I have successfully installed HWIOAuthBundle. I login to Facebook with this bundle. After a successful login, I get no response. I see a blank screen.
My config file is:
hwi_oauth:
firewall_name: secured_area
resource_owners:
facebook:
type: facebook
client_id: xxxxxxx
client_secret: xxxxxxx
scope: "email"
infos_url: "https://graph.facebook.com/me?fields=id,name,email,picture.type(square)"
paths:
email: email
profilepicture: picture.data.url
My Security File is:
security:
providers:
hwi:
id: hwi_oauth.user.provider
firewalls:
secured_area:
anonymous: ~
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
use_forward: false
failure_path: /login
oauth_user_provider:
service: hwi_oauth.user.provider
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
My Routing file is:
hwi_oauth_redirect:
resource: "#HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
hwi_oauth_login:
resource: "#HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
facebook_login:
path: /login/check-facebook
google_login:
path: /login/check-google
custom_login:
path: /login/check-custom
Try this in your config:
security:
providers:
hwi:
id: hwi_oauth.user.provider
firewalls:
secured_area:
anonymous: ~
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
use_forward: false
failure_path: /login
#new line here
default_target_path: / #or something else /profile etc.
oauth_user_provider:
service: hwi_oauth.user.provider
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
Related
I'm using symfony2 for a website. I also using Fosuser and LexikJWT to connect by a webservice. I read the documentation of LexikJWT but it's doesn't work.
parameters.yml
jwt_private_key_path: %kernel.root_dir%/var/jwt/private.pem # ssh private key path
jwt_public_key_path: %kernel.root_dir%/var/jwt/public.pem # ssh public key path
jwt_key_pass_phrase: 'mypass' # ssh key pass phrase
jwt_token_ttl: 86400
routing.yml
fos_user:
resource: "#FOSUserBundle/Resources/config/routing/all.xml"
fos_user_change_password:
resource: "#FOSUserBundle/Resources/config/routing/change_password.xml"
prefix: /profile
admin:
resource: "#AppBundle/Resources/config/routing.php"
prefix: /
api_login_check:
path: /api/login_check
config.yml
fos_user:
db_driver: orm
firewall_name: main
user_class: AppBundle\Entity\User
registration:
confirmation:
enabled: true
service:
mailer: fos_user.mailer.default
lexik_jwt_authentication:
private_key_path: %jwt_private_key_path%
public_key_path: %jwt_public_key_path%
pass_phrase: %jwt_key_pass_phrase%
token_ttl: %jwt_token_ttl%
security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
main:
anonymous: true
pattern: ^/
form_login:
provider: fos_userbundle
#csrf_provider: fos_user.user_provider.username
logout: true
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# http_basic:
# realm: "REST Service Realm"
# provider: fos_userbundle
login:
pattern: ^/api/login
stateless: true
anonymous: true
#provider: fos_userbundle
form_login:
check_path: /api/login_check
login_path: fos_user_security_login
check_path: fos_user_security_check
username_parameter: username
password_parameter: password
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api/.*
stateless: true
lexik_jwt: ~
provider: fos_userbundle
# default:
# pattern: ^/
# http_basic:
# realm: "REST Service Realm"
# provider: fos_userbundle
# logout: true
# activate different ways to authenticate
# http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, role: ROLE_ADMIN }
- { path: ^/api/login, roles: ROLE_API }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
To get token, i put on the terminal :
curl -X POST -d '{"username": "xxxx", "password": "xxxxx"}' -H "Content-Type:application/json" http://myhost:8888/api/login_check
and it returns :
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta http-equiv="refresh" content="1;url=http://myhost:8888/login" />
<title>Redirecting to http://myhost:8888/login</title>
</head>
<body>
Redirecting to http://myhost:8888/login.
