本文是小编为大家收集整理的关于Symfony2 OAuth在提供令牌时一直给我一个登录页面的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。
问题描述
我已经设置了一个应用程序:
- friendsofsymfony/fosuserbundle
- friendsofsymfony/fosoauthserververbundle
- friendsofsymfony/fosrestbundle
我已经成功创建了一个客户端,可以使用这样的URL获得访问令牌
http://api.mydomain. com/oauth/v2/token?client_id = client_id&client_secret = client_secret&grant_type = password&username = mikebates&password = secret = secret
但是,当我尝试访问这样的A URL时 http://api.mydom.mydomain.com/api.com/api/api/api/surgeries/surgeries/surgeries/45/45/details ?access_token = access_token
我被重定向到Symfony登录页面,但是我不能拥有它或我构建的移动应用程序可以消耗此REST API无法访问.
我使用本教程来设置内容(在其中删除用户/用户repository类并将其更改以与fosuserbundle一起使用)http://blog.tankist.de/blog/2013/07/16/oauth2-explained-part-1-principles-和术语/
我不确定我告诉Symfony在哪里重定向到登录页面,我想更改该逻辑以从令牌上进行身份验证.
这是我的设置的概述
security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
...
login:
pattern: ^/secured/login$
security: false
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: fos_userbundle
check_path: _security_check
login_path: _demo_login
anonymous: true
api:
pattern: ^/api
fos_oauth: true
stateless: true
anonymous: false # can be omitted as its default value
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
- { path: ^/oauth/v2/auth_login, role: IS_AUTHENTICATED_ANONYMOUSLY }
config.yml
# FriendsOfSymfony : Rest
fos_rest:
disable_csrf_role: ROLE_API
param_fetcher_listener: true
view:
view_response_listener: 'force'
formats:
xml: true
json: true
templating_formats:
html: true
jsonp_handler: ~
format_listener:
rules:
- { path: ^/, priorities: [ html, jsonp, json, xml ], fallback_format: ~, prefer_extension: true }
exception:
codes:
'Symfony\Component\Routing\Exception\ResourceNotFoundException': 404
'Doctrine\ORM\OptimisticLockException': HTTP_CONFLICT
messages:
'Symfony\Component\Routing\Exception\ResourceNotFoundException': true
allowed_methods_listener: true
access_denied_listener:
json: true
body_listener: true
# FriendsOfSymfony : User
fos_user:
db_driver: orm
firewall_name: main
user_class: Incompass\UserBundle\Entity\Person
group:
group_class: Incompass\UserBundle\Entity\Group
# FriendsOfSymfony : OAuth
fos_oauth_server:
db_driver: orm
client_class: Incompass\AuthBundle\Entity\Client
access_token_class: Incompass\AuthBundle\Entity\AccessToken
refresh_token_class: Incompass\AuthBundle\Entity\RefreshToken
auth_code_class: Incompass\AuthBundle\Entity\AuthCode
service:
user_provider: fos_user.user_provider.username
options:
supported_scopes: user
推荐答案
我通过更改Security.yml
中的防火墙顺序解决了这一问题.firewalls:
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: fos_userbundle
check_path: /oauth/v2/auth_login_check
login_path: /oauth/v2/auth_login
anonymous: true
oauth_token:
pattern: ^/oauth/v2/token
security: false
api:
pattern: ^/api
fos_oauth: true
stateless: true
login:
pattern: ^/secured/login$
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/secured/
form_login:
provider: fos_userbundle
check_path: _security_check
login_path: _demo_login
logout:
path: _demo_logout
target: _demo
问题描述
I have setup an app with:
- FriendsOfSymfony/FOSUserBundle
- FriendsOfSymfony/FOSOAuthServerBundle
- FriendsOfSymfony/FOSRestBundle
I have successfully created a client and can get an access token using a url like this
However, when I then try to access the a url like this http://api.mydomain.com/api/surgeries/45/details?access_token=ACCESS_TOKEN
I get redirected to the symfony login page, but I can't have that or the mobile app I'm build to consume this REST API won't be able to get access.
I used this tutorial to set things up (removing the User / UserRepository classes in there and altering it to work with FOSUserBundle) http://blog.tankist.de/blog/2013/07/16/oauth2-explained-part-1-principles-and-terminology/
I'm not sure where I have told symfony to redirect to the login page, I want to change that logic to just authenticate from the token.
This is an overview of my setup
security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
...
login:
pattern: ^/secured/login$
security: false
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: fos_userbundle
check_path: _security_check
login_path: _demo_login
anonymous: true
api:
pattern: ^/api
fos_oauth: true
stateless: true
anonymous: false # can be omitted as its default value
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
- { path: ^/oauth/v2/auth_login, role: IS_AUTHENTICATED_ANONYMOUSLY }
config.yml
# FriendsOfSymfony : Rest
fos_rest:
disable_csrf_role: ROLE_API
param_fetcher_listener: true
view:
view_response_listener: 'force'
formats:
xml: true
json: true
templating_formats:
html: true
jsonp_handler: ~
format_listener:
rules:
- { path: ^/, priorities: [ html, jsonp, json, xml ], fallback_format: ~, prefer_extension: true }
exception:
codes:
'Symfony\Component\Routing\Exception\ResourceNotFoundException': 404
'Doctrine\ORM\OptimisticLockException': HTTP_CONFLICT
messages:
'Symfony\Component\Routing\Exception\ResourceNotFoundException': true
allowed_methods_listener: true
access_denied_listener:
json: true
body_listener: true
# FriendsOfSymfony : User
fos_user:
db_driver: orm
firewall_name: main
user_class: Incompass\UserBundle\Entity\Person
group:
group_class: Incompass\UserBundle\Entity\Group
# FriendsOfSymfony : OAuth
fos_oauth_server:
db_driver: orm
client_class: Incompass\AuthBundle\Entity\Client
access_token_class: Incompass\AuthBundle\Entity\AccessToken
refresh_token_class: Incompass\AuthBundle\Entity\RefreshToken
auth_code_class: Incompass\AuthBundle\Entity\AuthCode
service:
user_provider: fos_user.user_provider.username
options:
supported_scopes: user
推荐答案
I solved this by changing the order of the firewalls in security.yml
firewalls:
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: fos_userbundle
check_path: /oauth/v2/auth_login_check
login_path: /oauth/v2/auth_login
anonymous: true
oauth_token:
pattern: ^/oauth/v2/token
security: false
api:
pattern: ^/api
fos_oauth: true
stateless: true
login:
pattern: ^/secured/login$
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/secured/
form_login:
provider: fos_userbundle
check_path: _security_check
login_path: _demo_login
logout:
path: _demo_logout
target: _demo
更多相关问答
联系站长