* public registration

* remove WSSE implementation
* add oAuth2 implementation

app/AppKernel.php

@@ -26,6 +26,7 @@ class AppKernel extends Kernel
             new Wallabag\ApiBundle\WallabagApiBundle(),
             new Bazinga\Bundle\HateoasBundle\BazingaHateoasBundle(),
             new Lexik\Bundle\FormFilterBundle\LexikFormFilterBundle(),
+            new FOS\OAuthServerBundle\FOSOAuthServerBundle(),
         );
 
         if (in_array($this->getEnvironment(), array('dev', 'test'))) {

app/config/config.yml

@@ -157,3 +157,17 @@ fos_user:
     db_driver: orm
     firewall_name: main
     user_class: Wallabag\CoreBundle\Entity\User
+    registration:
+        form:
+            type: wallabag_user_registration
+        confirmation:
+            enabled: true
+
+fos_oauth_server:
+    db_driver:           orm
+    client_class:        Wallabag\ApiBundle\Entity\Client
+    access_token_class:  Wallabag\ApiBundle\Entity\AccessToken
+    refresh_token_class: Wallabag\ApiBundle\Entity\RefreshToken
+    auth_code_class:     Wallabag\ApiBundle\Entity\AuthCode
+    service:
+        user_provider: fos_user.user_manager

app/config/config_prod.yml

@@ -17,11 +17,6 @@ monolog:
             type:         fingers_crossed
             action_level: error
             handler:      nested
-        wsse:
-            type: stream
-            path: %kernel.logs_dir%/%kernel.environment%.wsse.log
-            level: error
-            channels: [wsse]
         nested:
             type:  stream
             path:  "%kernel.logs_dir%/%kernel.environment%.log"

app/config/routing.yml

@@ -30,3 +30,9 @@ homepage:
     defaults:  { _controller: WallabagCoreBundle:Entry:showUnread, page : 1 }
     requirements:
         page:  \d+
+
+fos_user:
+    resource: "@FOSUserBundle/Resources/config/routing/all.xml"
+
+fos_oauth_server_token:
+    resource: "@FOSOAuthServerBundle/Resources/config/routing/token.xml"

app/config/security.yml

@@ -1,9 +1,6 @@
 security:
     encoders:
-        Wallabag\CoreBundle\Entity\User:
-            algorithm:        sha1
-            encode_as_base64: false
-            iterations:       1
+        FOS\UserBundle\Model\UserInterface: sha512
 
     role_hierarchy:
         ROLE_ADMIN:       ROLE_USER
@@ -18,11 +15,15 @@ security:
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
     firewalls:
-        wsse_secured:
-            pattern:      /api/.*
-            wsse:         true
-            stateless:    true
-            anonymous:    true
+        oauth_token:
+            pattern: ^/oauth/v2/token
+            security: false
+        api:
+            pattern: /api/.*
+            fos_oauth: true
+            stateless: true
+            anonymous: false
+
         login_firewall:
             pattern:    ^/login$
             anonymous:  ~
@@ -45,9 +46,9 @@ security:
                 target: /
 
     access_control:
-        - { path: ^/api/salt, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/, roles: ROLE_USER }

app/config/services.yml

@@ -1,9 +1,4 @@
-# Learn more about services, parameters and containers at
-# http://symfony.com/doc/current/book/service_container.html
 parameters:
-    security.authentication.provider.dao.class: Wallabag\CoreBundle\Security\Authentication\Provider\WallabagAuthenticationProvider
-    security.encoder.digest.class: Wallabag\CoreBundle\Security\Authentication\Encoder\WallabagPasswordEncoder
-    security.validator.user_password.class: Wallabag\CoreBundle\Security\Validator\WallabagUserPasswordValidator
     lexik_form_filter.get_filter.doctrine_orm.class: Wallabag\CoreBundle\Event\Subscriber\CustomDoctrineORMSubscriber
 
 services: