I am trying to set up FOSUserBundle
to be the authentication provider for my FOSOAuthServerBundle
enabled server. The FOSOAuthServerBundle
has been working correctly prior to me trying to implement FOSUserBundle
and I have also had FOSUserBundle
working without FOSOAuthServerBundle
, but I just can't get them working together.
My question is what should be specified for the authentication provider in the oauth_authorize
: firewall in the security.yml
below?
# app/config/security.yml
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
encoders:
FOS\UserBundle\Model\UserInterface: sha512
firewalls:
oauth_token:
pattern: ^/oauth/v2/token
security: false
oauth_authorize:
pattern: ^/oauth/v2/auth
# WHAT GOES HERE?
api:
pattern: ^/api
fos_oauth: true
stateless: true
access_control:
- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
I am trying to authenticate the users and not the client.
Many thanks.
You should have the following in your config.yml
fos_user:
db_driver: orm
firewall_name: main
user_class: Zoef\UserBundle\Entity\Userere
And something like this for the oauth server
fos_oauth_server:
db_driver: orm
client_class: {PATH TO ENTITY}\Client
access_token_class: {PATH TO ENTITY}\AccessToken
refresh_token_class: {PATH TO ENTITY}\RefreshToken
auth_code_class: {PATH TO ENTITY}\AuthCode
service:
user_provider: fos_user.user_provider.username
And the security.yml should look like this:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
oauth_token:
pattern: ^/oauth/v2/token
security: false
access_control:
- { path: ^/, roles: ROLE_ADMIN }
You can test if it works because when you got to any url you should get an reponse like this:
{"error":"access_denied","error_description":"OAuth2 authentication required"}