</body>
</html>
But i want a json response like :
{
"token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0MzQ3Mjc1MzYsInVzZXJuYW1lIjoia29ybGVvbiIsImlhdCI6IjE0MzQ2NDExMzYifQ.nh0L_wuJy6ZKIQWh6OrW5hdLkviTs1_bau2GqYdDCB0Yqy_RplkFghsuqMpsFls8zKEErdX5TYCOR7muX0aQvQxGQ4mpBkvMDhJ4-pE4ct2obeMTr_s4X8nC00rBYPofrOONUOR4utbzvbd4d2xT_tj4TdR_0tsr91Y7VskCRFnoXAnNT-qQb7ci7HIBTbutb9zVStOFejrb4aLbr7Fl4byeIEYgp2Gd7gY"
}
I don't understand ... anyone can help me ?
Thanks !!
EDIT : I saw the dev log and the error is :
Access denied, the user is not fully authenticated
I'm trying to install an old legacy system from a company I'm freelancing for, but I keep getting
InvalidConfigurationException in ArrayNode.php line 309: Unrecognized
option "oauth" under "security.firewalls.primary"
This code supposedly runs without errors elsewhere is there anything I'm missing? Here's my security.yml where there error is probably in:
imports:
- { resource: ../../../_common/config/security.yml }
security:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|bundles|assets)/
security: false
login:
context: primary
pattern: ^/account/login/$
anonymous: true
anonymous:
context: primary
pattern: ^/account/(register|login/reset-password).*
anonymous: true
primary:
pattern: ^/
form_login:
check_path: UserBundle:Front:loginCheck
login_path: UserBundle:Front:login
remember_me: true
csrf_provider: form.csrf_provider
remember_me:
key: '%secret%'
lifetime: 31536000 # 365 days in seconds
path: /
domain: ~
logout:
path: UserBundle:Front:logout
target: UserBundle:Front:login
oauth:
resource_owners:
facebook: /account/connect/check-facebook/
twitter: /account/connect/check-twitter/
login_path: UserBundle:Front:login
failure_path: UserBundle:Front:logout
oauth_user_provider:
service: user.oauth.manager
access_control:
- { path: ^/account/(login|register|connect), roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_ADMIN }
I'm trying to get FOSUserBundle and HWIOAuth working together for handle the authentication of two types of users: representatives and interns. The representatives ones would begin using HWIOAuth and would use Salesforce and internal FOSUserBundle.
I'm trying to set everything but I have problems because Symfony throws this error when I try to access the /login-salesforce or /admin routes.
InvalidConfigurationException in BaseNode.php line 313: Invalid
configuration for path "security.firewalls.admin_area": The check_path
"/login_check" for login method "form_login" is not matched by the
firewall pattern "^/admin".
This is the content of security.yml file:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_REPRESENTATIVE: [ROLE_USER]
ROLE_ADMIN: [ROLE_REPRESENTATIVE, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
#this is the secured area accessed through web browser and only internals are allowed to login
admin_area:
pattern: ^/admin
anonymous: ~
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /login
check_path: /login_check
post_only: true
always_use_default_target_path: true
target_path_parameter: _target_path
use_referer: false
failure_path: null
failure_forward: false
logout:
path: fos_user_security_logout
target: /
#this is the public area accessed by/from iOs app and only users registered at Salesforce as rep can login
rep_area:
methods: [GET, POST]
pattern: ^/
anonymous: true
logout: true
logout:
path: /logout
target: /
oauth:
resource_owners:
salesforce: "/login/check-salesforce"
login_path: /login
failure_path: /login
oauth_user_provider:
service: pdi_salesforce.oauth_user_provider
access_control:
- { path: ^/reptool, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_SUPER_ADMIN }
From HWIOAuth side I got everything setup, I think (can share if needed by someone). This is the content of routing.yml file:
#HWIOAuthBundle
hwi_oauth_redirect:
resource: "#HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
hwi_oauth_login:
resource: "#HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
salesforce_login:
pattern: /login/check-salesforce
#PDOne
pd_one:
resource: "#PDOneBundle/Controller/"
type: annotation
prefix: /
template:
resource: "#TemplateBundle/Controller/"
type: annotation
prefix: /
#FOSUserBundle
fos_user:
resource: "#FOSUserBundle/Resources/config/routing/all.xml"
#SonataAdmin
admin:
resource: '#SonataAdminBundle/Resources/config/routing/sonata_admin.xml'
prefix: /admin
_sonata_admin:
resource: .
type: sonata_admin
prefix: /admin
What else I am missing? Does any here get those two working together and can share their work to get it done?
