将FOSUserBundle与FOSOAuthServer集成时出错

时间:2013-10-17 18:33:33

标签: symfony oauth-2.0 fosuserbundle fosoauthserverbundle

我正在尝试将FOSUserBundleFOSOAuthServerBundle集成以保护我的RESTFul APIs,但我在访问登录页面时遇到以下错误,我是新手,所以我不知道如何摆脱这个错误。

这里我试图打开FOSUserBundle的登录表单,以便我可以登录并获取令牌

enter image description here

这是我的security.yml 

# FOR FOSUserBundle 

security:

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    encoders:
        "FOS\UserBundle\Model\UserInterface": sha512

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
            logout:       true
            anonymous:    true

    access_control:
        - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN


# FOR FOSOAuthServerBundle 

security:
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username
    firewalls:
        oauth_token:
            pattern:    ^/oauth/v2/token
            security:   false


        oauth_authorize:
            pattern:    ^/oauth/v2/auth
            form_login:
                 provider: fos_userbundle
                 check_path: /oauth/v2/auth/login_check
                 login_path: /oauth/v2/auth/login
            anonymous: true
            # Add your favorite authentication process here

        api:
            pattern:    ^/api
            fos_oauth:  true
            stateless:  true
            anonymous: true # can be omitted as its default value

    access_control:
           - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }

2 个答案:

答案 0 :(得分:4)

我相信你的security.yml应该是这样的:

security:
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    encoders:
        "FOS\UserBundle\Model\UserInterface": sha512

firewalls:
    oauth_token:
        pattern:    ^/oauth/v2/token
        security:   false


    oauth_authorize:
        pattern:    ^/oauth/v2/auth
        form_login:
             provider: fos_userbundle
             check_path: /oauth/v2/auth/login_check
             login_path: /oauth/v2/auth/login
        anonymous: true
        # Add your favorite authentication process here

    api:
        pattern:    ^/api
        fos_oauth:  true
        stateless:  true
        anonymous: true # can be omitted as its default value
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }
    - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

答案 1 :(得分:0)

您将通过在配置文件中第二次添加密钥来覆盖您的第一个security指令。

将两个配置(security.firewallssecurity.access_control,...)合并到一个security:指令中,你应该很高兴。

相关问题
最新问题