Question

我在HWIOAuthBundle（FOSUserBundle整合。）

时遇到问题

点击链接/connect/google，会出现此屏幕。（屏幕模糊，因为它是客户的电子邮件）

然后返回回调网址/login/check-google

重定向到/login并显示此消息

An authentication exception occurred.

如果我直接输入/login/check-google，则不会发生任何事情，只会重定向到login。

我不清楚/login/check-google页面上的内容。

我该怎么检查??? （我在这个问题上坚持了一个星期，我刷新并更新了文章。）

我的环境

Symfony 2.8.14
HWIOAuthBundle 0.6.0
FOSUserBundle 2.0.1

security.yml

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_token_generator: security.csrf.token_manager
                # if you are using Symfony < 2.8, use the following config instead:
                # csrf_provider: form.csrf_provider

            logout:       true
            anonymous:    true
            oauth:
                resource_owners:
                    google:             "/login/check-google"
                login_path:        /login
                use_forward:       false
                failure_path:      /login
                oauth_user_provider:
                    service: my_user_provider
        login:
            pattern:  ^/login$
            security: false

    access_control:
         - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }

config.yml

hwi_oauth:
    connect:
        account_connector: my_user_provider
    firewall_names: [main]
    fosub:
        username_iterations: 30
        properties:
            google: google_id
    resource_owners:
        google:
            type:                google
            client_id:           XXXXXXXX
            client_secret:       XXXXXXXXXX
            scope:               "email profile"

service.xml中

    <parameters>
     <parameter key="my_user_provider.class">Acme\UserBundle\Security\Core\User\FOSUBUserProvider</parameter>
    </parameters>
    <services>
          <service id="my_user_provider" class="%my_user_provider.class%">
            <argument type="service" id="fos_user.user_manager"/>
            <argument type="service" id="service_container" />

            <argument type="collection">
                <argument key="google">google_id</argument>       
            </argument>   
        </service>
    </services>

的routing.yml

admin_area:
    resource: "@SonataAdminBundle/Resources/config/routing/sonata_admin.xml"
    prefix: /admin

_sonata_admin:
    resource: .
    type: sonata_admin
    prefix: /admin

acme_member:
    resource: "@AcmeMemberBundle/Resources/config/routing.yml"
    prefix:   /member

_user_bundle:
    resource: "@UserBundle/Resources/config/routing.yml"

acme_top:
    resource: "@AcmeTopBundle/Resources/config/routing.yml"
    prefix:   /

fos_user_group:
    resource: "@FOSUserBundle/Resources/config/routing/group.xml"
    prefix: /group


sonata_page_cache:
    resource: '@SonataCacheBundle/Resources/config/routing/cache.xml'
    prefix: /

#HWIOAuthBundle routes
hwi_oauth_security:
    resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
    prefix: /login

hwi_oauth_connect:
    resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
    prefix: /connect

hwi_oauth_redirect:
    resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
    prefix:   /connect

facebook_login:
    path: /login/check-facebook

google_login:
    path: /login/check-google


fos_js_routing:
  resource: "@FOSJsRoutingBundle/Resources/config/routing/routing.xml"

Answer 1

我解决了我的问题。

降级＆gt;＆gt;＆gt; HWIAuthBundle 0.4.3

并在config.yml

中添加

hwi_oauth:
    http_client:
        verify_peer: false

这是因为https / http不同。 Google请求https。但是它会跳过https验证。

也检查最后的评论。

https://github.com/hwi/HWIOAuthBundle/issues/1024

Answer 2

我不知道自从上次回答以来hwi/oauth-bundle是否已更改，但是现在不需要降级该软件包了。

实际上http_client选项已在0.6.x版本中删除，因为内部Http客户端已被HttplugBundle取代。

此处的官方文档中介绍了禁用“ verify_peer”选项的正确方法：https://github.com/hwi/HWIOAuthBundle/blob/master/Resources/doc/internals/configuring_the_http_client.md

HWIOAuthBundle`发生了身份验证异常

2 个答案: