diff --git a/integrations/symfony-bundle.rst b/integrations/symfony-bundle.rst index 02197c2..fcff1f7 100644 --- a/integrations/symfony-bundle.rst +++ b/integrations/symfony-bundle.rst @@ -269,7 +269,7 @@ Authentication `````````````` You can configure a client with authentication. Valid authentication types are -``basic``, ``bearer``, ``service`` and ``wsse``. See more examples at the +``basic``, ``bearer``, ``service``, ``wsse`` and ``query_param``. See more examples at the :doc:`full configuration `. .. code-block:: yaml @@ -288,6 +288,11 @@ You can configure a client with authentication. Valid authentication types are factory: 'httplug.factory.guzzle6' plugins: ['httplug.plugin.authentication.my_wsse'] +.. warning:: + + Using query parameters for authentication is :ref:`not safe `. + The auth params will appear on the URL and we recommend to NOT log your request, especially on production side. + Special HTTP Clients ```````````````````` diff --git a/integrations/symfony-full-configuration.rst b/integrations/symfony-full-configuration.rst index 5d85260..a6a1c14 100644 --- a/integrations/symfony-full-configuration.rst +++ b/integrations/symfony-full-configuration.rst @@ -32,6 +32,10 @@ This page shows an example of all configuration values provided by the bundle. my_bearer: type: 'bearer' token: 'authentication_token_hash' + my_query_param: + type: 'query_param' + params: + access_token: '9zh987g86fg87gh978hg9g79' my_service: type: 'service' service: 'my_authentication_service' diff --git a/message/authentication.rst b/message/authentication.rst index f314662..57d815a 100644 --- a/message/authentication.rst +++ b/message/authentication.rst @@ -83,6 +83,8 @@ WSSE $authentication = new Wsse('username', 'password'); +.. _Authentication-QueryParams: + Query Params ************