我正在尝试使用FOSUserBundle实现HWIOAuthBundle,以实现标准(登录和注册)和OAuth(登录和注册)。
我不知道如何敲定这个。
这是我的配置文件:
imports:
- { resource: parameters.yml }
- { resource: security.yml }
framework:
#esi: ~
translator: { fallback: "%locale%" }
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig']
#assets_version: SomeVersionScheme
default_locale: "%locale%"
trusted_hosts: ~
trusted_proxies: ~
session:
# handler_id set to null will use default session handler from php.ini
handler_id: ~
fragments: ~
http_method_override: true
# Twig Configuration
twig:
debug: "%kernel.debug%"
strict_variables: "%kernel.debug%"
globals:
title: %app_title%
contact: %app_contact%
# Assetic Configuration
assetic:
debug: "%kernel.debug%"
use_controller: false
bundles: [ ]
#java: /usr/bin/java
filters:
cssrewrite: ~
#closure:
# jar: "%kernel.root_dir%/Resources/java/compiler.jar"
#yui_css:
# jar: "%kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar"
# Doctrine Configuration
doctrine:
dbal:
driver: "%database_driver%"
host: "%database_host%"
port: "%database_port%"
dbname: "%database_name%"
user: "%database_user%"
password: "%database_password%"
charset: UTF8
# if using pdo_sqlite as your database driver, add the path in parameters.yml
# e.g. database_path: "%kernel.root_dir%/data/data.db3"
# path: "%database_path%"
#config.yml
orm:
auto_generate_proxy_classes: "%kernel.debug%"
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: "%mailer_transport%"
host: "%mailer_host%"
username: "%mailer_user%"
password: "%mailer_password%"
spool: { type: memory }
fos_user:
db_driver: orm
firewall_name: main
user_class: IService\MyFuckingBundles\UserBundle\Entity\User
registration:
confirmation:
enabled: false #change to true for production use!
hwi_oauth:
# name of the firewall in which this bundle is active, this setting MUST be set
firewall_name: social
connect:
confirmation: false
#account_connector: hwi_oauth.user.provider.fosub_bridge
#registration_form_handler: hwi_oauth.registration.form.handler.fosub_bridge
#registration_form: fos_user.registration.form
resource_owners:
facebook:
type: facebook
client_id: 11111111111111111
client_secret: abcdefg
scope: "email"
options:
display: popup
fosub:
# try 30 times to check if a username is available (foo, foo1, foo2 etc)
username_iterations: 30
# mapping between resource owners (see below) and properties
properties:
facebook: facebookID
# app/config/security.yml
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
remember_me:
key: %secret%
social:
pattern: ^/c
oauth:
failure_path: /c/connect
login_path: /c/connect
check_path: /c/connect
provider: fos_userbundle
resource_owners:
facebook: "/c/connect/check-facebook"
oauth_user_provider:
service: hwi_oauth.user.provider.fosub_bridge
anonymous: true
logout: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/c/connect, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
i_service_score_it_page:
resource: "@IServiceMyFuckingBundlesPageBundle/Controller/"
type: annotation
prefix: /
i_service_score_it_user:
resource: "@IServiceMyFuckingBundlesUserBundle/Controller/"
type: annotation
prefix: /
fos_user_security:
resource: "@FOSUserBundle/Resources/config/routing/security.xml"
fos_user_profile:
resource: "@FOSUserBundle/Resources/config/routing/profile.xml"
prefix: /profile
fos_user_register:
resource: "@FOSUserBundle/Resources/config/routing/registration.xml"
prefix: /register
fos_user_resetting:
resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"
prefix: /resetting
fos_user_change_password:
resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
prefix: /profile
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /c/connect
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /c/connect
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /c/connect
#HERE ADD FACEBOOK, TWITTER AND LINKEDIN SSO
hwi_facebook_login:
pattern: /c/connect/check-facebook
最后是我的User.php
<?php
/**
* Users
*
*/
namespace IService\MyFuckingBundles\UserBundle\Entity;
use FOS\UserBundle\Model\User as BaseUser;
use Doctrine\ORM\Mapping as ORM;
/**
* @ORM\Entity
* @ORM\Table(name="c_user")
*/
class User extends BaseUser
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
/** @ORM\Column(name="facebook_id", type="string", length=255, nullable=true) */
protected $facebookID;
/** @ORM\Column(name="facebook_access_token", type="string", length=255, nullable=true) */
protected $facebookAcessToken;
/** @ORM\Column(name="google_id", type="string", length=255, nullable=true) */
protected $googleID;
/** @ORM\Column(name="google_access_token", type="string", length=255, nullable=true) */
protected $googleAccessToken;
public function __construct()
{
parent::__construct();
// your own logic
}
public function getId(){
return $this->id;
}
/**
* Get Facebook_id
*/
public function getFacebookID(){
return $this->facebook_id;
}
/**
* set facebook Id
* @return User
*/
public function setFacebookID($facebook_id){
$this->facebook_id = $facebook_id;
return $this;
}
}
当我使用以下步骤尝试身份验证时: * url - &gt; / c / connect我有facebook连接链接 *单击它然后接受Facebook登录 *最后返回网站,我遇到此错误:没有名称为'check-facebook'的资源所有者
答案 0 :(得分:0)
首先,您可能对注册过程感到失望。我发现它非常拜占庭,最后放弃了。它需要两个不同的重定向URL(一个用于登录,一个用于连接),这并不是所有oauth服务器都支持的。 Facebook和Google这样做你应该没问题。我不认为twitter支持多次回调,或者如果确实如此,那么我无法让它工作。
无论如何,我发现我必须使用命名路由来检查登录内容(这与连接内容不同)
security.yml
...
oauth:
resource_owners:
facebook: facebook_login_check
google: google_login_check
routing.yml
facebook_login_check:
pattern: /login/check-facebook
google_login_check:
pattern: /login/check-google
我从未追踪过为什么,但我认为“%resource_owner%_login_check”在某处被硬编码并用于将回调路由与特定资源所有者匹配。
无论如何,给命名路线一个镜头,看看你是否通过了错误。如果确实如此,我怀疑你的乐趣才会开始。
=============================================== =============
更新1
我记得我还必须添加这些命名路线。不确定,但你可以试试。
routing.yml
github_connect:
pattern: /connect/github
google_connect:
pattern: /connect/google
twitter_connect:
pattern: /connect/twitter