composer require xervice/api
If you want to use secured api controller, you have to add the kernel service and the authenticator to the security module:
- You must add the "\Xervice\Api\Business\Plugin\ApiAuthService" plugin to the kernel stack.
- Also you must define your authoration types and add their authenticator (\Xervice\Api\Business\Model\Authenticator\ApiAuthenticator) to the security dependency provider.
To use an api controller without authentification, you can extend from AbstractApiController.
<?php
namespace App\MyModule\Communication\Controller;
use \DataProvider\MyDataDataProvider;
use Symfony\Component\HttpFoundation\Response;
use Xervice\Api\Communication\Controller\AbstractApiController;
class MyApiController extends AbstractApiController
{
/**
* @param \DataProvider\MyDataDataProvider $dataProvider
* @param string $name
*
* @return \Symfony\Component\HttpFoundation\Response
* @throws \Xervice\Api\Exception\ApiException
*/
public function myRequestAction(MyDataDataProvider $dataProvider, string $name): Response
{
$dataProvider = $this->getFacade()->doAnythingWithData($dataProvider);
return $this->apiResponse($dataProvider);
}
}If you want to have authentication, you can extend from AbstractSecureApiController. Every call to an SecureController check an authorization before running the action. The authentication data comes from the header HTTP_Authorization.
Example
HTTP_Authorization: Token Zm9vOmJhcg==
In that example it will look for an security authenticator "Token" and run the authentification. On failure, it will throw an AuthorizationException.