I am trying to create an oauth2 server based on FOSOauthServerBundle , FOSRestBundle and FOSUserBundle . I created a demo application to test my oauth-server and it was not able to get data using GET reguest
(received error 401 error = "access_denied", error_description = "OAuth2 authentication required"),
although the user was authenticated and the client received the access token properly.
How should I implement api controllers so that oauth2 performs the authentication process?
In addition, I would like to take a look at a real working example of an oauth server based on these packages so that I can test my application on it.
my security.yml:
jms_security_extra: secure_all_services: false expressions: true security: acl: connection: default role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] providers: in_memory: memory: users: user: { password: userpass, roles: [ 'ROLE_USER' ] } admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] } fos_userbundle: id: fos_user.user_provider.username encoders: FOS\UserBundle\Model\UserInterface: sha512 Symfony\Component\Security\Core\User\User: plaintext firewalls: api: pattern: ^/api fos_oauth: true stateless: true oauth_authorize: pattern: ^/oauth/v2/auth form_login: provider: fos_userbundle check_path: /oauth/v2/auth_login_check login_path: /oauth/v2/auth_login use_referer: true anonymous: true oauth_token: pattern: ^/oauth/v2/token security: false secured_area: pattern: ^/ anonymous: ~ form_login: provider: fos_userbundle check_path: /login_check login_path: /login always_use_default_target_path: true default_target_path: / access_control: - { path: ^/oauth/v2/auth_login$, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/oauth/v2/auth, role: ROLE_USER } - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY} - { path: ^/, roles: ROLE_USER } - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
Thanks.
source share