FOSOAuthServerBundle配置问题

时间:2015-04-04 15:42:38

标签: angularjs symfony fosuserbundle fosoauthserverbundle

为了安全起见,我正在FOSOAuthServerBundle和FOSUserBundles的帮助下使用angularjs前端和symfony后端构建应用程序。

注册工作正常,但重新登录有问题。当您提供用户名/密码时,身份验证工作正常并生成令牌,但当用户尝试使用令牌访问资源时,会再次向用户显示登录表单以进行登录。

我知道这是一个错误的配置,希望有人能够指出我的意思; - )

security.yml

security:
encoders:
    AppBundle\Entity\User:
        algorithm:        sha1
        encode_as_base64: false
        iterations:       1

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

providers:
    fos_userbundle:
        id: fos_user.user_provider.username


firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    oauth_token:
        pattern:    ^/oauth/v2/token
        security:   false

    oauth_authorize:
        pattern:    ^/oauth/v2/auth
        form_login:
            provider: fos_userbundle
            check_path: _security_check
            login_path: _demo_login
        anonymous: true

    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
        logout:       true
        anonymous:    true

    api:
        pattern:    ^/api
        fos_oauth:  true
        stateless:  true


access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }
    - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }

config.yml

fos_user:
    db_driver: orm
    firewall_name: main
    user_class: AppBundle\Entity\User

fos_oauth_server:
    db_driver: orm
    client_class:        AppBundle\Entity\Client
    access_token_class:  AppBundle\Entity\AccessToken
    refresh_token_class: AppBundle\Entity\RefreshToken
    auth_code_class:     AppBundle\Entity\AuthCode
    service:
        user_provider: fos_user.user_manager
        options:
            supported_scopes: user

0 个答案:

没有答案