Lexikjwtauthenticationbundle: Question: Compatibility/Usage with HWIOAuthBundle

Created on 19 Apr 2015  路  6Comments  路  Source: lexik/LexikJWTAuthenticationBundle

Has anyone tried using this in combination with HWIOAuthBundle? What鈥檚 the best way to add Facebook login to a JWT api? Do I have to add a separate firewall for HWIOAuth and create a redirect which create a JWT token?

Most helpful comment

This is my working configuration:

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_USER

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern: ^/login
            logout: true
            anonymous: ~
            stateless: true
            oauth:
                require_previous_session: false
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
                check_path: /login_check
                resource_owners:
                    google: "/login/check-google"
                login_path: /login
                oauth_user_provider:
                    service: api.user_provider

        main:
            pattern: ^/api
            anonymous: ~
            stateless: true
            lexik_jwt: ~

    access_control:
        - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/doc, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api, role: IS_AUTHENTICATED_FULLY }

All 6 comments

:up: does anyone have an opinion about that ? @hacfi did you make any progress on this ?

@slashfan Not yet and not working on it at the moment but need it sooner or later.

This is my working configuration:

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_USER

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern: ^/login
            logout: true
            anonymous: ~
            stateless: true
            oauth:
                require_previous_session: false
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
                check_path: /login_check
                resource_owners:
                    google: "/login/check-google"
                login_path: /login
                oauth_user_provider:
                    service: api.user_provider

        main:
            pattern: ^/api
            anonymous: ~
            stateless: true
            lexik_jwt: ~

    access_control:
        - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/doc, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api, role: IS_AUTHENTICATED_FULLY }

Hello !
I'm using satellizer, which send the code in json.
HWIOAuthBundle tries to access the code with $request->query->get('code') (getAccessToken function)
I guess that's why 'No oauth code in the request.' is reached.

Did you have the same issue ? How do you recommend to deal with it ?

@pdoreau It's weird, is your version up-to-date? For me the code is sent in the query string parameters, with the clientId, the redirectUri and the state.

Last version of Satellizer and HWIOAuthBundle sure.
Master version of HWIOAuthBundle still access to $request->query : https://github.com/hwi/HWIOAuthBundle/blob/master/OAuth/ResourceOwner/GenericOAuth2ResourceOwner.php#L88

I copied this funtion in my project and replaced $request->query->get('code') by $request->request->get('code')

Was this page helpful?
0 / 5 - 0 ratings

Related issues

ndoulgeridis picture ndoulgeridis  路  3Comments

garak picture garak  路  5Comments

Zempheroth picture Zempheroth  路  4Comments

christophe-mailfert picture christophe-mailfert  路  5Comments

mflasquin picture mflasquin  路  5Comments