对不起,我的英语不好,
我尝试在symfony 4中创建客户端服务器身份验证。在我的服务器应用中,我正在使用FOSOauthServerBundle
用于身份验证,这是我用于服务器应用程序中登录页面控制器的源代码:
/**
* @Route("/ptioauth/{clientId}/{clientSecret}/{redirectUri}", name="signin_oauth")
*/
public function oauth(Request $request)
{
list($id, $random_id) = explode("_", $request->get('clientId'));
$qb = $this->entityManager->createQueryBuilder()->select('this')->from(Client::class, 'this')
->where('this.id = :id')->setParameter('id', $id);
$client = $qb->getQuery()->getOneOrNullResult();
if(!$client) {
return $this->json(['valid' => false, 'messages' => 'clientId is not valid']);
}
if($client->getRandomId() != $random_id) {
return $this->json(['valid' => false, 'messages' => 'clientId is not valid']);
}
if($client->getSecret() != $request->get('clientSecret')) {
return $this->json(['valid' => false, 'messages' => 'clientSecret is not valid']);
}
if(empty($request->get('redirectUri'))) {
return $this->json(['valid' => false, 'messages' => 'redirectUri is required']);
}
$form = $this->createFormBuilder()
->add('_username', TextType::class, ['label' => 'username', 'attr' => ['class' => 'form-control']])
->add('_password', PasswordType::class, ['label' => 'password', 'attr' => ['class' => 'form-control']])->getForm();
$form->handleRequest($request);
if ($form->isSubmitted()) {
if($form->isValid()) {
$data = $form->getData();
$request->request->set('client_id', $request->get('clientId'));
$request->request->set('client_secret', $request->get('clientSecret'));
$request->request->set('grant_type', 'password');
$request->request->set('username', $data['_username']);
$request->request->set('password', $data['_password']);
try {
$server = $this->get('app.oauth_server.server');
$response = $server->grantAccessToken($request);
$tokens = json_decode($response->getContent(), true);
$qb = $this->entityManager->createQueryBuilder()->select('this')->from(User::class, 'this')
->where('this.username = :username')->setParameter('username', $data['_username']);
$fos_user = $qb->getQuery()->getOneOrNullResult();
if($fos_user){
$tokens['user'] = $fos_user->getUserData();
}
$tokens['redirect_uri'] = $request->get('redirectUri');
return $this->json($tokens);
} catch (OAuth2ServerException $e) {
return $e->getHttpResponse();
}
}else{
$this->addFlash('error', $this->getTranslator()->trans('messages.error'));
}
}
return $this->render('security/oauth.html.twig', [
'form' => $form->createView(),
'error' => null
]);
}
这是提交表单后的结果:
{
"access_token": "MzZkZTI5NjZiMGIzNTYwMTBkOTIxMGVkNzhlNjI0OTM3ODI0Mzg3NDM2MjVlYTIwYjRhODcxOTMxM2Y0NjA0Mw",
"expires_in": 3600,
"token_type": "bearer",
"scope": null,
"refresh_token": "MmM5MjQ4NmQxOTRhY2VhZjJlMjAwY2VmOTJhZWM3NjQwNmJjYjY1MjI3ZmIyYjZmYTFhMjZjODgzY2FmZDBmZQ",
"user": {
"id": 2,
"username": "root",
"email": "root@piramidati.com",
"name": "Root",
"group": [
{
"id": 1,
"credentials": "root",
"name": "ROOT",
"module_rules": []
},
{
"id": 2,
"credentials": "administrator",
"name": "ADMINISTRATOR",
"module_rules": []
}
],
"roles": [
"ROLE_SUPER_ADMIN",
"ROLE_USER"
]
},
"redirect_uri": "test"
}
,如果从客户端应用程序访问url,我希望如果登录成功(例如使用google或facebook登录),则页面自动重定向到客户端页面。对我有什么想法吗?我正在为我的客户端应用程序使用symfony 4.1,谢谢