Hohoho the problem is here
admin_area:
pattern: ^/admin
anonymous: ~
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /admin/login
check_path: /admin/login_check
post_only: true
always_use_default_target_path: true
target_path_parameter: _target_path
use_referer: false
failure_path: null
failure_forward: false
logout:
path: fos_user_security_logout
target: /
The login_path and check_path need to have /admin at the front.
I am settting up FOSUserBundle and HWIOAuthBundle("0.3.*#dev") to work with facebook and twitter.
I followed all documentation steps and facebook is working well but twitter doesn't work correctly. When I click to connect with twitter, it just redirects to my app login page.
Here are my configs:
routing.yml:
hwi_oauth_redirect:
resource: "#HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
facebook_login:
pattern: /login/check-facebook
twitter_login:
pattern: /login/check-twitter
security.yml:
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
oauth:
resource_owners:
facebook: "/login/check-facebook"
twitter: "/login/check-twitter"
login_path: /login
failure_path: /login
oauth_user_provider:
service: hwi_oauth.user.provider.fosub_bridge
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
access_control:
- { path: ^/connect, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, role: ROLE_ADMIN }
- { path: ^/panel, role: ROLE_USER }
config.yml:
hwi_oauth:
firewall_name: main
resource_owners:
facebook:
type: facebook
client_id: %oauth.facebook.client_id%
client_secret: %oauth.facebook.client_secret%
scope: "email"
options:
display: popup
twitter:
type: twitter
client_id: %oauth.twitter.client_id%
client_secret: %oauth.twitter.client_secret%
scope: ""
fosub:
username_iterations: 5
properties:
facebook: facebookId
twitter: twitterId
parameters:
hwi_oauth.user.provider.fosub_bridge.class: MyProject\UserBundle\Security\User\Provider\OauthProvider
Does anyone knows what I am missing?
The problem was the twitter callback url which was not configured in the twitter app config. After setting one callback url, it worked correctly.
i am using HWIOAuthBundle to integrate Facebook oAuth and when i update my schema i am getting following error
[Symfony\Component\Config\Definition\Exception\InvalidConfigurationException]
Unrecognized options "resource_owners" under "security.firewalls.oauth"
here is my security.yml and i really dont know what is this error
jms_security_extra:
secure_all_services: false
expressions: true
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
# administrators:
# entity: { class: NotificaHomeBundle:TbNotificaUser }
encoders:
"FOS\UserBundle\Model\UserInterface": sha512
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /login
check_path: /login_check
logout: true
anonymous: true
oauth:
resource_owners:
facebook: "/login/check-facebook"
oauth_user_provider:
#this is my custom user provider, created from FOSUBUserProvider - will manage the
#automatic user registration on your site, with data from the provider (facebook. google, etc.)
service: my_user_provider
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: fos_userbundle
check_path: /oauth/v2/auth/login_check
login_path: /oauth/v2/auth/login
anonymous: true
# Add your favorite authentication process here
api:
pattern: ^/api
fos_oauth: true
stateless: true
anonymous: true # can be omitted as its default value
# admin_area:
# pattern: ^/xadmin
# http_basic: ~
access_control:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
- { path: ^/notifica/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
# - { path: ^/xadmin/, role: ROLE_ADMIN }
- { path: ^/api, roles: [ IS_AUTHENTICATED_ANONYMOUSLY ] }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
Your identation is wrong. YAML files are based on identation.
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /login
check_path: /login_check
oauth:
resource_owners:
facebook: "/login/check-facebook"
google: "/login/check-google"
login_path: /login
failure_path: /login
oauth_user_provider:
#this is my custom user provider, created from FOSUBUserProvider - will manage the
#automatic user registration on your site, with data from the provider (facebook. google, etc.)
service: my_user_provider