FOSOAuthServerBundle and custom authentication provider

依然范特西╮ 提交于 2021-01-27 06:37:35

问题


Edit: Found the error. There is a tiny little peace of code in \vendor\friendsofsymfony\oauth-server-bundle\FOS\OAuthServerBundle\Resources\config\oauth.xml which says:

<argument type="service" id="fos_oauth_server.user_provider" on-invalid="null" />

So when your service definition in config.yml is wrong or just a typo (from the original docs)

If you're authenticating users, don't forget to set the user provider. Here's an example using the FOSUserBundle user provider:

# app/config/config.yml
fos_oauth_server:
    ...

    service:
        user_provider: fos_user.user_manager

you are lost. No error, no warning, the User Provider is just null. Thanks for reading this post anyway. I'll discuss that matter on github.

--

I'm building an OAuth2 server with the FOSOAuthServerBundle. Everything is up and running, as long as I request an access_token with grant_type=password and use a form_login with a custom UserProvider.

My security.yml looks like this.

security:
    providers:
        webservice:
            id: webservice_user_provider

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        oauth_authorize:
            pattern:    ^/oauth/v2/auth
            form_login:
                provider: webservice
                check_path: login_check
                login_path: login
            anonymous: true

        oauth_token:
            pattern:    ^/oauth/v2/token
            security:   false

        api:
            pattern:    ^/api
            fos_oauth:  true
            stateless:  true

        default:
            anonymous: ~

            form_login:
                provider: webservice
                login_path: /login
                check_path: /login_check

            logout:
                path:   /logout
                target: /

        login:
            pattern:  ^/login$
            security: false

As the custom user provider wasn't sufficient for my needs, I implemented a custom Authentication provider following this Tutorial. This one is also working, when I try to login with a standard login form. I changed security.yml to

    oauth_authorize:
        pattern:    ^/oauth/v2/auth
        webservice-login:
            provider: webservice
            check_path: login_check
            login_path: /login
        anonymous: true

        webservice-login:
            check_path: login_check
            login_path: /login
            provider: webservice

webservice-login comes from the SecurityFactory

class SecurityFactory extends FormLoginFactory
{
    public function getKey()
    {
        return 'webservice-login';
    }

    protected function getListenerId()
    {
        return 'security.authentication.listener.form';
    }

    protected function createAuthProvider(ContainerBuilder $container, $id, $config, $userProviderId)
    {
        $provider = 'security.authentication_provider.als_webservice.'.$id;
        $container
            ->setDefinition($provider, new DefinitionDecorator('security.authentication_provider.als_webservice'))
            ->replaceArgument(1, new Reference($userProviderId))
            ->replaceArgument(3, $id)
        ;

        return $provider;
    }
}

When I now try to obtain an access token, I get an error saying: Error:

Call to a member function loadUserByUsername() on a non-object in
vendor\friendsofsymfony\oauth-server-bundle\FOS\OAuthServerBundle\Storage\OAuthStorage.php at line 165.

So basically, the UserProvider is always null.

Does anybody know, what I'm doing wrong here? I'm totally stuck and any help is greatly appreciated!

来源:https://stackoverflow.com/questions/33374835/fosoauthserverbundle-and-custom-authentication-provider

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!