The use of Symfony2    @ Overblog By Xavier HAUSHERR and Gérald Lonlas
About UsXavier HAUSHERR     Gerald LONLASCTO                 Project manager Twitter: @xkobal    Twitter: @geraldlonlas
What is OverBlog?Born in 2004, OverBlog is the top leading Europeanblogging platform.Was the first platform to share the re...
OverBlog before Symfony 2The previous version of OverBlog is based on:   Jelix framework 1.1 Custom   PHP 5.2   Postgresql...
OverBlog technical specifications  Capable of handling the load  Be scalable  Separate services: may be switch off  Reducin...
PHP FrameworksJelix 1.3:      Small community     Product continuityZend framework 1:    Not full stack     Not a framewor...
Why Symfony 2?Full stack framework           Young frameworkDependency injection           Too few bundlesGood performance...
The use of Symfony2 @ OverblogService Oriented Architecture
Projects DistributionOne Symfony project for each part of the platform.Each project must be independent and could be in an...
Software Used
Projects Distribution
Service Architecture       www                      Internal                                  API          Front End      ...
The use of Symfony2 @ Overblog       Transport Layer
First Try: JSON-RPCEasy to codeREST is natively integrated into SymfonyObject must be rebuilt from JSONNo type validationN...
Some statistics about Web Services                                                            Size (bytes)      Thrif - TC...
Second Try: Apache ThriftDeveloped by FacebookIncubated by Apache Software FoundationObject data modelDefinition are compil...
Thrift Integration In Symfony                                                  Client                             Server1....
Thrift Definitionnamespace php ThriftModel.Usernamespace java com.overblog.thriftModel.userinclude "Generic/Image.thrift"ex...
Thrift Integration In Symfony services:      overblog_api.extension.user:           class: OverblogUserInternalApiBundleAp...
Thrift Integration In Symfonynamespace OverblogUserInternalApiBundleController;use SymfonyBundleFrameworkBundleControllerC...
Thrift Integration In Symfonynamespace OverblogUserInternalApiBundleApi;use ThriftModelUserUserIf;use OverblogThriftBundle...
The use of Symfony2 @ OverblogSecurity Bundle: Overblog SSO
Why a SSO ?Need only one authentication for several services:•Administration,•Comments,•Portal•Public API (Mobile app)Sess...
SSO with Security BundleUse the Symfony Security LayerOne provider per serviceBundle creation to secure servicesMain entry...
SSO Diagram                       3. User is prompted to log inUser               1. User hit a               protected re...
The use of Symfony2 @ OverblogBlog themes with Twig sandbox
Blog renderingFunctional specifications:   Allow the fully customization of themes   Friendly meta language   Sandbox the t...
Why Twig?The markupAllow sandboxing & policiesMaking our own filtersCompiling theme markupPacked with Symfony 2
Twig usage             Twig_loader_string                 No cache              Twig_loader_string                 With ca...
Sandbox configuration# Twig sandbox policy parameters  sandbox_policy.tags: [if,list]  sandbox_policy.filters: [capitalize,...
Evaluate Twig markup  $source = <html>.....</html>;  require_once /path/to/lib/Twig/Autoloader.php;  Twig_Autoloader::regi...
The use of Symfony2 @ Overblog     Internationalization
InternationalizationOverBlog is ported in 5 languages English, French, Spanish, Italian, GermanOur best combo XLIFF format...
XLIFF markupXLIFF generated by Pootle<trans-unit id="january" approved="yes">  <source>january</source>  <target state="tr...
Thanks for your time                Questions?   Take some time to create your blog on           en.over-blog.com
LinksThrift fork: https://github.com/ebuzzing/thriftThrift bundle: https://github.com/ebuzzing/OverblogThriftBundleJIRA: h...
Upcoming SlideShare
Loading in …5
×

The use of Symfony2 @ Overblog

6,697 views

Published on

OverBlog top European blogging platform chose Symfony 2 for its brand new version.

Lear about their engineers feedbacks on how they design their software architecture based on Symfony 2.

