mazen / etcpasswdoauthbundle Goto Github PK

I'm using FOSUserBundle. After a successful provider authentication, how can I persist the user in my database ?

The ordering of the arguments has changed in Symfony's AbstractAuthenticationListener class. Basically the two AuthenticationHandlers have been moved before the options array. Currently this bundle has the arguments in the wrong order for Symfony versions 2.1.* and above. Please correct this as it currently breaks the bundle.

            oauth_vk:
                login_path: /user/auth/form
                check_path: /user/auth-vk/identify
                auth_provider: oauth_vk
                client_id: %vk_client_id%
                client_secret: %vk_client_secret%
                target_path_parameter: redirect_to
                scope: notify,friends,wall

open
http://HOSTNAME/user/auth-vk/identify?redirect_to=/places

redirected to
http://oauth.vk.com/authorize?client_id=2882563&scope=notify,friends,wall&redirect_uri=http%3A%2F%HOSTNAME%2Fuser%2Fauth-vk%2Fidentify&response_type=code

as you see - redirect_to parameter missed

I propose remove overridion of requiresAuthentication method prior to $code parameter detection

<?php
# now
    protected function requiresAuthentication(Request $request)
    {
        if ( $this->httpUtils->checkRequestPath($request, $this->options['check_path'])
            || $this->httpUtils->checkRequestPath($request, $this->options['login_path'])
        ) {
            return true;
        }
        return false;
    }

    protected function attemptAuthentication(Request $request)
    {

        // redirect to auth provider
        if ($this->httpUtils->checkRequestPath($request, $this->options['login_path'])) {
            return $this->createProviderRedirectResponse($request);
        }

        $code = $request->get('code');
        // ...
    }

# I am propose to do
    protected function attemptAuthentication(Request $request)
    {
        $code = $request->get('code');

        // redirect to auth provider
        if (!$code) {
            return $this->createProviderRedirectResponse($request);
        }

        // ...
    }

Not directly related to OAuth itself but it would be nice to have some sort of decorator for Requests which add the necessary credentials like access tokens.

I have successfully implemented Oauth2 with Yahoo. The getAuthorizationUrl is a 2-step process where the first step provides a token to make a 'request_auth'.. and it also provides some 'secret tokens' which are not passed in from the Auth_Response but need to be used later on in the createTokenResponse method. I've solved this problem by using a Session variable. You can look at my patch-1 (YahooProvider->getAuthorizationUrl() and YahooProvider->createTokenResponse()) to see what I'm talking about.

I don't know if this is the best option OR if it's the only way to go. I also don't want to confuse the project by adding session support via Dependency Injection into the Provider class if it isn't necessary.

Hi !
when a no logged user are trying to get a protected resource, we have an AccessDenied Exception (all work fine), but in addiction, I have an InsufficientAuthenticationException, because the firewall (etcpasswdoauthbundle) don't have an entry_point defined.

The bundle need a global implementation of this AuthenticationEntryPoint (redirect to the login path of the firewall, for example) or this is work for the developer using the bundle ?

thanks in advance,
and sorry for my english !

OAuth1 is a bit more tricky with all the 3-step authentication process. This is required by Twitter & Yahoo!

$userProvider is optional. Sometimes we needed authenticate non-persistent user. Delails here https://github.com/FriendsOfSymfony/FOSFacebookBundle/blob/master/Security/Authentication/Provider/FacebookProvider.php#L90