OverBlog top European blogging platform chose Symfony 2 for its brand new version.
Lear about their engineers feedbacks on how they design their software architecture based on Symfony 2.
The following points will be discussed:
- Dependency injection: Making a high speed transport layer with Apache Thrift into Symfony 2.
- Security Bundle: Integrating a Single Sign On
- Twig: Using Twig sandbox to jail custom OverBlog's users themes integration.
This presentation will be animated by Xavier HAUSHERR (CTO) and Gérald LONLAS (Project manager)
My INSURER PTE LTD - Insurtech Innovation Award 2024
The use of Symfony2 @ Overblog
1. The use of Symfony2
@ Overblog
By Xavier HAUSHERR and Gérald Lonlas
2. About Us
Xavier HAUSHERR Gerald LONLAS
CTO Project manager
Twitter: @xkobal Twitter: @geraldlonlas
3. What is OverBlog?
Born in 2004, OverBlog is the top leading European
blogging platform.
Was the first platform to share the revenue generated by
the audience.
It’s also:
2 millions blogs in 5 languages
35 millions uniques visitors per month
250 millions pages views per month
13th French site audience
50 servers to serve blogs
4. OverBlog before Symfony 2
The previous version of OverBlog is based on:
Jelix framework 1.1 Custom
PHP 5.2
Postgresql 8
Spread on 50 servers:
1 database master
11 databases slaves
38 hits and caches
5. OverBlog technical specifications
Capable of handling the load
Be scalable
Separate services: may be switch off
Reducing the pages execution time
Speed up data access
Stop with the monolith
Test driven development
Take pleasure to develop
6. PHP Frameworks
Jelix 1.3:
Small community
Product continuity
Zend framework 1:
Not full stack
Not a framework
Symfony 1:
End of life
not enough modular
performances
7. Why Symfony 2?
Full stack framework Young framework
Dependency injection Too few bundles
Good performances Strongly coupled with Doctrine
Twig & I18N Time/cost to learn
Symfony community
Sensio support
Team experience in Symfony 1
8. The use of Symfony2 @ Overblog
Service Oriented Architecture
9. Projects Distribution
One Symfony project for each part of the platform.
Each project must be independent and could be in any language
Administra-on Comments Core
Developer0
Portal Sta-s-cs
Center
Users00(SSO)
13. The use of Symfony2 @ Overblog
Transport Layer
14. First Try: JSON-RPC
Easy to code
REST is natively integrated into Symfony
Object must be rebuilt from JSON
No type validation
No standard
No data model
Poor performance
15. Some statistics about Web Services
Size (bytes)
Thrif - TCompactProtocol
Thrift - TBinaryProtocol
Protocol Buffers
Remote Method Invocation (RMI)
REST - JSON
REST - XML
0 100 200 300 400 500 600 700 800 900 1000
Average Wall Time for 10000 queries (s)
Thrif - TCompactProtocol
Thrift - TBinaryProtocol
Protocol Buffers
Remote Method Invocation (RMI)
REST - JSON
REST - XML
0 50 100 150 200 250 300 350 400
http://jnb.ociweb.com/jnb/jnbJun2009.html
16. Second Try: Apache Thrift
Developed by Facebook
Incubated by Apache Software Foundation
Object data model
Definition are compiled into classes and interfaces
Cross language
Basic type validation
Binary transfer
PHP extension
No Symfony integration
Obsolete PHP Library
Small community
17. Thrift Integration In Symfony
Client Server
1. Thrift fork
Give compatibility with Controler Business
Service
UniversalClassLoader
Real namespace usage
}
Thrift
Remove hardcoded inclusion Bundle
Generated code
2. We create a bundle to integrate Thrift into
Service
client
} Service
client
Symfony write () /
read ()
write () /
read ()
Dependency injection integration
Definitions are compiled at cache warmup TProtocol TProtocol
in cache directory
Autoloader or Factory to instantiate object TTransport TTransport
2 modes: HTTP Controller or Socket
daemon
Unit Tests
Input / Input /
output output
3. Work with developers to integrate these
modifications into the next Thrift release.