The following points will be discussed:
- Dependency injection: Making a high speed transport layer with Apache Thrift into Symfony 2.
- Security Bundle: Integrating a Single Sign On
- Twig: Using Twig sandbox to jail custom OverBlog's users themes integration.

This presentation will be animated by Xavier HAUSHERR (CTO) and Gérald LONLAS (Project manager)

Published in: Technology, Education
0 Comments
11 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
6,697
On SlideShare
0
From Embeds
0
Number of Embeds
236
Actions
Shares
0
Downloads
59
Comments
0
Likes
11
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • Temps : 5min\nLa plateforme europ&amp;#xE9;enne n&amp;#xB0;1\nLancement du nouvel OverBlog avant hier.\n
  • \n
  • D&amp;#xE9;but de la r&amp;#xE9;flexion : Septembre 2011\n
  • Temps : 2min\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • 5 objet user &amp; 1 objet phone\n
  • \n
  • Warmup =&gt; compilerpass\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Provider : \nOverblog auth in Postgresql\nFacebook connect\n\nBundle: \n- On embarque le Authentication Provider pour valider le token\n- On utilise le voter pour la gestion des acc&amp;#xE8;s en fonction des droits\n
  • Le Token est la cl&amp;#xE9; principale pour cr&amp;#xE9;er une session sur tous les projets\nEncryptage avec cl&amp;#xE9; de mani&amp;#xE8;re forte RSA 2048bits\n\nTant que le token &amp; remember-me n&amp;#x2019;ont pas expir&amp;#xE9;, \nle user est loggu&amp;#xE9; et peux cr&amp;#xE9;er une session sur tous les services.\nEffacer le token invalide la sesion\n\n
  • temps : 5min\n
  • \n
  • \n
  • Twig Sanbox = Validation Theme\n Twig = Affichage\n - Performance\n - Filtre non autoris&amp;#xE9; a executer par OverBlog\n Loader = Twig_Loader_String\n\n
  • Twig_Extension_Sandbox\n - false = passe uniquement le HTML envoy&amp;#xE9; dans la sandbox\n - true = passe tous les templates par la sandbox\n - Custom = c&amp;#x2019;est une Twig_Function_Method fonction pour la methode Twig Custom(&amp;#x2018;myTitle&amp;#x2019;)\n \n \ndans le themeservice bundle / theme serviceExtension\n&amp;#xA0; &amp;#xA0;public function getFunctions()\n&amp;#xA0; &amp;#xA0;{\n&amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0;return array(\n&amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0;&apos;Custom&apos; =&gt; new \\Twig_Function_Method(\n&amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0;$this,\n&amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0;&apos;customMethod&apos;,\n&amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0;array(&apos;needs_environment&apos; =&gt; true)\n&amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0;)\n&amp;#xA0; &amp;#xA0; &amp;#xA0; &amp;#xA0;);\n&amp;#xA0; &amp;#xA0;}\n \n \n
  • Twig_Sandbox_SecurityError ou Twig_Error_Syntax\n
  • temps : 2min\n
  • Outils de trad pour nos traduction\nOuverture des acc&amp;#xE8;s a des utilisateurs de confiance, puis la communaut&amp;#xE9;\n
  • \n
  • \n
  • \n
  • The use of Symfony2 @ Overblog

