我已经跟踪this gist将Oauth添加到我的Symfony Restful API中,问题是我从服务器获取令牌后,我无法使其工作,只需获得401,任何人都可以帮助我?该项目(上次测试中的小变化除外)位于github。顺便说一下,我正在使用Symfony 3.1。
测试失败:
Authorization最后一个断言失败了,我尝试将标题更改为HTTP_AUTHORIZATION,curl -H 'X-Access-Token YjBkYTYzNmM5NTJjNzE1YTNlZDQ3NjliNjg2NWRjM12ZGQxZDg5Y2Q5NWVkM33zNjM5NjdmMTc0NmNiMTQ4NQ' '192.168.99.100/businesses'以及其他几个没有结果的标题。我也使用像security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
providers:
fos_userbundle:
id: fos_user.user_provider.username # fos_user.user_provider.username_email does not seem to work (OAuth-spec related ("username + password") ?)
firewalls:
docs: # Everyone can access the docs
pattern: ^/api/doc
security: false
oauth_token: # Everyone can access the access token URL.
pattern: ^/oauth/v2/token
security: false
anonymous: true
api:
pattern: ^/ # All URLs are protected
fos_oauth: true # OAuth2 protected resource
stateless: true # Do no set session cookies
anonymous: false # Anonymous access is not allowed
之类的CURL来测试它,但也不会用。
我的security.yml
fos_rest:
routing_loader:
default_format: json # All responses should be JSON formated
include_format: false # We do not include format in request, so that all responses
# will eventually be JSON formated
body_listener:
decoders:
json: fos_rest.decoder.json
fos_user:
db_driver: orm
firewall_name: api # Seems to be used when registering user/reseting password,
# but since there is no "login", as so it seems to be useless in
# our particular context, but still required by "FOSUserBundle"
user_class: Aescarcha\UserBundle\Entity\User
fos_oauth_server:
db_driver: orm
client_class: Aescarcha\OauthServerBundle\Entity\Client
access_token_class: Aescarcha\OauthServerBundle\Entity\AccessToken
refresh_token_class: Aescarcha\OauthServerBundle\Entity\RefreshToken
auth_code_class: Aescarcha\OauthServerBundle\Entity\AuthCode
service:
user_provider: fos_user.user_manager # This property will be used when valid credentials are given to load the user upon access token creation
`。
config.yml
{{1}}