Connect system user to 3rd party auth provider using HWIOAuth bundle without FOSUB
Here's my routing.yml:
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /connect
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
elama.facebook_login:
path: /login/check-facebook
#the rest of the file are my services
Here's my complete security.yml:
security:
providers:
database:
id: elama.user.user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
private_api:
pattern: ^/private_api/
security: false
client_area:
context: client_area
provider: database
pattern: ^/
anonymous: ~
elama: true
logout:
path: /logout
target: /
success_handler: elama.auth_event_listener
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
use_forward: false
failure_path: /login?failed=true
oauth_user_provider:
service: 'elama.user.user_provider'
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/system, roles: [ROLE_ADMIN, ROLE_CONTROL_PANEL_USERS] }
role_hierarchy:
ROLE_ADMIN: [ROLE_ALPHA, ROLE_BETA]
and in my config.yml I have following section:
hwi_oauth:
firewall_names: [client_area]
resource_owners:
facebook:
type: facebook
client_id: '%hwioauth.facebook.client_id%'
client_secret: '%hwioauth.facebook.client_secret%'
options:
csrf: true
display: popup #dialog is optimized for popup window
auth_type: rerequest # Re-asking for Declined Permissions
When I go to https://my_host/connect/facebook I get the Facebook auth page which when submitted redirects me to /login?failed=true#_=_. To rule the UserNotFoundException out of equation I've made my elama.user.user_provider service (which implements required OAuthAwareUserProviderInterface interface) return real existing user instance (hardcoded to force return user instance), but that didn't help. UPDATE: That failing was because I missed the type of object I was returning from loadUserByOAuthUserResponse: it was custom User object, not compliant with UserInterface.
My aim is to get following user workflow:
- In profile page user can attach Facebook account to his existing
system account (how do I do that? which route should I
implement/edit?) - On login page user can authenticate with Facebook and if he already has that account attached to hist system account - log him
in. If not, check whether we have system user account with same
email as provided by Facebook: if there's one - refuse in
authentication and kindly ask to login as system account and bind FB
account from inside; if there's none - create system account,
bind to FB and log user in. How do I do that? Where do I start?
Which parts are already handled by HWIOAuthBundle?
facebook symfony oauth-2.0 hwioauthbundle
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
add a comment |
Here's my routing.yml:
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /connect
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
elama.facebook_login:
path: /login/check-facebook
#the rest of the file are my services
Here's my complete security.yml:
security:
providers:
database:
id: elama.user.user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
private_api:
pattern: ^/private_api/
security: false
client_area:
context: client_area
provider: database
pattern: ^/
anonymous: ~
elama: true
logout:
path: /logout
target: /
success_handler: elama.auth_event_listener
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
use_forward: false
failure_path: /login?failed=true
oauth_user_provider:
service: 'elama.user.user_provider'
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/system, roles: [ROLE_ADMIN, ROLE_CONTROL_PANEL_USERS] }
role_hierarchy:
ROLE_ADMIN: [ROLE_ALPHA, ROLE_BETA]
and in my config.yml I have following section:
hwi_oauth:
firewall_names: [client_area]
resource_owners:
facebook:
type: facebook
client_id: '%hwioauth.facebook.client_id%'
client_secret: '%hwioauth.facebook.client_secret%'
options:
csrf: true
display: popup #dialog is optimized for popup window
auth_type: rerequest # Re-asking for Declined Permissions
When I go to https://my_host/connect/facebook I get the Facebook auth page which when submitted redirects me to /login?failed=true#_=_. To rule the UserNotFoundException out of equation I've made my elama.user.user_provider service (which implements required OAuthAwareUserProviderInterface interface) return real existing user instance (hardcoded to force return user instance), but that didn't help. UPDATE: That failing was because I missed the type of object I was returning from loadUserByOAuthUserResponse: it was custom User object, not compliant with UserInterface.
My aim is to get following user workflow:
- In profile page user can attach Facebook account to his existing
system account (how do I do that? which route should I
implement/edit?) - On login page user can authenticate with Facebook and if he already has that account attached to hist system account - log him
in. If not, check whether we have system user account with same
email as provided by Facebook: if there's one - refuse in
authentication and kindly ask to login as system account and bind FB
account from inside; if there's none - create system account,
bind to FB and log user in. How do I do that? Where do I start?
