The FOSRestBundle is working perfectly in my project but without authentification. Now, my goal is to make my requests with auth.
To do so, I added this firewall in security.yml
firewalls:
# ...
rest_api:
pattern: ^/api/
stateless: true
http_basic:
provider: fos_userbundle
# ...
access_control:
# ...
- { path: ^/api/, role: IS_AUTHENTICATED_FULLY }
To check this, I used this shell command:
curl -i http://localhost/tuto/web/app_dev.php/api/test/1
The result is:
HTTP/1.1 302 Found
Date: Fri, 11 Apr 2014 13:56:08 GMT
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.4.9-4ubuntu2.4
Set-Cookie: PHPSESSID=4dtr168vmj1eg523a07kbkjkh1; path=/
Cache-Control: no-cache
Location: http://localhost/tuto/web/app_dev.php/login
Vary: Accept-Language
X-Debug-Token: 220df7
Transfer-Encoding: chunked
Content-Type: application/json
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="refresh" content="1;url=http://localhost/tuto/web/app_dev.php/login" />
<title>Redirecting to http://localhost/tuto/web/app_dev.php/login</title>
</head>
<body>
Redirecting to <a href="http://localhost/tuto/web/app_dev.php/login">http://localhost/tuto/web/app_dev.php/login</a>.
</body>
</html>
As you can see, the returned code is 302 FOUND since it is URL is redirected to http://localhost/tuto/web/app_dev.php/login
as I am using FOSUserBundle.
Now, I want to check if the authenfication is working well. I tried this: curl -i http://localhost/tuto/web/app_dev.php/api/test/1 --user user:password
but still I have 302 FOUND.
I tried this also curl -i -H 'Accept:application/json' -H 'Authorization:Basic username:password' http://localhost/tuto/web/app_dev.php/api/test/1
but still I have 302 FOUND.
So is there any proposal of curl command to check the auth in my REST api?
Thanks,
Notice: I have tried solutions in many links like: basic authorization command for curl