mazen / etcpasswdoauthbundle Goto Github PK
View Code? Open in Web Editor NEWOAuth Bundle
Home Page: https://github.com/mazen
OAuth Bundle
Home Page: https://github.com/mazen
I'm using FOSUserBundle. After a successful provider authentication, how can I persist the user in my database ?
The ordering of the arguments has changed in Symfony's AbstractAuthenticationListener class. Basically the two AuthenticationHandlers have been moved before the options array. Currently this bundle has the arguments in the wrong order for Symfony versions 2.1.* and above. Please correct this as it currently breaks the bundle.
oauth_vk:
login_path: /user/auth/form
check_path: /user/auth-vk/identify
auth_provider: oauth_vk
client_id: %vk_client_id%
client_secret: %vk_client_secret%
target_path_parameter: redirect_to
scope: notify,friends,wall
open
http://HOSTNAME/user/auth-vk/identify?redirect_to=/places
as you see - redirect_to parameter missed
I propose remove overridion of requiresAuthentication
method prior to $code
parameter detection
<?php
# now
protected function requiresAuthentication(Request $request)
{
if ( $this->httpUtils->checkRequestPath($request, $this->options['check_path'])
|| $this->httpUtils->checkRequestPath($request, $this->options['login_path'])
) {
return true;
}
return false;
}
protected function attemptAuthentication(Request $request)
{
// redirect to auth provider
if ($this->httpUtils->checkRequestPath($request, $this->options['login_path'])) {
return $this->createProviderRedirectResponse($request);
}
$code = $request->get('code');
// ...
}
# I am propose to do
protected function attemptAuthentication(Request $request)
{
$code = $request->get('code');
// redirect to auth provider
if (!$code) {
return $this->createProviderRedirectResponse($request);
}
// ...
}
Not directly related to OAuth itself but it would be nice to have some sort of decorator for Requests which add the necessary credentials like access tokens.
I have successfully implemented Oauth2 with Yahoo. The getAuthorizationUrl is a 2-step process where the first step provides a token to make a 'request_auth'.. and it also provides some 'secret tokens' which are not passed in from the Auth_Response but need to be used later on in the createTokenResponse method. I've solved this problem by using a Session variable. You can look at my patch-1 (YahooProvider->getAuthorizationUrl() and YahooProvider->createTokenResponse()) to see what I'm talking about.
I don't know if this is the best option OR if it's the only way to go. I also don't want to confuse the project by adding session support via Dependency Injection into the Provider class if it isn't necessary.
Hi !
when a no logged user are trying to get a protected resource, we have an AccessDenied Exception (all work fine), but in addiction, I have an InsufficientAuthenticationException, because the firewall (etcpasswdoauthbundle) don't have an entry_point defined.
The bundle need a global implementation of this AuthenticationEntryPoint (redirect to the login path of the firewall, for example) or this is work for the developer using the bundle ?
thanks in advance,
and sorry for my english !
OAuth1 is a bit more tricky with all the 3-step authentication process. This is required by Twitter & Yahoo!
$userProvider
is optional. Sometimes we needed authenticate non-persistent user. Delails here https://github.com/FriendsOfSymfony/FOSFacebookBundle/blob/master/Security/Authentication/Provider/FacebookProvider.php#L90
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.