Which parts are already handled by HWIOAuthBundle?
facebook symfony oauth-2.0 hwioauthbundle
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
add a comment |
Here's my routing.yml:
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /connect
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
elama.facebook_login:
path: /login/check-facebook
#the rest of the file are my services
Here's my complete security.yml:
security:
providers:
database:
id: elama.user.user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
private_api:
pattern: ^/private_api/
security: false
client_area:
context: client_area
provider: database
pattern: ^/
anonymous: ~
elama: true
logout:
path: /logout
target: /
success_handler: elama.auth_event_listener
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
use_forward: false
failure_path: /login?failed=true
oauth_user_provider:
service: 'elama.user.user_provider'
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/system, roles: [ROLE_ADMIN, ROLE_CONTROL_PANEL_USERS] }
role_hierarchy:
ROLE_ADMIN: [ROLE_ALPHA, ROLE_BETA]
and in my config.yml I have following section:
hwi_oauth:
firewall_names: [client_area]
resource_owners:
facebook:
type: facebook
client_id: '%hwioauth.facebook.client_id%'
client_secret: '%hwioauth.facebook.client_secret%'
options:
csrf: true
display: popup #dialog is optimized for popup window
auth_type: rerequest # Re-asking for Declined Permissions
When I go to https://my_host/connect/facebook I get the Facebook auth page which when submitted redirects me to /login?failed=true#_=_. To rule the UserNotFoundException out of equation I've made my elama.user.user_provider service (which implements required OAuthAwareUserProviderInterface interface) return real existing user instance (hardcoded to force return user instance), but that didn't help. UPDATE: That failing was because I missed the type of object I was returning from loadUserByOAuthUserResponse: it was custom User object, not compliant with UserInterface.
My aim is to get following user workflow:
- In profile page user can attach Facebook account to his existing
system account (how do I do that? which route should I
implement/edit?) - On login page user can authenticate with Facebook and if he already has that account attached to hist system account - log him
in. If not, check whether we have system user account with same
email as provided by Facebook: if there's one - refuse in
authentication and kindly ask to login as system account and bind FB
account from inside; if there's none - create system account,
bind to FB and log user in. How do I do that? Where do I start?
Which parts are already handled by HWIOAuthBundle?
facebook symfony oauth-2.0 hwioauthbundle
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
Here's my routing.yml:
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /connect
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
elama.facebook_login:
path: /login/check-facebook
#the rest of the file are my services
Here's my complete security.yml:
security:
providers:
database:
id: elama.user.user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
private_api:
pattern: ^/private_api/
security: false
client_area:
context: client_area
provider: database
pattern: ^/
anonymous: ~
elama: true
logout:
path: /logout
target: /
success_handler: elama.auth_event_listener
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
use_forward: false
failure_path: /login?failed=true
oauth_user_provider:
service: 'elama.user.user_provider'
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/system, roles: [ROLE_ADMIN, ROLE_CONTROL_PANEL_USERS] }
role_hierarchy:
ROLE_ADMIN: [ROLE_ALPHA, ROLE_BETA]
and in my config.yml I have following section:
hwi_oauth:
firewall_names: [client_area]
resource_owners:
facebook:
type: facebook
client_id: '%hwioauth.facebook.client_id%'
client_secret: '%hwioauth.facebook.client_secret%'
options:
csrf: true
display: popup #dialog is optimized for popup window
auth_type: rerequest # Re-asking for Declined Permissions
When I go to https://my_host/connect/facebook I get the Facebook auth page which when submitted redirects me to /login?failed=true#_=_. To rule the UserNotFoundException out of equation I've made my elama.user.user_provider service (which implements required OAuthAwareUserProviderInterface interface) return real existing user instance (hardcoded to force return user instance), but that didn't help. UPDATE: That failing was because I missed the type of object I was returning from loadUserByOAuthUserResponse: it was custom User object, not compliant with UserInterface.
My aim is to get following user workflow:
- In profile page user can attach Facebook account to his existing
system account (how do I do that? which route should I
implement/edit?) - On login page user can authenticate with Facebook and if he already has that account attached to hist system account - log him
in. If not, check whether we have system user account with same
email as provided by Facebook: if there's one - refuse in
authentication and kindly ask to login as system account and bind FB
account from inside; if there's none - create system account,
bind to FB and log user in. How do I do that? Where do I start?
Which parts are already handled by HWIOAuthBundle?
facebook symfony oauth-2.0 hwioauthbundle
facebook symfony oauth-2.0 hwioauthbundle
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
edited Nov 24 '18 at 2:27
Eduard Sukharev
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
asked Nov 23 '18 at 23:54
Eduard SukharevEduard Sukharev
5431826
5431826
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53454004%2fconnect-system-user-to-3rd-party-auth-provider-using-hwioauth-bundle-without-fos%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53454004%2fconnect-system-user-to-3rd-party-auth-provider-using-hwioauth-bundle-without-fos%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
