Lexikjwtauthenticationbundle: How to login with facebook access token

Created on 29 Dec 2016  路  3Comments  路  Source: lexik/LexikJWTAuthenticationBundle

Hello,

I have set up everything and works fine with from browser. But I have also an API and I want to login user from an ionic application I have using native facebook. All goes well except that I get back from the response in facebook in the app an access_token and not an authorize_code.

Now what should I do to log the user from this access token?
I have created this and is working but is this the best practice?

 **
 * @Post(name="api_facebook_login", path="/login/facebook", options={ "method_prefix" = false })
 * @param Request $request
 * @return string
 */
public function facebookLoginAction(Request $request)
{
    $token = $request->get("access_token");
    // Get the token's FB app info.
    @$tokenAppResp = file_get_contents('https://graph.facebook.com/app/?access_token=' . $token);
    if (!$tokenAppResp) {
        throw new AccessDeniedHttpException('Bad credentials.');
    }

    // Make sure it's the correct app.
    $tokenApp = json_decode($tokenAppResp, true);
    if (!$tokenApp || !isset($tokenApp['id']) || $tokenApp['id'] != $this->container->getParameter('oauth.facebook.id')) {
        throw new AccessDeniedHttpException('Bad credentials.');
    }

    // Get the token's FB user info.
    @$tokenUserResp = file_get_contents('https://graph.facebook.com/me/?access_token=' . $token);
    if (!$tokenUserResp) {
        throw new AccessDeniedHttpException('Bad credentials.');
    }

    // Try to fetch user by it's token ID, create it otherwise.
    $tokenUser = json_decode($tokenUserResp, true);
    if (!$tokenUser || !isset($tokenUser['id'])) {
        throw new AccessDeniedHttpException('Bad credentials.');
    }

    $userProvider = $this->get("user_bundle.oauth_user_provider");
    $user = $userProvider->loadUserByUsername($tokenUser['id']);

    if ($user === null) {
        /** @var UserManager $userManager */
        $userManager = $this->get("fos_user.user_manager");
        /** @var AuthUser $user */
        $user = $userManager->createUser();
        $user->setFacebookID($tokenUser['id']);
        $user->setFacebookAccessToken($token);
        //I have set all requested data with the user's username
        //modify here with relevant data
        $user->setUsername($tokenUser['id']);
        $user->setFirstName($tokenUser['first_name']);
        $user->setLastName($tokenUser['last_name']);
        $user->setEmail($tokenUser['email']);
        $user->setPlainPassword(substr(str_shuffle(str_repeat($x = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil(10 / strlen($x)))), 1, 10));
        $user->setEnabled(true);
        $userManager->updateUser($user);
    }

    $jwtManager = $this->get("lexik_jwt_authentication.jwt_manager");
    $token = $jwtManager->create($user);

    return ['token' => $token];
}

Most helpful comment

@crash21 Sorry for the delay.
I've been using pretty-much the same logic for a similar need, I'd say there is no best practice surely due to that the use case is a bit "edge".

All 3 comments

@crash21 Sorry for the delay.
I've been using pretty-much the same logic for a similar need, I'd say there is no best practice surely due to that the use case is a bit "edge".

Thanks a lot, it can be closed!

Thanks for opening this issue

Was this page helpful?
0 / 5 - 0 ratings

Related issues

Walkoss picture Walkoss  路  5Comments

evaldoprestes picture evaldoprestes  路  3Comments

reducio picture reducio  路  4Comments

tahina4 picture tahina4  路  4Comments

hiromik picture hiromik  路  3Comments