Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

accessing to /api methods in oauth2 server

Im trying to create an oauth2 server based on FOSOauthServerBundle, FOSRestBundle and FOSUserBundle. I created a demo application to test the my oauth-server and it failed receiving the data via the GET reguest

(received 401 error ' error="access_denied", error_description="OAuth2 authentication required" '),

in spite the fact that the user was authenticated and the client received an access token properly.

How should I implement the api controllers so the oauth2 will execute the authentication process?

Also, i would like to take a look on real working oauth server example based on those bundles so i would be able to check my application on it.

my security.yml:

jms_security_extra:
    secure_all_services: false
    expressions: true

security:
acl:
    connection: default

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

providers:
    in_memory:
        memory:
            users:
                user:  { password: userpass, roles: [ 'ROLE_USER' ] }
                admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
    fos_userbundle:
        id: fos_user.user_provider.username

encoders:
      FOS\UserBundle\Model\UserInterface: sha512
      Symfony\Component\Security\Core\User\User: plaintext

firewalls:
    api:
        pattern: ^/api
        fos_oauth: true
        stateless: true

    oauth_authorize:
        pattern: ^/oauth/v2/auth
        form_login:
            provider: fos_userbundle
            check_path: /oauth/v2/auth_login_check
            login_path: /oauth/v2/auth_login
            use_referer: true
        anonymous: true

    oauth_token:
        pattern: ^/oauth/v2/token
        security: false  

    secured_area:
        pattern:    ^/
        anonymous: ~
        form_login:
            provider: fos_userbundle
            check_path: /login_check
            login_path: /login
            always_use_default_target_path: true
            default_target_path: /

access_control:
    - { path: ^/oauth/v2/auth_login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/oauth/v2/auth, role: ROLE_USER }
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY}
    - { path: ^/, roles: ROLE_USER }
    - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }

Thanks.

like image 712
user1976651 Avatar asked Jan 14 '13 08:01

user1976651


1 Answers

Submitting the answer so this will close the open question.

Access denied caused because the request did not contain the access token. Refer to documentation with section titled Creating A Client and Usage.

https://github.com/FriendsOfSymfony/FOSOAuthServerBundle/blob/master/Resources/doc/index.md

like image 79
George Avatar answered Nov 04 '22 13:11

George