Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
A way to integrate FosUserBundle and HWIOAuthBundle

I have managed to install this… and make it work. I implemented it for Facebook and Google, but you can extend it. My solution it is mostly as described in #116, with a bit of more code presented. The key aspects that lack in the #116 presentation (IMO) are:

  • the registration as service of your custom FOSUBUserProvider (with the necessary parameters)
  • set the service for oauth_user_provider in the security.yml with your custom created service

Here are the steps:

  1. Routing. In routing.yml I have added all the routes for both bundles.
  2. Configuration. I have set the config.yml mostly as it is presented in the HWIOAuthBundle.
  3. Security. I have set the security.yml mostly as it is presented in the HWIOAuthBundle (though my routes are using /login pattern, not /connect). Also, the oauth_user_provider is set for my custom service.
  4. User. My own User entity, extended from FosUser.
  5. UserProvider. My user provider, registered as service, extended from FOSUBUserProvider. This is the one that actually does the User registration in YOUR database with data from PROVIDERS (Facebook, Google, etc.) and in responsible for connecting already logged in users with accounts from PROVIDERS. It does this by overvriting 2 functions (connect(UserInterface $user, UserResponseInterface $response) and loadUserByOAuthUserResponse(UserResponseInterface $response)). See code below.
  6. Custom service. My user provider is registered as service.

Using this code, when:

  1. No user is authenticated on my site: by accessing http://my_app_web_root/login/facebook or http://my_app_web_root/login/google, a user is created in my database (with data as it is saved in the custom FOSUBUserProvider) and it is automatically login-ed to my site.
  2. A user is authenticated on my site: by accessing http://my_app_web_root/login/facebook or http://my_app_web_root/login/google, the current user is updated with data from the provider (account linking).

I think this is the behavior everybody was expecting :).

#app/config/config.yml
hwi_oauth:
#this is my custom user provider, created from FOSUBUserProvider - will manage the
#automatic user registration on your site, with data from the provider (facebook. google, etc.)
#and also, the connecting part (get the token and the user_id)
connect:
account_connector: my_user_provider
# name of the firewall in which this bundle is active, this setting MUST be set
firewall_name: main
fosub:
username_iterations: 30
properties:
# these properties will be used/redefined later in the custom FOSUBUserProvider service.
facebook: facebook_id
google: google_id
resource_owners:
facebook:
type: facebook
client_id: "%facebook_app_id%"
client_secret: "%facebook_app_secret%"
scope: ""
google:
type: google
client_id: "%google_app_id%"
client_secret: "%google_app_secret%"
scope: "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
# here you will add one (or more) configurations for resource owners
<?php
namespace danvbe\UserBundle\Security\Core\User;
use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
use HWI\Bundle\OAuthBundle\Security\Core\User\FOSUBUserProvider as BaseClass;
use Symfony\Component\Security\Core\User\UserInterface;
class FOSUBUserProvider extends BaseClass
{
/**
* {@inheritDoc}
*/
public function connect(UserInterface $user, UserResponseInterface $response)
{
$property = $this->getProperty($response);
$username = $response->getUsername();
//on connect - get the access token and the user ID
$service = $response->getResourceOwner()->getName();
$setter = 'set'.ucfirst($service);
$setter_id = $setter.'Id';
$setter_token = $setter.'AccessToken';
//we "disconnect" previously connected users
if (null !== $previousUser = $this->userManager->findUserBy(array($property => $username))) {
$previousUser->$setter_id(null);
$previousUser->$setter_token(null);
$this->userManager->updateUser($previousUser);
}
//we connect current user
$user->$setter_id($username);
$user->$setter_token($response->getAccessToken());
$this->userManager->updateUser($user);
}
/**
* {@inheritdoc}
*/
public function loadUserByOAuthUserResponse(UserResponseInterface $response)
{
$username = $response->getUsername();
$user = $this->userManager->findUserBy(array($this->getProperty($response) => $username));
//when the user is registrating
if (null === $user) {
$service = $response->getResourceOwner()->getName();
$setter = 'set'.ucfirst($service);
$setter_id = $setter.'Id';
$setter_token = $setter.'AccessToken';
// create new user here
$user = $this->userManager->createUser();
$user->$setter_id($username);
$user->$setter_token($response->getAccessToken());
//I have set all requested data with the user's username
//modify here with relevant data
$user->setUsername($username);
$user->setEmail($username);
$user->setPassword($username);
$user->setEnabled(true);
$this->userManager->updateUser($user);
return $user;
}
//if user exists - go with the HWIOAuth way
$user = parent::loadUserByOAuthUserResponse($response);
$serviceName = $response->getResourceOwner()->getName();
$setter = 'set' . ucfirst($serviceName) . 'AccessToken';
//update access token
$user->$setter($response->getAccessToken());
return $user;
}
}
#app/config/routing.yml
#FosUserBundle Routes
fos_user_security:
resource: "@FOSUserBundle/Resources/config/routing/security.xml"
fos_user_profile:
resource: "@FOSUserBundle/Resources/config/routing/profile.xml"
prefix: /profile
fos_user_register:
resource: "@FOSUserBundle/Resources/config/routing/registration.xml"
prefix: /register
fos_user_resetting:
resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"
prefix: /resetting
fos_user_change_password:
resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
prefix: /profile
#HWIOAuthBundle routes
hwi_oauth_security:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /login
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /login
facebook_login:
pattern: /login/check-facebook
google_login:
pattern: /login/check-google
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_USER
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /login
check_path: /login_check
oauth:
resource_owners:
facebook: "/login/check-facebook"
google: "/login/check-google"
login_path: /login
failure_path: /login
oauth_user_provider:
#this is my custom user provider, created from FOSUBUserProvider - will manage the
#automatic user registration on your site, with data from the provider (facebook. google, etc.)
service: my_user_provider
logout: true
anonymous: true
login:
pattern: ^/login$
security: false
remember_me:
key: "%secret%"
lifetime: 31536000 # 365 days in seconds
path: /
domain: ~ # Defaults to the current domain from $_SERVER
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
#danvbe/UserBundle/Resources/services.yml
parameters:
my_user_provider.class: danvbe\UserBundle\Security\Core\User\FOSUBUserProvider
services:
my_user_provider:
class: "%my_user_provider.class%"
#this is the place where the properties are passed to the UserProvider - see config.yml
arguments: [@fos_user.user_manager,{facebook: facebook_id, google: google_id}]
<?php
namespace danvbe\UserBundle\Entity;
use FOS\UserBundle\Model\User as BaseUser;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\Common\Collections\ArrayCollection;
/**
* @ORM\Entity(repositoryClass="danvbe\UserBundle\Repository\UserRepository")
* @ORM\Table(name="lcl_user")
*/
class User extends BaseUser
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
/** @ORM\Column(name="facebook_id", type="string", length=255, nullable=true) */
protected $facebook_id;
/** @ORM\Column(name="facebook_access_token", type="string", length=255, nullable=true) */
protected $facebook_access_token;
/** @ORM\Column(name="google_id", type="string", length=255, nullable=true) */
protected $google_id;
/** @ORM\Column(name="google_access_token", type="string", length=255, nullable=true) */
protected $google_access_token;
//YOU CAN ADD MORE CODE HERE !
}
daFish commented Jan 10, 2013

