From 0f8268c93e6210d368f9dcd1900274871a9eacdf Mon Sep 17 00:00:00 2001 From: Thomas Citharel Date: Sun, 30 Apr 2017 09:16:55 +0200 Subject: Add client_credentials as grant_type Therefore, username and password are no longer needed Signed-off-by: Thomas Citharel Allow to have global clients, auth through direct token or auth code and bring scopes Signed-off-by: Thomas Citharel fix review Signed-off-by: Thomas Citharel remove redirect uri requirement on specific clients add back password and depreciate it enforce state Signed-off-by: Thomas Citharel Allow apps to register themselves A handful of changes Signed-off-by: Thomas Citharel change timeout values Signed-off-by: Thomas Citharel set access_token lifetime to 1 year and double for refresh_token Signed-off-by: Thomas Citharel --- .../ApiBundle/Controller/EntryRestController.php | 23 +++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'src/Wallabag/ApiBundle/Controller/EntryRestController.php') diff --git a/src/Wallabag/ApiBundle/Controller/EntryRestController.php b/src/Wallabag/ApiBundle/Controller/EntryRestController.php index 768c4fdc..93f1f461 100644 --- a/src/Wallabag/ApiBundle/Controller/EntryRestController.php +++ b/src/Wallabag/ApiBundle/Controller/EntryRestController.php @@ -5,6 +5,7 @@ namespace Wallabag\ApiBundle\Controller; use Hateoas\Configuration\Route; use Hateoas\Representation\Factory\PagerfantaFactory; use Nelmio\ApiDocBundle\Annotation\ApiDoc; +use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use Symfony\Component\HttpKernel\Exception\HttpException; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\JsonResponse; @@ -25,7 +26,7 @@ class EntryRestController extends WallabagRestController * {"name"="urls", "dataType"="string", "required"=false, "format"="An array of urls (?urls[]=http...&urls[]=http...)", "description"="Urls (as an array) to check if it exists"} * } * ) - * + * @Security("has_role('ROLE_READ')") * @return JsonResponse */ public function getEntriesExistsAction(Request $request) @@ -80,7 +81,7 @@ class EntryRestController extends WallabagRestController * {"name"="public", "dataType"="integer", "required"=false, "format"="1 or 0, all entries by default", "description"="filter by entries with a public link"}, * } * ) - * + * @Security("has_role('ROLE_READ')") * @return JsonResponse */ public function getEntriesAction(Request $request) @@ -143,7 +144,7 @@ class EntryRestController extends WallabagRestController * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} * } * ) - * + * @Security("has_role('ROLE_READ')") * @return JsonResponse */ public function getEntryAction(Entry $entry) @@ -162,7 +163,7 @@ class EntryRestController extends WallabagRestController * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} * } * ) - * + * @Security("has_role('ROLE_READ')") * @return Response */ public function getEntryExportAction(Entry $entry, Request $request) @@ -302,7 +303,7 @@ class EntryRestController extends WallabagRestController * {"name"="public", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="will generate a public link for the entry"}, * } * ) - * + * @Security("has_role('ROLE_WRITE')") * @return JsonResponse */ public function postEntriesAction(Request $request) @@ -346,7 +347,7 @@ class EntryRestController extends WallabagRestController * {"name"="public", "dataType"="integer", "required"=false, "format"="1 or 0", "description"="will generate a public link for the entry"}, * } * ) - * + * @Security("has_role('ROLE_WRITE')") * @return JsonResponse */ public function patchEntriesAction(Entry $entry, Request $request) @@ -368,7 +369,7 @@ class EntryRestController extends WallabagRestController * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} * } * ) - * + * @Security("has_role('ROLE_WRITE')") * @return JsonResponse */ public function patchEntriesReloadAction(Entry $entry) @@ -410,7 +411,7 @@ class EntryRestController extends WallabagRestController * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} * } * ) - * + * @Security("has_role('ROLE_WRITE')") * @return JsonResponse */ public function deleteEntriesAction(Entry $entry) @@ -436,7 +437,7 @@ class EntryRestController extends WallabagRestController * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} * } * ) - * + * @Security("has_role('ROLE_READ')") * @return JsonResponse */ public function getEntriesTagsAction(Entry $entry) @@ -458,7 +459,7 @@ class EntryRestController extends WallabagRestController * {"name"="tags", "dataType"="string", "required"=false, "format"="tag1,tag2,tag3", "description"="a comma-separated list of tags."}, * } * ) - * + * @Security("has_role('ROLE_WRITE')") * @return JsonResponse */ public function postEntriesTagsAction(Request $request, Entry $entry) @@ -487,7 +488,7 @@ class EntryRestController extends WallabagRestController * {"name"="entry", "dataType"="integer", "requirement"="\w+", "description"="The entry ID"} * } * ) - * + * @Security("has_role('ROLE_WRITE')") * @return JsonResponse */ public function deleteEntriesTagsAction(Entry $entry, Tag $tag) -- cgit v1.2.3