From 0ac38198ab1c00dfb290d5631fa7c1cf5ac2a48a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= <nicolas@loeuillet.org>
Date: Mon, 9 Feb 2015 13:59:48 +0100
Subject: [PATCH] authentication on API

---
 app/config/security.yml                                   | 8 +++++---
 .../Security/Authentication/Provider/WsseProvider.php     | 6 ++++++
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/app/config/security.yml b/app/config/security.yml
index e161c3b53..4a798e56f 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -16,9 +16,11 @@ security:
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
     firewalls:
-        #wsse_secured:
-        #    pattern:   /api/.*
-        #    wsse:      true
+        wsse_secured:
+            pattern:      /api/.*
+            wsse:         true
+            stateless:    true
+            anonymous:    true
         login_firewall:
             pattern:    ^/login$
             anonymous:  ~
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
index 5499f4007..eaad9c633 100644
--- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
+++ b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
@@ -44,6 +44,12 @@ class WsseProvider implements AuthenticationProviderInterface
         if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
             throw new NonceExpiredException('Previously used nonce detected');
         }
+
+        // If cache directory does not exist we create it
+        if (!is_dir($this->cacheDir)) {
+            mkdir($this->cacheDir, 0777, true);
+        }
+
         file_put_contents($this->cacheDir.'/'.$nonce, time());
 
         // Valide le Secret