This works great and I successfully integrated it in my project. This would make a pretty good example for the documentation.

Owner
danvbe commented Jan 16, 2013

Please, use it as you like. I'll leave the gist here, so you can copy the code or just link here... anyway is best for you.

Perfect, Bro. I use this gist for Yammer Authentication based on oauth2 type and custom OAuth2ResourseOwner. Thank you.

emgiezet commented Mar 8, 2013

I love you! You just save my week of work!

Thank you!

@danvbe
Any idea why I might be getting
Unrecognized field: facebook_id
500 Internal Server Error - ORMException
after following the steps above ?

The columns were created OK in the database after running php app\console doctrine:schema:update --force
Perhaps relevant: i'm currently testing on an internal sitename.dev domain

This is all ok, the only thing missing is how you render it in a twig, the buttons for login ?

@Monomachus it's easy, try somethink like

<a href="{{ path('hwi_oauth_service_redirect', {'service': 'facebook' }) }}" alt="Sign in with Facebook">Sign in with Facebook</a>

@danvbe thanks, it works :-)
If use $user->setPassword($username); passwords saved as plain text, but if use $user->setPlainPassword($username); it saves with salt :-)

You already save a lot of my time, but I'd like to ask, where (and how) I can get a new user's facebook profile photo? I examined all "Response" objects but they conains only user ID, name, many other things, but no photo. I'm going to use a FB photo as a default user picture in my app. Should I make another request to FB?

skelt commented Apr 26, 2013

Im getting [Symfony\Component\DependencyInjection\Exception\InvalidArgumentException]
Unable to replace alias "my_user_provider" with "hwi_oauth.user.provider.entity.main".

any ideas anyone?

skelt commented Apr 26, 2013

never mind solved it. forgot to add:

$loader = new Loader\YamlFileLoader($container, new FileLocator(DIR . '/../Resources/config'));
$loader->load('services.yml');

to DependancyInjection/ManagementExtension

onema commented May 29, 2013

Thank you for the Gist, it has bee really useful.

I used MongoDB and set it up with Twitter, Facebook and Foursquare. Both Facebook and Foursquare worked with no gliches, but I had a hard time setting up twitter as it was logging me in the first time and it would create a new user for the same twitter account every time I logged in after that.

