0

I'm trying to get FOSUserBundle and HWIOAuth working together for handle the authentication of two types of users: representatives and interns. The representatives ones would begin using HWIOAuth and would use Salesforce and internal FOSUserBundle.

I'm trying to set everything but I have problems because Symfony throws this error when I try to access the /login-salesforce or /admin routes.

InvalidConfigurationException in BaseNode.php line 313: Invalid configuration for path "security.firewalls.admin_area": The check_path "/login_check" for login method "form_login" is not matched by the firewall pattern "^/admin".

This is the content of security.yml file:

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_REPRESENTATIVE:        [ROLE_USER]
        ROLE_ADMIN:                 [ROLE_REPRESENTATIVE, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        #this is the secured area accessed through web browser and only internals are allowed to login
        admin_area:
            pattern:    ^/admin
            anonymous:    ~
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                login_path: /login
                check_path: /login_check
                post_only: true
                always_use_default_target_path: true
                target_path_parameter: _target_path
                use_referer: false
                failure_path: null
                failure_forward: false
            logout:
                path:   fos_user_security_logout
                target: /

        #this is the public area accessed by/from iOs app and only users registered at Salesforce as rep can login
        rep_area:
            methods: [GET, POST]
            pattern: ^/
            anonymous: true
            logout: true
            logout:
                path:   /logout
                target: /
            oauth:
                resource_owners:
                    salesforce: "/login/check-salesforce"
                login_path: /login
                failure_path: /login
                oauth_user_provider:
                    service: pdi_salesforce.oauth_user_provider

    access_control:
        - { path: ^/reptool, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_SUPER_ADMIN }

From HWIOAuth side I got everything setup, I think (can share if needed by someone). This is the content of routing.yml file:

#HWIOAuthBundle
hwi_oauth_redirect:
    resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
    prefix:   /connect

hwi_oauth_login:
    resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
    prefix:   /login

salesforce_login:
    pattern: /login/check-salesforce

#PDOne
pd_one:
    resource: "@PDOneBundle/Controller/"
    type:     annotation
    prefix:   /

template:
    resource: "@TemplateBundle/Controller/"
    type:     annotation
    prefix:   /

#FOSUserBundle
fos_user:
    resource: "@FOSUserBundle/Resources/config/routing/all.xml"

#SonataAdmin
admin:
    resource: '@SonataAdminBundle/Resources/config/routing/sonata_admin.xml'
    prefix: /admin

_sonata_admin:
    resource: .
    type: sonata_admin
    prefix: /admin

What else I am missing? Does any here get those two working together and can share their work to get it done?

ReynierPM
  • 17,594
  • 53
  • 193
  • 363

1 Answers1

1

Hohoho the problem is here 

admin_area:
        pattern:    ^/admin
        anonymous:    ~
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            login_path: /admin/login
            check_path: /admin/login_check
            post_only: true
            always_use_default_target_path: true
            target_path_parameter: _target_path
            use_referer: false
            failure_path: null
            failure_forward: false
        logout:
            path:   fos_user_security_logout
            target: /

The login_path and check_path need to have /admin at the front.

Squeegy
  • 869
  • 9
  • 20
  • 1
    Can't believe I didn't see that earlier. Hahaha, had to setup a dummy test just to catch that. Hope this helps. – Squeegy May 01 '15 at 17:11
  • You're right now it works apparently. Can I chat with you over Hangouts (reynierpm at gmail dot com) I need to ask you something around HWIOAuth bundle since this is my first time and don't know how to deal with this and I think is not proper just ask here before trying anything – ReynierPM May 01 '15 at 17:12
  • I haven't used HWIOauth but I'll help where I can. I sent you a message @ReynierPM – Squeegy May 01 '15 at 17:17