1

I'm developing a website with Symfony2 which contains an API to access datas from the mobile app. I use FOSUserBundle for authentication on website, FOSRestBundle & FOSOAuthServerBundle for the API.

I followed the tutorials on http://blog.tankist.de/blog/2013/07/17/oauth2-explained-part-2-setting-up-oauth2-with-symfony2-using-fosoauthserverbundle/ to implement the bundle.

I use password as grant_type so I can log in to the API using the user's login/password combination. I successfully get an access_token from the bundle but when I try to access api with this token (e.g. /api/user?access_token=MY_TOKEN) I'm always being redirected to my website home page (which is my login page). I really don't know where I missed something.

Here is my configuration:

#app/Resources/config.yml
fos_oauth_server:
db_driver: orm
client_class: Cubbyhole\ApiBundle\Entity\Client
access_token_class: Cubbyhole\ApiBundle\Entity\AccessToken
refresh_token_class: Cubbyhole\ApiBundle\Entity\RefreshToken
auth_code_class: Cubbyhole\ApiBundle\Entity\AuthCode
service:
    user_provider: fos_user.user_manager

#app/Resources/security.yml
#Firewalls for OAuth2
    oauth_token:
        pattern: ^/oauth/v2/token
        security: false
    oauth_authorize:
        pattern: ^/oauth/v2/auth
        form_login:
            provider: fos_userbundle
            check_path: fos_user_security_check
            login_path: fos_user_security_login
        anonymous: true
    api:
        pattern: ^/api
        fos_oauth: true
        stateless: true

access_control:
- { path: ^/api/oauth/v2, roles: [ IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_ANONYMOUSLY ] }
- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
Jason Aller
  • 3,541
  • 28
  • 38
  • 38
Tinathnath
  • 69
  • 10
  • check your routing.yml file configuration once. Need to configure "fos_oauth_server_token" routing. – Gara May 16 '14 at 17:04
  • It was configured like this: `fos_oauth_server_token: resource: "@FOSOAuthServerBundle/Resources/config/routing/token.xml" fos_oauth_server_auhtorize: resource: "@FOSOAuthServerBundle/Resources/config/routing/authorize.xml"` – Tinathnath May 17 '14 at 09:17
  • I checked the log files, it says : `INFO - Populated SecurityContext with an anonymous Token DEBUG - Access is denied (user is not fully authenticated)` – Tinathnath May 17 '14 at 09:48
  • May I know which network it is. I mean Facebook or google ? – Gara May 17 '14 at 15:03
  • There are no networks, I'm trying to contact my own api server. – Tinathnath May 18 '14 at 09:40
  • Ok I found what was the issue. The firewalls have to be in a particular order so the api and fosuserbundle can work together. – Tinathnath May 20 '14 at 07:29
  • And which order is that? :) – aderuwe Mar 31 '15 at 10:33
  • It makes a long time. I could check when I'm back from work. But as I remember, it depends on how you organised your app. 'Cause SF2 "reads" the firewalls in order. – Tinathnath Mar 31 '15 at 14:29
  • Hi @aderuwe ! Here is my firewalls order `- { path: ^/api/oauth/v2/token, roles: [ IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_ANONYMOUSLY ] } - { path: ^/api/oauth/v2/auth, roles: [ IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_ANONYMOUSLY ] } - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_REMEMBERED] }` The rules for oauth have to be before the one for the api otherwise you just can't login. Hope this helps ;) – Tinathnath Apr 01 '15 at 10:51

0 Answers0