问题标签 [hwioauthbundle]

我去覆盖WordpressResourceOwner因为它没有返回HWIOAuthBundle用户信息响应

我注意到每个 ResourceOwner 都作为服务工作并声明到oauth.xml

我已经成功地配置了这个。问题是，当我更改以下行时：

进入我想要检索的信息，例如真实姓名、电子邮件、我生成的密码等，当我单击 Facebook 的登录按钮时，我再次被询问是否要连接到我的本地测试站点。

据我了解，在我上面链接的文档中，这是：

是检查用户是否存在的行，初始代码本身将facebook_id或twitter_id（这是我保存它们的方式）设置为新用户*用户名*。如果我换行

进入

然后每次我尝试登录时，我都会收到“注册”消息。所以，我对它的工作原理有一个大致的了解，但我很难理解一些事情：

1.当我在 Facebook 注册并用 twitter 登录时，我再次注册，不知道创建行，但更新/填充缺少的 twitter_id 字段，用户名保持不变。当我以前的数据来自 Facebook 而不是 Twitter 时，HWI/FOSUB 怎么会知道我是同一个人？

2.如果有一种全局方式可以知道我是同一个人，我应该使用$response对象中的哪些数据作为键来识别已注册的用户？

我目前正在将我的普通 Symfony2 WebApplication 更改为带有由 S2 后端支持的 REST Api 的 Ember.js 前端。

在我的旧解决方案中，我有 FOSUserbundle 用于常规注册/登录等，而 HWIOAuthBundle 用于 Facebook 登录。现在我正在尝试将这些功能移至我的 Rest Api。为了让常规身份验证运行，我实现了 FOSOAuthServerbundle。我的 Ember.js 正在通过 Ember-simple-auth 使用它。但这仅适用于常规登录。

我不知道如何让 facebook 登录在这个设置中工作。由于 Facebook 正在与 OAUth 合作，而我的后端正在使用它。我的前端是直接向 facebook 询问令牌吗？我的后端将如何收到通知？或者请求是否通过我的后端并且我正在提供 facebook 令牌？还是我的后端要求 Facebook 令牌，然后从 FOSOAuthServerBundle 返还我自己的 Oauth 令牌？

问号很多，网上还真没找到好的答案。有人用 facebook 登录实现了安全的 REST Api 吗？

对于用户登录，我正在尝试添加谷歌身份验证。

我将 HWIOAuthBundle 配置为他们的文档。一切都顺利配置和运行。

google验证提示/connect/google后，重定向到以下URL（空白页） http://local.xxx.com/app_dev.php/login/check-google?code=4/jUTU2hoQfOiNMUfKJX_bLfCDVoAr.UpnObn7cHC4XOl05ti8ZT3bVT-SeiQI

我正在使用 FOSUserBundle。

这是我的 config.yml，

安全.yml

路由.yml

我正在开发一个 Symfony2 应用程序。我正在使用 FOSUserBundle 处理身份验证，最近使用本教程将其与 FOSUserBundle 集成：https ://gist.github.com/danvbe/4476697 。

问题是：我可以在 localhost 上使用 google api 登录，一切正常。

但是，当我尝试登录真实服务器时，我得到：

请求详情：

谷歌文档没有提到这两个参数。我尝试手动发送一个请求，其中 device_id 为 UUID，device_name 设置为“notes”。这次我得到的回应是：

请求详情：

现在，我做错了什么？

尝试使用HWI/OauthBundle DocHWI/OAuthBundle中所说的所有步骤连接 facebook ，但它返回错误

用户“HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUser”没有用户提供程序

有谁可以为我解释为什么会发生这种情况以及如何解决这个问题？

Edit: See below for my own solution, which is, at the time of writing, functioning but imperfect. Would love some criticism and feedback, if I get something put together that I feel is really solid then I'll make a howto blog post for other people facing the same challenge.

I've been struggling with this for days, and I'm hoping someone can let me know if I'm on the right path.

I have a system with a FOSRestBundle webservice in which I'm currently using FOSUserBundle and HWIOAuthBundle to authenticate users.

I would like to set up stateless api key authentication for the webservice.

