /dev/null
+++ b/src/Wallabag/ApiBundle/Entity/AccessToken.php
@@ -0,0 +1,31 @@
+userProvider = $userProvider;
- $this->cacheDir = $cacheDir;
-
- // If cache directory does not exist we create it
- if (!is_dir($this->cacheDir)) {
- mkdir($this->cacheDir, 0777, true);
- }
- }
-
- public function authenticate(TokenInterface $token)
- {
- $user = $this->userProvider->loadUserByUsername($token->getUsername());
-
- if (!$user) {
- throw new AuthenticationException('Bad credentials. Did you forgot your username?');
- }
-
- if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
- $authenticatedToken = new WsseUserToken($user->getRoles());
- $authenticatedToken->setUser($user);
-
- return $authenticatedToken;
- }
-
- throw new AuthenticationException('The WSSE authentication failed.');
- }
-
- protected function validateDigest($digest, $nonce, $created, $secret)
- {
- // Check created time is not in the future
- if (strtotime($created) > time()) {
- throw new AuthenticationException('Back to the future...');
- }
-
- // Expire timestamp after 5 minutes
- if (time() - strtotime($created) > 300) {
- throw new AuthenticationException('Too late for this timestamp... Watch your watch.');
- }
-
- // Validate nonce is unique within 5 minutes
- if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
- throw new NonceExpiredException('Previously used nonce detected');
- }
-
- file_put_contents($this->cacheDir.'/'.$nonce, time());
-
- // Validate Secret
- $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
-
- if ($digest !== $expected) {
- throw new AuthenticationException('Bad credentials ! Digest is not as expected.');
- }
-
- return $digest === $expected;
- }
-
- public function supports(TokenInterface $token)
- {
- return $token instanceof WsseUserToken;
- }
-}
diff --git a/src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php b/src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php
deleted file mode 100644
index e6d30224b..000000000
--- a/src/Wallabag/ApiBundle/Security/Authentication/Token/WsseUserToken.php
+++ /dev/null
@@ -1,24 +0,0 @@
-setAuthenticated(count($roles) > 0);
- }
-
- public function getCredentials()
- {
- return '';
- }
-}
diff --git a/src/Wallabag/ApiBundle/Security/Firewall/WsseListener.php b/src/Wallabag/ApiBundle/Security/Firewall/WsseListener.php
deleted file mode 100644
index 2fcbe014e..000000000
--- a/src/Wallabag/ApiBundle/Security/Firewall/WsseListener.php
+++ /dev/null
@@ -1,62 +0,0 @@
-securityContext = $securityContext;
- $this->authenticationManager = $authenticationManager;
- $this->logger = $logger;
- }
-
- public function handle(GetResponseEvent $event)
- {
- $request = $event->getRequest();
-
- $wsseRegex = '/UsernameToken Username="([^"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/';
- if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) {
- return;
- }
-
- $token = new WsseUserToken();
- $token->setUser($matches[1]);
-
- $token->digest = $matches[2];
- $token->nonce = $matches[3];
- $token->created = $matches[4];
-
- try {
- $authToken = $this->authenticationManager->authenticate($token);
-
- $this->securityContext->setToken($authToken);
-
- return;
- } catch (AuthenticationException $failed) {
- $failedMessage = 'WSSE Login failed for '.$token->getUsername().'. Why ? '.$failed->getMessage();
- $this->logger->err($failedMessage);
-
- // Deny authentication with a '403 Forbidden' HTTP response
- $response = new Response();
- $response->setStatusCode(403);
- $response->setContent($failedMessage);
- $event->setResponse($response);
-
- return;
- }
- }
-}
diff --git a/src/Wallabag/ApiBundle/Tests/AbstractControllerTest.php b/src/Wallabag/ApiBundle/Tests/AbstractControllerTest.php
new file mode 100644
index 000000000..119889b38
--- /dev/null
+++ b/src/Wallabag/ApiBundle/Tests/AbstractControllerTest.php
@@ -0,0 +1,46 @@
+client = $this->createAuthorizedClient();
+ }
+
+ /**
+ * @return Client
+ */
+ protected function createAuthorizedClient()
+ {
+ $client = static::createClient();
+ $container = $client->getContainer();
+
+ $session = $container->get('session');
+ /** @var $userManager \FOS\UserBundle\Doctrine\UserManager */
+ $userManager = $container->get('fos_user.user_manager');
+ /** @var $loginManager \FOS\UserBundle\Security\LoginManager */
+ $loginManager = $container->get('fos_user.security.login_manager');
+ $firewallName = $container->getParameter('fos_user.firewall_name');
+
+ $user = $userManager->findUserBy(array('username' => 'admin'));
+ $loginManager->loginUser($firewallName, $user);
+
+ // save the login token into the session and put it in a cookie
+ $container->get('session')->set('_security_'.$firewallName,
+ serialize($container->get('security.context')->getToken()));
+ $container->get('session')->save();
+ $client->getCookieJar()->set(new Cookie($session->getName(), $session->getId()));
+
+ return $client;
+ }
+}
diff --git a/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php b/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php
index 7ae54b576..bc7ef4895 100644
--- a/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php
+++ b/src/Wallabag/ApiBundle/Tests/Controller/WallabagRestControllerTest.php
@@ -2,99 +2,15 @@
namespace Wallabag\ApiBundle\Tests\Controller;
-use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use Wallabag\ApiBundle\Tests\AbstractControllerTest;
-class WallabagRestControllerTest extends WebTestCase
+class WallabagRestControllerTest extends AbstractControllerTest
{
protected static $salt;
- /**
- * Grab the salt once and store it to be available for all tests.