    1. 1. The use of Symfony2 @ Overblog By Xavier HAUSHERR and Gérald Lonlas
    2. 2. About UsXavier HAUSHERR Gerald LONLASCTO Project manager Twitter: @xkobal Twitter: @geraldlonlas
    3. 3. What is OverBlog?Born in 2004, OverBlog is the top leading Europeanblogging platform.Was the first platform to share the revenue generated bythe audience.It’s also: 2 millions blogs in 5 languages 35 millions uniques visitors per month 250 millions pages views per month 13th French site audience 50 servers to serve blogs
    4. 4. OverBlog before Symfony 2The previous version of OverBlog is based on: Jelix framework 1.1 Custom PHP 5.2 Postgresql 8Spread on 50 servers: 1 database master 11 databases slaves 38 hits and caches
    5. 5. OverBlog technical specifications Capable of handling the load Be scalable Separate services: may be switch off Reducing the pages execution time Speed up data access Stop with the monolith Test driven development Take pleasure to develop
    6. 6. PHP FrameworksJelix 1.3: Small community Product continuityZend framework 1: Not full stack Not a frameworkSymfony 1: End of life not enough modular performances
    7. 7. Why Symfony 2?Full stack framework Young frameworkDependency injection Too few bundlesGood performances Strongly coupled with DoctrineTwig & I18N Time/cost to learnSymfony communitySensio supportTeam experience in Symfony 1
    8. 8. The use of Symfony2 @ OverblogService Oriented Architecture
    9. 9. Projects DistributionOne Symfony project for each part of the platform.Each project must be independent and could be in any language Administra-on Comments Core Developer0 Portal Sta-s-cs Center Users00(SSO)
    10. 10. Software Used
    11. 11. Projects Distribution
    12. 12. Service Architecture www Internal API Front End Web Project API Databases
    13. 13. The use of Symfony2 @ Overblog Transport Layer
    14. 14. First Try: JSON-RPCEasy to codeREST is natively integrated into SymfonyObject must be rebuilt from JSONNo type validationNo standardNo data model Poor performance
    15. 15. Some statistics about Web Services Size (bytes) Thrif - TCompactProtocol Thrift - TBinaryProtocol Protocol BuffersRemote Method Invocation (RMI) REST - JSON REST - XML 0 100 200 300 400 500 600 700 800 900 1000 Average Wall Time for 10000 queries (s) Thrif - TCompactProtocol Thrift - TBinaryProtocol Protocol BuffersRemote Method Invocation (RMI) REST - JSON REST - XML 0 50 100 150 200 250 300 350 400 http://jnb.ociweb.com/jnb/jnbJun2009.html
    16. 16. Second Try: Apache ThriftDeveloped by FacebookIncubated by Apache Software FoundationObject data modelDefinition are compiled into classes and interfacesCross languageBasic type validationBinary transferPHP extensionNo Symfony integrationObsolete PHP LibrarySmall community
    17. 17. Thrift Integration In Symfony Client Server1. Thrift fork Give compatibility with Controler Business Service UniversalClassLoader Real namespace usage } Thrift Remove hardcoded inclusion Bundle Generated code2. We create a bundle to integrate Thrift into Service client } Service client Symfony write () / read () write () / read () Dependency injection integration Definitions are compiled at cache warmup TProtocol TProtocol in cache directory Autoloader or Factory to instantiate object TTransport TTransport 2 modes: HTTP Controller or Socket daemon Unit Tests Input / Input / output output3. Work with developers to integrate these modifications into the next Thrift release.
    18. 18. Thrift Definitionnamespace php ThriftModel.Usernamespace java com.overblog.thriftModel.userinclude "Generic/Image.thrift"exception InvalidValueException{ 1: i32 code, 2: string message}enum Lang{ FR, EN}struct User{ 1: i64 id, 2: string email, 3: optional string password, 4: optional Image avatar}service UserService{ User getUserById(1: i64 id) throws (1: InvalidValueException e), bool deleteUser(1: i64 id) throws (1: InvalidValueException e)}
    19. 19. Thrift Integration In Symfony services: overblog_api.extension.user: class: OverblogUserInternalApiBundleApiUserExtension arguments: [@service_container] tags: -: { name: "thrift.extension" } overblog_thrift: services: user: definition: User namespace: ThriftModelUser bundleNameIn: OverblogCommonBundle server: true servers: user: service: user handler: overblog_api.extension.user clients: comment: service: user type: http hosts: comment: host: 192.168.0.1 port: 8080
