0

I am trying to understand how HWIOauthBUndle works. I can see how the initial authorization request to a resource owner is built and made.

I do not see however, how a callback made from a resource owner triggers any controller/action in my application (which it most obviously does, though).

When following the generally available instructions, the callback will be made to something like <path to my app>/check-[resourceOwner], e.g. http://www.example.com/oauth/check-facebook.

In my routing.yml file, I put

facebook_login:
    pattern: /oauth/check-facebook

I don't see how any controller is associated with that route, so what actually happens when a callback is made to my application?

matt_jay
  • 1,241
  • 1
  • 15
  • 33

1 Answers1

0

The authentication provider system is one of the more complicated features. You will probably want to read through here: http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html

Callbacks are handled through a request listener. Specifically:

namespace HWI\Bundle\OAuthBundle\Security\Http\Firewall\OAuthListener;

use Symfony\Component\Security\Http\Firewall\AbstractAuthenticationListener;

class OAuthListener extends AbstractAuthenticationListener
{
public function requiresAuthentication(Request $request)
{
    // Check if the route matches one of the check paths
    foreach ($this->checkPaths as $checkPath) {
        if ($this->httpUtils->checkRequestPath($request, $checkPath)) {
            return true;
        }
    }

    return false;
}
protected function attemptAuthentication(Request $request)
{
    // Lots of good stuff here

How checkPaths get's initialized and how all the calls are made would require a very long explanation. But the authentication provider chapter will get you going.

Cerad
  • 48,157
  • 8
  • 90
  • 92