- */
- public static function setUpBeforeClass()
- {
- $client = self::createClient();
-
- $user = $client->getContainer()
- ->get('doctrine.orm.entity_manager')
- ->getRepository('WallabagCoreBundle:User')
- ->findOneByUsername('admin');
-
- self::$salt = $user->getSalt();
- }
-
- /**
- * Generate HTTP headers for authenticate user on API.
- *
- * @param string $username
- * @param string $password
- *
- * @return array
- */
- private function generateHeaders($username, $password)
- {
- $encryptedPassword = sha1($password.$username.self::$salt);
- $nonce = substr(md5(uniqid('nonce_', true)), 0, 16);
-
- $now = new \DateTime('now', new \DateTimeZone('UTC'));
- $created = (string) $now->format('Y-m-d\TH:i:s\Z');
- $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));
-
- return array(
- 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
- 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
- );
- }
-
- public function testGetSalt()
- {
- $client = $this->createClient();
- $client->request('GET', '/api/salts/admin.json');
-
- $user = $client->getContainer()
- ->get('doctrine.orm.entity_manager')
- ->getRepository('WallabagCoreBundle:User')
- ->findOneByUsername('admin');
-
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
-
- $content = json_decode($client->getResponse()->getContent(), true);
-
- $this->assertArrayHasKey(0, $content);
- $this->assertEquals($user->getSalt(), $content[0]);
-
- $client->request('GET', '/api/salts/notfound.json');
- $this->assertEquals(404, $client->getResponse()->getStatusCode());
- }
-
- public function testWithBadHeaders()
- {
- $client = $this->createClient();
-
- $entry = $client->getContainer()
- ->get('doctrine.orm.entity_manager')
- ->getRepository('WallabagCoreBundle:Entry')
- ->findOneByIsArchived(false);
-
- if (!$entry) {
- $this->markTestSkipped('No content found in db.');
- }
-
- $badHeaders = array(
- 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
- 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
- );
-
- $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
- $this->assertEquals(403, $client->getResponse()->getStatusCode());
- }
-
public function testGetOneEntry()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $entry = $client->getContainer()
+ $entry = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
->findOneBy(array('user' => 1, 'isArchived' => false));
@@ -103,18 +19,17 @@ class WallabagRestControllerTest extends WebTestCase
$this->markTestSkipped('No content found in db.');
}
- $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
+ $this->client->request('GET', '/api/entries/'.$entry->getId().'.json');
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
-
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertEquals($entry->getTitle(), $content['title']);
$this->assertEquals($entry->getUrl(), $content['url']);
$this->assertCount(count($entry->getTags()), $content['tags']);
$this->assertTrue(
- $client->getResponse()->headers->contains(
+ $this->client->getResponse()->headers->contains(
'Content-Type',
'application/json'
)
@@ -123,10 +38,7 @@ class WallabagRestControllerTest extends WebTestCase
public function testGetOneEntryWrongUser()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $entry = $client->getContainer()
+ $entry = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
->findOneBy(array('user' => 2, 'isArchived' => false));
@@ -135,21 +47,18 @@ class WallabagRestControllerTest extends WebTestCase
$this->markTestSkipped('No content found in db.');
}
- $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
+ $this->client->request('GET', '/api/entries/'.$entry->getId().'.json');
- $this->assertEquals(403, $client->getResponse()->getStatusCode());
+ $this->assertEquals(403, $this->client->getResponse()->getStatusCode());
}
public function testGetEntries()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
+ $this->client->request('GET', '/api/entries');
- $client->request('GET', '/api/entries', array(), array(), $headers);
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
-
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertGreaterThanOrEqual(1, count($content));
$this->assertNotEmpty($content['_embedded']['items']);
@@ -158,7 +67,7 @@ class WallabagRestControllerTest extends WebTestCase
$this->assertGreaterThanOrEqual(1, $content['pages']);
$this->assertTrue(
- $client->getResponse()->headers->contains(
+ $this->client->getResponse()->headers->contains(
'Content-Type',
'application/json'
)
@@ -167,14 +76,11 @@ class WallabagRestControllerTest extends WebTestCase
public function testGetStarredEntries()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
+ $this->client->request('GET', '/api/entries', array('star' => 1, 'sort' => 'updated'));