I narrowed the probelm down to a "type" difference in the class FOSUBUserProvider. For some reason for Twitter the call $response->getUsername(); allways returns a type (int). Facebook and Foursquare return a string. Therefore when calling $user = $this->userManager->findUserBy(array($this->getProperty($response) => $username)); the call would return null every time resulting in a new user being created.

I guess there are several ways to fix the issue, one would be to type cast the $username $user = $this->userManager->findUserBy(array($this->getProperty($response) => (string)$username)); but this would require an update to the FOSUBUserProvider::loadUserByOAuthUserResponse as well... other places may need to be updated too.

An alternative method, and that is what I believe I will end up doing as it requires very little code changes, is to set the type of twitter_id to int in the Document:

namespace Acme\UserBundle\Document;

use Doctrine\ODM\MongoDB\Mapping\Annotations as MongoDB;
use FOS\UserBundle\Model\User as BaseUser;

/**
 * @MongoDB\Document(collection="user")
 */
class User extends BaseUser
{
    // ...

    /**
     * NOTICE THE TYPE HERE IS INT
     * @MongoDB\Int
     * alternative syntax
     * @MongoDB\Field(type="int")
     */
    protected $twitter_id;

    //...
}

The downside of doing this is that the twitter_id type will not be consistent with the other user provider ids as they are set to string/Field.

Anyone know if there is a better way to address this problem?

UPDATE
I figured out a better way to address this problem and have created the following pull request: hwi/HWIOAuthBundle#293

gristoi commented May 29, 2013

Fantastic Gist, got my app up and running and logging users in via twitter in no time. I do have one question. Once I have the user logged into my site via the oauth proccess how can i then grab their timeline from the twitter api, or pull in their latest tweets using the access token stored against them in the database?

luishdez commented Jun 4, 2013

Great gist!

Has anyone implemented the remember me feature with this?

BTW I'll check first email if exists and fallback to Id, so in that way users can switch between providers and keep the same account

if ($email) {
    $user = $this->userManager->findUserBy(array('emailCanonical' => $id);
} 
medy36 commented Jun 5, 2013

thank you for your clair explanations !!!!!

i have an error exception related to the FOSUBUserProvider overriding,

ErrorException: Catchable Fatal Error: Argument 1 passed to HWI\Bundle\OAuthBundle\Security\Core\User\FOSUBUserProvider::__construct() must implement interface FOS\UserBundle\Model\UserManagerInterface, string given, called in C:\wamp\www\TrocMaroc\TrocMaroc\app\cache\dev\appDevDebugProjectContainer.php on line 1806 and defined in C:\wamp\www\TrocMaroc\TrocMaroc\vendor\hwi\oauth-bundle\HWI\Bundle\OAuthBundle\Security\Core\User\FOSUBUserProvider.php line 46

would you help me please :)

medy36 commented Jun 5, 2013

Sorry for this stupid question, that was only a missed arguments in my service.
Thank you very very much!!!!!

hi can i have permission to blog about this? also i am implementing a linkedin provider

i got it somehow working however i see that the username that stores linkedin into the db is very different from the one i have on linkedin. Is this normal?

I am working on an OAuth sign-in & sign-up support for Sylius. See my attempt of a reference implementation: https://github.com/headrevision/Sylius/tree/oauth-login. Anyone interested to contribute to my fork?

since everyone use this bundle with FosUserBundle, i think a better name for this bundle might be FosSocialBundle

I have tried your steps many times I think i am only one step away, as i m getting error "SSL certificate problem, verify that the CA cert is OK." and it dont know where to set CURLOPT_SSL_VERIFYPEER to false, I m trying with Google btw

ziiw commented Jun 24, 2013

Hi !

I attempt to do what you explain but, when I test, I have this error:

Error: Class 'HWI\Bundle\OAuthBundle\HWIOAuthBundle' not found

I've put the HWI directory in vendors with the name: HWIOAuthBundle.

Any idea what's my problem ?

@AhmedSamy - I had the same issue. Add following options under "hwi_oauth" and you should be fine.

hwi_oauth:
http_client:
verify_peer: false

@ziiw - Try installing the HWI library using Composer. I did that and got no issues.

Finally I have an issue as well, I get following error (I have masked out certain values for this posting):
FatalErrorException: Error: Call to undefined method xxx\xxx\Entity\User::setFacebookId() in C:\xxx\Security\Core\User\FOSUBUserProvider.php line 54

Any ideas?

@mranawake just run

php app/console doctrine:generate:entities xxx/xxx/Entity/User

This will add setters and getters for the protected properties in your user class.