I've read through http://symfony.com/doc/current/cookbook/security/api_key_authentication.html and this seems simple enough to implement, I've also installed UecodeApiKeyBundle which seems to be mostly just an implementation of this book page.

My question is a n00b one...what now? The book page and bundle both cover authenticating a user by API key, but don't touch on the flow of logging users in, generating API keys, allowing users to register, etc. What I would really like is simple API endpoints for login, register, and logout that my app developers can use. Something like /api/v1/login, etc.

I think I can handle registration....login is confusing me though. Based upon some additional reading, it seems to me like what I need to do for login is this:

• Create a controller at api/v1/login that accepts POST requests. The request will either look like { _username: foo, _password: bar } or something like { facebook_access_token: foo. Alternately, the facebook login could require a different action, like /user/login/facebook, and just redirect to the HWIOAuthBundle path }.

• If the request contains _username and _password parameters, then I need to forward the request to login-check (I'm not sure about this one. Can I just process this form myself? Or, should I manually check the username and password against the database?)

• Add a login event listener, if user authenticated successfully, generate an api key for the user (This is only necessary if I'm not checking it myself, of course)

• Return the API Key in the response of the POST request (This breaks the post-redirect-get strategy, but otherwise I don't see any issues with it) I think this eliminates the redirect to login-check option I listed above.

As you can probably see I'm confused. This is my first Symfony2 project, and the book pages on Security sound simple...but seem to gloss over some of the details and it's left me quite unsure of what way to proceed.

Thanks in advance!

=============================================================

Edit:

I've installed a API Key Authentication pretty much identically to the relevant cookbook article: http://symfony.com/doc/current/cookbook/security/api_key_authentication.html

To handle user's logging in, I've created a custom controller method. I doubt that this is perfect, I would love to hear some feedback on how it can be improved, but I do believe that I'm on the right path as my flow is now working. Here's the code (Please note, still early in development...I haven't looked at Facebook login yet, only simple username/password login):

This seems to work pretty well, and user registration will be handled similarly.

Interestingly to me, the api key authentication method I implemented from the cookbook appears to ignore the access_control settings in my security.yml file, in the cookbook they outline how to only generate the token for a specific path, but I didn't like that solution, so I've implemented my own (also somewhat poor) solution to not check the path I'm using to authenticate users

I'm sure there's a better way to do this too, but again...not sure what it is.

我将 HWIOAuthBundle 与 Symfony 2.4.4 一起使用。

我实现了 Facebook 登录：如果您将浏览器指向 /login/facebook，它会要求您进行身份验证，并且它可以完美运行。

不幸的是，如果您在仍然登录的情况下再次尝试访问此页面，它会要求您将您的帐户与 Facebook（！？）连接，这没有任何意义！

仅当您使用内部创建的帐户（例如使用 FOS 用户捆绑包创建的帐户）登录时，要求将帐户与 Facebook 连接才有意义，但尝试将 Facebook 帐户与同一个 Facebook 帐户连接是没有意义的！

我正在使用HWIOAuthBundle Symfony2 Bundle，并按照本指南中的步骤配置并运行 Bundle，但出现此错误：

我如何解决这个问题？

额外信息

hwioauth.yml（包含在 config.yml 中）

路线在routing.yml

HWIOAuth 部分位于security.yml

I've read documentations and examples from few sources but still can't get this HWIOAuthBundle works. I've login form using user ID and password which added manually in Admin section that already works fine.

I want to add Binding Facebook Button in User Area after they login successfully, so they can login with normal ID/Password either Facebook Login in future. I've searching about this HWIOAuthBundle but can't find any similar case like this.

My Security :

Student Entity :

app/config/routing.yml

app/config/config.yml

Login Form (login.html.twig) :

Routing for user_facebook_login :

My Controller :

facebook.html.twig :

1. How to get Facebook ID and Access token and saved into database (for binding Facebook)
2. How to check in database for Facebook ID. If Exist, give ROLE_USER like normal loginAction in my Controller. If not exist throw exception.
3. If this Bundle can't accommodate my problems, is there any better Bundle or function which fit for my needs?