- $client->request('GET', '/api/entries', array('star' => 1, 'sort' => 'updated'), array(), $headers);
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
-
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertGreaterThanOrEqual(1, count($content));
$this->assertNotEmpty($content['_embedded']['items']);
@@ -183,7 +89,7 @@ class WallabagRestControllerTest extends WebTestCase
$this->assertGreaterThanOrEqual(1, $content['pages']);
$this->assertTrue(
- $client->getResponse()->headers->contains(
+ $this->client->getResponse()->headers->contains(
'Content-Type',
'application/json'
)
@@ -192,14 +98,11 @@ class WallabagRestControllerTest extends WebTestCase
public function testGetArchiveEntries()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
+ $this->client->request('GET', '/api/entries', array('archive' => 1));
- $client->request('GET', '/api/entries', array('archive' => 1), array(), $headers);
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
-
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertGreaterThanOrEqual(1, count($content));
$this->assertNotEmpty($content['_embedded']['items']);
@@ -208,7 +111,7 @@ class WallabagRestControllerTest extends WebTestCase
$this->assertGreaterThanOrEqual(1, $content['pages']);
$this->assertTrue(
- $client->getResponse()->headers->contains(
+ $this->client->getResponse()->headers->contains(
'Content-Type',
'application/json'
)
@@ -217,10 +120,7 @@ class WallabagRestControllerTest extends WebTestCase
public function testDeleteEntry()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $entry = $client->getContainer()
+ $entry = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
->findOneByUser(1);
@@ -229,36 +129,31 @@ class WallabagRestControllerTest extends WebTestCase
$this->markTestSkipped('No content found in db.');
}
- $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
+ $this->client->request('DELETE', '/api/entries/'.$entry->getId().'.json');
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertEquals($entry->getTitle(), $content['title']);
$this->assertEquals($entry->getUrl(), $content['url']);
// We'll try to delete this entry again
- $headers = $this->generateHeaders('admin', 'mypassword');
+ $this->client->request('DELETE', '/api/entries/'.$entry->getId().'.json');
- $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
-
- $this->assertEquals(404, $client->getResponse()->getStatusCode());
+ $this->assertEquals(404, $this->client->getResponse()->getStatusCode());
}
public function testPostEntry()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $client->request('POST', '/api/entries.json', array(
+ $this->client->request('POST', '/api/entries.json', array(
'url' => 'http://www.lemonde.fr/pixels/article/2015/03/28/plongee-dans-l-univers-d-ingress-le-jeu-de-google-aux-frontieres-du-reel_4601155_4408996.html',
'tags' => 'google',
- ), array(), $headers);
+ ));
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertGreaterThan(0, $content['id']);
$this->assertEquals('http://www.lemonde.fr/pixels/article/2015/03/28/plongee-dans-l-univers-d-ingress-le-jeu-de-google-aux-frontieres-du-reel_4601155_4408996.html', $content['url']);
@@ -269,10 +164,7 @@ class WallabagRestControllerTest extends WebTestCase
public function testPatchEntry()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $entry = $client->getContainer()
+ $entry = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
->findOneByUser(1);
@@ -284,16 +176,16 @@ class WallabagRestControllerTest extends WebTestCase
// hydrate the tags relations
$nbTags = count($entry->getTags());
- $client->request('PATCH', '/api/entries/'.$entry->getId().'.json', array(
+ $this->client->request('PATCH', '/api/entries/'.$entry->getId().'.json', array(
'title' => 'New awesome title',
'tags' => 'new tag '.uniqid(),
'star' => true,
'archive' => false,
- ), array(), $headers);
+ ));
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertEquals($entry->getId(), $content['id']);
$this->assertEquals($entry->getUrl(), $content['url']);
@@ -303,10 +195,7 @@ class WallabagRestControllerTest extends WebTestCase
public function testGetTagsEntry()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $entry = $client->getContainer()
+ $entry = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
->findOneWithTags(1);
@@ -322,17 +211,14 @@ class WallabagRestControllerTest extends WebTestCase
$tags[] = array('id' => $tag->getId(), 'label' => $tag->getLabel());
}
- $client->request('GET', '/api/entries/'.$entry->getId().'/tags', array(), array(), $headers);
+ $this->client->request('GET', '/api/entries/'.$entry->getId().'/tags');
- $this->assertEquals(json_encode($tags, JSON_HEX_QUOT), $client->getResponse()->getContent());
