Skip to content

[REQ][php-slim-server] Support for Bearer authentication with Slim framework #3620

@chawax

Description

@chawax

The Slim framework generator doesn't support Bearer authentication as described here in Open API specifications :
https://swagger.io/docs/specification/authentication/bearer-authentication/

Only type property is taken into account, not scheme property. So when you define such a security scheme in your Open API file :

components:
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer

It generates the wrong regex in http case in SlimRouter.php file :

case 'http':
   $authenticatorClassname = "\\{$authPackage}\\BasicAuthenticator";
   if (class_exists($authenticatorClassname)) {
      basicAuthenticator = new $authenticatorClassname($container);
   }
 
   $middlewares[] = new TokenAuthentication($this->getTokenAuthenticationOptions([
      'authenticator' => $basicAuthenticator,
      'regex' => '/Basic\s+(.*)$/i',
      'header' => 'Authorization',
      'parameter' => null,
      'cookie' => null,
      'argument' => null,
   ]));
   break;

while it should generate this regex :

'regex' => '/Bearer\s+(.*)$/i',

Actually the regex should depend on scheme property. If value is bearer it should generate the second regex, and the first one in other cases.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions