Resource route configuration

Routing is handled by Symfony's routing component. The configuration is done in YAML files.

For every route you can configure some access restrictions by defining the option oauth2_constraints.

oauth2_constraints

oauth2_constraints
Type
string|array
Default
oauth.authorized
Path
Route configuration [route].options.oauth2_constraints

One or more access constraints for the route. The constraints are combined with a logical AND. The constraints are evaluated with the Symfony Expression Language.

The following variables are available:

Variable

Type

Description

frontend.*

object

Same as in https://docs.typo3.org/m/typo3/reference-typoscript/main/en-us/Conditions/Index.html#frontend

oauth.authorized

boolean

True if authorization header was set and the bearer token is valid

oauth.grant

string

The grant type of the token

oauth.scopes

array

The scopes of the token

request

object

The server request object

Examples

Register route for an endpoint which executes a controller action similiar to eID:

# EXT:my_extension/Configuration/Yaml/Routes.yaml
example-controller:
    path: /api/v1/simple
    controller: 'Namespace\\MyExtension\\Controller\\ExampleController::handleRequest'
    methods: [GET, POST]
    schemes: https
Copied!

Protect everything below a certain path and check if scope "read" is present:

# EXT:my_extension/Configuration/Yaml/Routes.yaml
my-protected-area:
    path: /api/v1/{slug}
    requirements:
        slug: '.*'
    options:
        oauth2_constraints:
            - 'oauth.authorized'
            - '"read" in oauth.scopes'
Copied!