    20. 20. Thrift Integration In Symfonynamespace OverblogUserInternalApiBundleController;use SymfonyBundleFrameworkBundleControllerController;class UserController extends Controller{ public function getUserAction($id) { try { $p = $this->get(thrift.client.user) ->getClient() ->getUserById($id); } catch (Exception $e) { throw $this->createNotFoundException(); } }}
    21. 21. Thrift Integration In Symfonynamespace OverblogUserInternalApiBundleApi;use ThriftModelUserUserIf;use OverblogThriftBundleApiExtensionsBaseExtension;class UserExtension extends BaseExtension implements UserIf{ public function getUserById($id) { return $this->getInstance( ThriftModelUserUser, array( id => $id, email => user@overblog.com, lang => ThriftModelUserLang::FR ) ); }}
    22. 22. The use of Symfony2 @ OverblogSecurity Bundle: Overblog SSO
    23. 23. Why a SSO ?Need only one authentication for several services:•Administration,•Comments,•Portal•Public API (Mobile app)Session must be checked in PHP or JavascriptScalability.Must be able to kill a sessionCan be plugged with other system
    24. 24. SSO with Security BundleUse the Symfony Security LayerOne provider per serviceBundle creation to secure servicesMain entry point is located on SSOLogout disconnect from project and SSOToken definition with rights embeddedUse RememberMe functionality to have long authenticationCatch security exception to return 401 instead of redirect
    25. 25. SSO Diagram 3. User is prompted to log inUser 1. User hit a protected ressource 2. User is redirected to SSO5. User can now 4. SSO notifies the server thataccess the ressource access has been granted by redirecting user with token
    26. 26. The use of Symfony2 @ OverblogBlog themes with Twig sandbox
    27. 27. Blog renderingFunctional specifications: Allow the fully customization of themes Friendly meta language Sandbox the theme execution Cache pages Good performance
    28. 28. Why Twig?The markupAllow sandboxing & policiesMaking our own filtersCompiling theme markupPacked with Symfony 2
    29. 29. Twig usage Twig_loader_string No cache Twig_loader_string With cache
    30. 30. Sandbox configuration# Twig sandbox policy parameters sandbox_policy.tags: [if,list] sandbox_policy.filters: [capitalize, date, default, upper, lower] sandbox_policy.function: [Custom] sandbox_policy.properties: {} sandbox_policy.methods: OverblogThemeServiceBundleModelBlogInterface: - getTitle - getUrl# Init Sandbox parameterstwig.extension.sandbox.policy: class: Twig_Sandbox_SecurityPolicy arguments: [ %sandbox_policy.tags%, %sandbox_policy.filters%,%sandbox_policy.methods%, %sandbox_policy.properties%,%sandbox_policy.function% ]# Enable Twig Sandbox extensiontwig.extension.sandbox: class: Twig_Extension_Sandbox arguments: [@twig.extension.sandbox.policy, false]
    31. 31. Evaluate Twig markup $source = <html>.....</html>; require_once /path/to/lib/Twig/Autoloader.php; Twig_Autoloader::register(); $loader = new Twig_Loader_String(); $twig = new Twig_Environment($loader, array( cache => false, )); $sandboxExtension = new Twig_Extension_Sandbox(); $sandboxExtension->enableSandbox(); $twig->addExtension($sandboxExtension); try { // Evaluate theme with Twig Sandbox $twig->loadTemplate($source)->render( $this->getMockParams() ); } catch (Twig_Sandbox_SecurityError $e) { throw new Exception(Syntax not allowed); }
    32. 32. The use of Symfony2 @ Overblog Internationalization
    33. 33. InternationalizationOverBlog is ported in 5 languages English, French, Spanish, Italian, GermanOur best combo XLIFF format. Pootle opensource tool
    34. 34. XLIFF markupXLIFF generated by Pootle<trans-unit id="january" approved="yes"> <source>january</source> <target state="translated">January</target></trans-unit>
    35. 35. Thanks for your time Questions? Take some time to create your blog on en.over-blog.com
    36. 36. LinksThrift fork: https://github.com/ebuzzing/thriftThrift bundle: https://github.com/ebuzzing/OverblogThriftBundleJIRA: https://issues.apache.org/jira/browse/THRIFT-1615Pootle: http://translate.sourceforge.net/wiki/pootle/index

    ×