+ $this->assertEquals(json_encode($tags, JSON_HEX_QUOT), $this->client->getResponse()->getContent());
}
public function testPostTagsOnEntry()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $entry = $client->getContainer()
+ $entry = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
->findOneByUser(1);
@@ -345,16 +231,16 @@ class WallabagRestControllerTest extends WebTestCase
$newTags = 'tag1,tag2,tag3';
- $client->request('POST', '/api/entries/'.$entry->getId().'/tags', array('tags' => $newTags), array(), $headers);
+ $this->client->request('POST', '/api/entries/'.$entry->getId().'/tags', array('tags' => $newTags));
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertArrayHasKey('tags', $content);
$this->assertEquals($nbTags + 3, count($content['tags']));
- $entryDB = $client->getContainer()
+ $entryDB = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
->find($entry->getId());
@@ -369,15 +255,13 @@ class WallabagRestControllerTest extends WebTestCase
}
}
- public function testDeleteOneTagEntrie()
+ public function testDeleteOneTagEntry()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
-
- $entry = $client->getContainer()
+ $entry = $this->client->getContainer()
->get('doctrine.orm.entity_manager')
->getRepository('WallabagCoreBundle:Entry')
- ->findOneByUser(1);
+ ->findOneWithTags(1);
+ $entry = $entry[0];
if (!$entry) {
$this->markTestSkipped('No content found in db.');
@@ -387,11 +271,11 @@ class WallabagRestControllerTest extends WebTestCase
$nbTags = count($entry->getTags());
$tag = $entry->getTags()[0];
- $client->request('DELETE', '/api/entries/'.$entry->getId().'/tags/'.$tag->getId().'.json', array(), array(), $headers);
+ $this->client->request('DELETE', '/api/entries/'.$entry->getId().'/tags/'.$tag->getId().'.json');
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertArrayHasKey('tags', $content);
$this->assertEquals($nbTags - 1, count($content['tags']));
@@ -399,14 +283,11 @@ class WallabagRestControllerTest extends WebTestCase
public function testGetUserTags()
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
+ $this->client->request('GET', '/api/tags.json');
- $client->request('GET', '/api/tags.json', array(), array(), $headers);
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
-
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertGreaterThan(0, $content);
$this->assertArrayHasKey('id', $content[0]);
@@ -420,14 +301,11 @@ class WallabagRestControllerTest extends WebTestCase
*/
public function testDeleteUserTag($tag)
{
- $client = $this->createClient();
- $headers = $this->generateHeaders('admin', 'mypassword');
+ $this->client->request('DELETE', '/api/tags/'.$tag['id'].'.json');
- $client->request('DELETE', '/api/tags/'.$tag['id'].'.json', array(), array(), $headers);
+ $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
- $this->assertEquals(200, $client->getResponse()->getStatusCode());
-
- $content = json_decode($client->getResponse()->getContent(), true);
+ $content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertArrayHasKey('label', $content);
$this->assertEquals($tag['label'], $content['label']);
diff --git a/src/Wallabag/ApiBundle/WallabagApiBundle.php b/src/Wallabag/ApiBundle/WallabagApiBundle.php
index 2484f2779..19d887aba 100644
--- a/src/Wallabag/ApiBundle/WallabagApiBundle.php
+++ b/src/Wallabag/ApiBundle/WallabagApiBundle.php
@@ -3,16 +3,7 @@
namespace Wallabag\ApiBundle;
use Symfony\Component\HttpKernel\Bundle\Bundle;
-use Wallabag\ApiBundle\DependencyInjection\Security\Factory\WsseFactory;
-use Symfony\Component\DependencyInjection\ContainerBuilder;
class WallabagApiBundle extends Bundle
{
- public function build(ContainerBuilder $container)
- {
- parent::build($container);
-
- $extension = $container->getExtension('security');
- $extension->addSecurityListenerFactory(new WsseFactory());
- }
}
diff --git a/src/Wallabag/CoreBundle/Command/InstallCommand.php b/src/Wallabag/CoreBundle/Command/InstallCommand.php
index 1bd76ae36..6ebbd93c0 100644
--- a/src/Wallabag/CoreBundle/Command/InstallCommand.php
+++ b/src/Wallabag/CoreBundle/Command/InstallCommand.php
@@ -8,7 +8,7 @@ use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Input\ArrayInput;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Output\NullOutput;
-use Wallabag\CoreBundle\Entity\User;
+use Wallabag\UserBundle\Entity\User;
use Wallabag\CoreBundle\Entity\Config;
class InstallCommand extends ContainerAwareCommand
@@ -188,9 +188,10 @@ class InstallCommand extends ContainerAwareCommand
$em = $this->getContainer()->get('doctrine.orm.entity_manager');
- $user = new User();
+ $userManager = $this->getContainer()->get('fos_user.user_manager');
+ $user = $userManager->createUser();
$user->setUsername($dialog->ask($this->defaultOutput, '