20. Thrift Integration In Symfony
namespace OverblogUserInternalApiBundleController;
use SymfonyBundleFrameworkBundleControllerController;
class UserController extends Controller
{
public function getUserAction($id)
{
try
{
$p = $this->get('thrift.client.user')
->getClient()
->getUserById($id);
}
catch (Exception $e)
{
throw $this->createNotFoundException();
}
}
}
21. Thrift Integration In Symfony
namespace OverblogUserInternalApiBundleApi;
use ThriftModelUserUserIf;
use OverblogThriftBundleApiExtensionsBaseExtension;
class UserExtension extends BaseExtension implements UserIf
{
public function getUserById($id)
{
return
$this->getInstance(
'ThriftModelUserUser',
array(
'id' => $id,
'email' => 'user@overblog.com',
'lang' => ThriftModelUserLang::FR
)
);
}
}
22. The use of Symfony2 @ Overblog
Security Bundle: Overblog SSO
23. Why a SSO ?
Need only one authentication for several services:
•Administration,
•Comments,
•Portal
•Public API (Mobile app)
Session must be checked in PHP or Javascript
Scalability.
Must be able to kill a session
Can be plugged with other system
24. SSO with Security Bundle
Use the Symfony Security Layer
One provider per service
Bundle creation to secure services
Main entry point is located on SSO
Logout disconnect from project and SSO
Token definition with rights embedded
Use RememberMe functionality to have long authentication
Catch security exception to return 401 instead of redirect
25. SSO Diagram
3. User is prompted to log in
User
1. User hit a
protected ressource
2. User is
redirected to SSO
5. User can now 4. SSO notifies the server that
access the ressource access has been granted by
redirecting user with token
26. The use of Symfony2 @ Overblog
Blog themes with Twig sandbox
27. Blog rendering
Functional specifications:
Allow the fully customization of themes
Friendly meta language
Sandbox the theme execution
Cache pages
Good performance
28. Why Twig?
The markup
Allow sandboxing & policies
Making our own filters
Compiling theme markup
Packed with Symfony 2
29. Twig usage
Twig_loader_string
No cache
Twig_loader_string
With cache
Temps : 5min\nLa plateforme européenne n°1\nLancement du nouvel OverBlog avant hier.\n
\n
Début de la réflexion : Septembre 2011\n
Temps : 2min\n
\n
\n
\n
\n
\n
\n
\n
\n
5 objet user & 1 objet phone\n
\n
Warmup => compilerpass\n
\n
\n
\n
\n
\n
\n
Provider : \nOverblog auth in Postgresql\nFacebook connect\n\nBundle: \n- On embarque le Authentication Provider pour valider le token\n- On utilise le voter pour la gestion des accès en fonction des droits\n
Le Token est la clé principale pour créer une session sur tous les projets\nEncryptage avec clé de manière forte RSA 2048bits\n\nTant que le token & remember-me n’ont pas expiré, \nle user est loggué et peux créer une session sur tous les services.\nEffacer le token invalide la sesion\n\n
temps : 5min\n
\n
\n
Twig Sanbox = Validation Theme\n Twig = Affichage\n - Performance\n - Filtre non autorisé a executer par OverBlog\n Loader = Twig_Loader_String\n\n
Twig_Extension_Sandbox\n - false = passe uniquement le HTML envoyé dans la sandbox\n - true = passe tous les templates par la sandbox\n - Custom = c’est une Twig_Function_Method fonction pour la methode Twig Custom(‘myTitle’)\n \n \ndans le themeservice bundle / theme serviceExtension\n   public function getFunctions()\n   {\n       return array(\n           'Custom' => new \\Twig_Function_Method(\n               $this,\n               'customMethod',\n               array('needs_environment' => true)\n           )\n       );\n   }\n \n \n
Twig_Sandbox_SecurityError ou Twig_Error_Syntax\n
temps : 2min\n
Outils de trad pour nos traduction\nOuverture des accès a des utilisateurs de confiance, puis la communauté\n