error while integrating FOSUserBundle with FOSOAuthServer

StackOverflow https://stackoverflow.com/questions/19434515

Question

I am trying to integrate FOSUserBundle with FOSOAuthServerBundle to proect my RESTFul APIs but i am getting following error while accessing login page , i am quite new to it so i dont know how to get rid off this error.

here i am trying to open a login form of FOSUserBundle so that i can login into it and get the Token

enter image description here

here is my security.yml

# FOR FOSUserBundle 

security:

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    encoders:
        "FOS\UserBundle\Model\UserInterface": sha512

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
            logout:       true
            anonymous:    true

    access_control:
        - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN


# FOR FOSOAuthServerBundle 

security:
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username
    firewalls:
        oauth_token:
            pattern:    ^/oauth/v2/token
            security:   false


        oauth_authorize:
            pattern:    ^/oauth/v2/auth
            form_login:
                 provider: fos_userbundle
                 check_path: /oauth/v2/auth/login_check
                 login_path: /oauth/v2/auth/login
            anonymous: true
            # Add your favorite authentication process here

        api:
            pattern:    ^/api
            fos_oauth:  true
            stateless:  true
            anonymous: true # can be omitted as its default value

    access_control:
           - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
Was it helpful?

Solution

I believe your security.yml should look like this:

security:
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    encoders:
        "FOS\UserBundle\Model\UserInterface": sha512

firewalls:
    oauth_token:
        pattern:    ^/oauth/v2/token
        security:   false


    oauth_authorize:
        pattern:    ^/oauth/v2/auth
        form_login:
             provider: fos_userbundle
             check_path: /oauth/v2/auth/login_check
             login_path: /oauth/v2/auth/login
        anonymous: true
        # Add your favorite authentication process here

    api:
        pattern:    ^/api
        fos_oauth:  true
        stateless:  true
        anonymous: true # can be omitted as its default value
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }
    - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

OTHER TIPS

You are overwriting your first security directive by adding the key a second time later in your configuration file.

Merge the two configurations ( security.firewalls, security.access_control, ... ) into one security: directive and you should be good to go.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top