1

我正在尝试使用 FOSOAuthServerBundle 的文档配置FOSOAuthServerBundleFOSUserBundle 。这是配置:

配置.yml

fos_user:
    db_driver: orm
    firewall_name: oauth_token #main
    user_class: Minn\UserBundle\Entity\User

fos_oauth_server:
    db_driver: orm
    client_class:        Minn\UserBundle\Entity\Client
    access_token_class:  Minn\UserBundle\Entity\AccessToken
    refresh_token_class: Minn\UserBundle\Entity\RefreshToken
    auth_code_class:     Minn\UserBundle\Entity\AuthCode
    service:
        user_provider: fos_user.user_manager # this is added to fos_oauth to use fos_user for authentication
        options:
            supported_scopes: api

安全.yml

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_USER : ROLE_API
        ROLE_ADMIN: ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern:      ^/(_(profiler|wdt)|css|images|js)/
            security:     false

        oauth_token:
            pattern:      ^/oauth/v2/token
            security:     false

        api_doc:
            pattern:      ^/api/doc
            security:     false

        api:
            pattern:      ^/api
            fos_oauth:    true
            stateless:    true

    access_control:
        - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }

在这一点上,它似乎在通过创建 symfony 命令来测试配置运行良好。

测试命令:

<?php

namespace Minn\UserBundle\Command;

use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Acme\OAuthServerBundle\Document\Client;

class CreateOAuthClientCommand extends ContainerAwareCommand {

    protected function configure() {
        $this
                ->setName('oauth:client:create')
                ->setDescription('Creates a new client')
                ->addOption(
                        'redirect-uri', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Sets redirect uri for client. Use this option multiple times to set multiple redirect URIs.', null
                )
                ->addOption(
                        'grant-type', null, InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Sets allowed grant type for client. Use this option multiple times to set multiple grant types..', null
        );
    }

    protected function execute(InputInterface $input, OutputInterface $output) {
        $clientManager = $this->getContainer()->get('fos_oauth_server.client_manager.default');
        $client = $clientManager->createClient();
        $client->setRedirectUris($input->getOption('redirect-uri'));
        $client->setAllowedGrantTypes($input->getOption('grant-type'));
        $clientManager->updateClient($client);
        $output->writeln(
                sprintf(
                        'Added a new client with public id <info>%s</info>, secret <info>%s</info>', $client->getPublicId(), $client->getSecret()
                )
        );
    }

}

  • 运行以下 symfony 命令:

    php app/console oauth:client:create --redirect-uri="http://localhost/minnapi/web/app_dev.php/" --grant-type="authorization_code" --grant-type="password" --grant-type="refresh-token" --grant-type="token" --grant-type="client_credentials"

  • 命令的输出是:

    Added a new client with public id 5_552osbf54k4c0kow00ko8ww8kkgcwgg4g4okkgc0wcww0ggsw8, secret 10kv0z11wr688o8kws4wg08scs48o4o8o8cg004c44wcgcgc4s

    请注意,在客户端女巫表中创建记录的命令如下:

    INSERT INTO `minn_client` (`id`, `name`, `random_id`, `redirect_uris`, `secret`, `allowed_grant_types`) VALUES
(5, NULL, '552osbf54k4c0kow00ko8ww8kkgcwgg4g4okkgc0wcww0ggsw8', 'a:1:{i:0;s:41:"http://localhost/minnapi/web/app_dev.php/";}', '10kv0z11wr688o8kws4wg08scs48o4o8o8cg004c44wcgcgc4s', 'a:5:{i:0;s:18:"authorization_code";i:1;s:8:"password";i:2;s:13:"refresh-token";i:3;s:5:"token";i:4;s:18:"client_credentials";}');

  • 在浏览器中执行以下请求

    http://localhost/minnapi/web/app_dev.php/oauth/v2/token?client_id=5_552osbf54k4c0kow00ko8ww8kkgcwgg4g4okkgc0wcww0ggsw8&client_secret=10kv0z11wr688o8kws4wg08scs48o4o8o8cg004c44wcgcgc4s&grant_type=client_credentials

    浏览器返回的答案是:

    {"access_token":"Njg5OWUzZmI5Yjg5MWFlYTZkOWNmMWIwNGMwNDNmZDhkZmEwZDhjMDM4OTcyNzZiNzRiMTNiZjBlOGMyMDk0OA","expires_in":3600,"token_type":"bearer","scope":"api"}

现在,当我尝试使用文档建议的控制器中的操作来检查它时,问题就来了:

测试动作

/**
 * @Route("/connect")
 */
public function connectAction(){
    // 1. creation of a client (manually)
    $clientManager = $this->get('fos_oauth_server.client_manager.default');
    $client = $clientManager->createClient();
    $client->setRedirectUris(array('http://localhost/minnapi/web/app_dev.php/'));
    $client->setAllowedGrantTypes(array('token', 'authorization_code'));
    $clientManager->updateClient($client);

    return $this->redirect($this->generateUrl('fos_oauth_server_authorize', array(
        'client_id'     => $client->getPublicId(),
        'redirect_uri'  => 'http://localhost/minnapi/web/app_dev.php/',
        'response_type' => 'api'
    )));
}

我得到的错误是:

未捕获的 PHP 异常 Symfony\Component\Debug\Exception\FatalErrorException:“错误:在 /home/amine/NetBeansProjects/minnapi/vendor/friendsofsymfony/oauth-server-bundle/Controller/AuthorizeController 上调用成员函数 getUser() on null” .php 第 58 行上下文:{“异常”:“对象(Symfony\Component\Debug\Exception\FatalErrorException)”}

对错误有任何想法吗?

谢谢

4

0 回答 0