You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm struggling a bit to make the bundle work properly with sf5.2.3. For now i've managed to make a full authorization_code process working. Here the current security.yml, which is working with several OAuthclient (hwi, knp, wordpress)
security:
encoders:
App\Entity\User:
algorithm: auto
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: username
firewalls:
api_token:
pattern: ^/api/token$
security: false
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
lazy: true
provider: app_user_provider
guard:
authenticators:
- App\Security\AppLoginFormAuthenticator
logout:
path: app_logout
# where to redirect after logout
# target: app_any_route
api:
pattern: ^/api
security: true
stateless: true
oauth2: true
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/authorize, roles: IS_AUTHENTICATED_REMEMBERED }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/reset-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/, roles: ROLE_USER }
Sadly, as you may have noticed, i'm not using the api firewall, because "main" will take precedence. This is something i misread in the documentation. So i'm moving the api firewall up to have this security.yml:
security:
encoders:
App\Entity\User:
algorithm: auto
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: username
firewalls:
api_token:
pattern: ^/api/token$
security: false
api:
pattern: ^/api
security: true
stateless: true
oauth2: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
lazy: true
provider: app_user_provider
guard:
authenticators:
- App\Security\AppLoginFormAuthenticator
logout:
path: app_logout
# where to redirect after logout
# target: app_any_route
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/api/authorize, roles: IS_AUTHENTICATED_REMEMBERED }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/reset-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/, roles: ROLE_USER }
Once i'm here, i'm getting blank pages, with the following error:
[2021-02-28T13:25:45.531677+01:00] request.INFO: Matched route "oauth2_authorize". {"route":"oauth2_authorize","route_parameters":{"_route":"oauth2_authorize","_controller":"Trikoder\\Bundle\\OAuth2Bundle\\Controller\\AuthorizationController::indexAction"},"request_uri":"http://oauthserver.local/api/authorize?client_id=wordpressclient&redirect_uri=http%3A%2F%2Fwordpressoauthclient.local&response_type=code&scope=openid&state=Y3VzdG9tQXBw","method":"GET"} []
[2021-02-28T13:25:45.553326+01:00] security.INFO: An AuthenticationException was thrown; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationCredentialsNotFoundException(code: 0): A Token was not found in the TokenStorage. \\src\\vendor\\symfony\\security-http\\Firewall\\AccessListener.php:70)"} []
[2021-02-28T13:25:45.553550+01:00] security.DEBUG: Calling Authentication entry point. [] []
I'm kinda stuck there, and i don't really know how to debug that. My guess is i should be redirected to the guard login form ?
Any help would be appreciated or to point me in the correct direction.
Also i've tried to use the guard authenticator instead of oauth2: true but the service in the documentation is not found for Symfony.
The text was updated successfully, but these errors were encountered:
Hello everyone,
I'm struggling a bit to make the bundle work properly with sf5.2.3. For now i've managed to make a full authorization_code process working. Here the current security.yml, which is working with several OAuthclient (hwi, knp, wordpress)
Sadly, as you may have noticed, i'm not using the api firewall, because "main" will take precedence. This is something i misread in the documentation. So i'm moving the api firewall up to have this security.yml:
Once i'm here, i'm getting blank pages, with the following error:
I'm kinda stuck there, and i don't really know how to debug that. My guess is i should be redirected to the guard login form ?
Any help would be appreciated or to point me in the correct direction.
Also i've tried to use the guard authenticator instead of
oauth2: truebut the service in the documentation is not found for Symfony.The text was updated successfully, but these errors were encountered: