Giters

FriendsOfSymfony / FOSUserBundle

Provides user management for your Symfony project. Compatible with Doctrine ORM & ODM, and custom storages.

Home Page:https://symfony.com/doc/master/bundles/FOSUserBundle/index.html

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Integration with HWIOAuthBundle

konradja100 opened this issue · comments

commented

Hi, i have some troubles after deploying my app to production server. I'm using symfony 4.1 with security pack and HWIOAuthBundle, and everything is working fine, but only for local enviroment. As long as i'm trying to log in by social accounts (ex. google), i get 403.

Here are my logs from this action:
screenshot_36

So as i understand user is logged in properly, but then access is denied - "user is neither anonymous, nor remember-me", what can be possible reason?

I have this configuration:

security.yaml

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_CLIENT
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            pattern: ^/
            oauth:
                resource_owners:
                    google: /login/check-google
                    linkedin: /login/check-linkedin
                    custom: /login/check-windows-live
                login_path: /%locale%/login
                use_forward: false
                failure_path: /%locale%/login
                success_handler: App\Handler\AuthenticationSuccessHandler
                oauth_user_provider:
                    service: my.oauth_aware.user_provider.service
            form_login:
                provider: fos_userbundle
                csrf_token_generator: security.csrf.token_manager
                login_path: fos_user_security_login
                check_path: fos_user_security_check
                default_target_path: app_homepage_index
                success_handler: App\Handler\AuthenticationSuccessHandler
            logout:
                path: fos_user_security_logout
                target: fos_user_security_login
            anonymous:    true
            remember_me:
                secret:   '%kernel.secret%'
                path: /
                domain: ~

    access_control:
        - { path: ^/[a-z]+/connect/[a-z]+$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/[a-z]+/payment_status/[a-z0-9]+/[a-z0-9]+$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/[a-z]+/connect/registration/[a-z]+$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/[a-z]+/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/[a-z]+/logout$, role: ROLE_USER }
        - { path: ^/[a-z]+/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/[a-z]+/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/[a-z]+/update, role: [IS_AUTHENTICATED_ANONYMOUSLY, ROLE_CLIENT] }
        - { path: ^/, role: ROLE_CLIENT }

Each user has granted ROLE_CLIENT in database, so what exacly says this "user is neither anonymous, nor remember-me" message?

commented

I think you should open an issue in the HWIOAuthBundle repo.