Barno commented Jul 1, 2013

thanks for this implementation ... I have a small problem, when the user is authenticated, and I close and reopen the browser, this is not remembered

Thank you again!

maZahaca commented Jul 3, 2013

Everything fine!
But i have some problem:

  1. I logout from system
  2. I call myapp/login/google (for example) // In code I goes to FOSUBUserProvider->loadUserByOAuthUserResponse and create a new user.
  3. I redirecting to myapp/ page
  4. I call again myapp/login/google and goes to myapp/login/service/google (page to connect from HWI)

What problems with first call myapp/login/google? Why it redirect to / root?

umens commented Jul 5, 2013

@Barno i have the same issue ! Did you find something about this ? i'll tell you if i find something. Or if somebody resolve this, can he tell us the good way.

Barno commented Jul 9, 2013

@umens try with this...

firewalls:
    main:
        remember_me:
            key: %secret%
            lifetime: 31536000 # 365 days in seconds
            path: /
            domain: ~ # Defaults to the current domain from $_SERVER                   
            always_remember_me: true
            remember_me_parameter: _remember_me
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            login_path: /login
            check_path: /login_check
        oauth:
            remember_me: true
            resource_owners:

                facebook:           "/login/check-facebook"
                #google:             "/login/check-google"
                twitter:            "/login/check-twitter"
            login_path:        /login
            failure_path:      /login

            oauth_user_provider:
                #this is my custom user provider, created from FOSUBUserProvider - will manage the 
                #automatic user registration on your site, with data from the provider (facebook. google, etc.)
                service: my_user_provider
        logout:
            path: /logout
            target: /
        anonymous:    true
    login:
        pattern:  ^/login$
        security: false
ironbone commented Aug 2, 2013

When defining the user in the given way the Entity has a lot of fields. I do not need a lot of them - for example credentials_expire_at

Is it possible to create the User entity without these fields - and how?

sandoche commented Aug 5, 2013

Hello,

I installed HWIOAuthBundle and followed this tutorial properly but when I go to :
/login/google or /login/yahoo it automatically redirect to /login

I didn't get exactly how this bundle is working.
Do you know what is missing to make this work ?

Thanks,

sandoche commented Aug 5, 2013

I found my mistake but now I get this error for every api I configured :/

"No resource owner with name 'yahoo'."

hi,
just add yahoo like

security.yml

   oauth:
            remember_me: true
            resource_owners:

              yahoo:           "/login/check-yahoo"

routing.yml

yahoo_login:
    pattern: /login/check-yahoo

services.yml

parameters:
my_user_provider.class: danvbe\UserBundle\Security\Core\User\FOSUBUserProvider
services:
    my_user_provider:
        class: "%my_user_provider.class%"
        arguments: [@fos_user.user_manager,{facebook: facebook_id, google: google_id, yahoo: yahoo_id}]
<?php
namespace danvbe\UserBundle\Entity;

use FOS\UserBundle\Entity\User as BaseUser;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\Common\Collections\ArrayCollection;

/**
 * @ORM\Entity(repositoryClass="danvbe\UserBundle\Repository\UserRepository")
 * @ORM\Table(name="lcl_user")
 */
class User extends BaseUser
{
    /**
     * @ORM\Id
     * @ORM\Column(type="integer")
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    protected $id;

    /** @ORM\Column(name="facebook_id", type="string", length=255, nullable=true) */
    protected $facebook_id;

    /** @ORM\Column(name="facebook_access_token", type="string", length=255, nullable=true) */
    protected $facebook_access_token;

    /** @ORM\Column(name="google_id", type="string", length=255, nullable=true) */
    protected $google_id;

    /** @ORM\Column(name="google_access_token", type="string", length=255, nullable=true) */
    protected $google_access_token;

    /** @ORM\Column(name="yahoo_id", type="string", length=255, nullable=true) */
    protected $yahoo_id;

    /** @ORM\Column(name="yahoo_access_token", type="string", length=255, nullable=true) */
    protected $yahoo_access_token;

I saw, some of you got it working with Twitter. In my case, Facebook works perfect, but not Twitter. If I try to connect to Twitter, I get to the Twiiter Authorization page with the token in the URL. I click on the authorize button and nothing happens, only the URL token disappears in the URL. But I still stay on the Twitter page. Anybody knows a solution for this?

Solved it myself, I set the app in Twitter to "Read-only", now it works :-)

Hi, there!! awesome job!!! I just have one question,,Is there a class I can modify so that the user would be permitted to enter a password, which he will use for my website login beside the email that will be retrieved from facebook before submitting the form that persists the data(email from facebook and password entered by the user) to my database?!I would like to let the user submit this form and not do it automatically as it is done now,, I hope I made myself clear enough,,Thanks!!

inesbd commented Aug 21, 2013

hi, i have the same problem as Ahmed
SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
i follow instruction but it doesn't work, Anybody knows a solution for this?

Guys, what am I doing wrong?
Check this out:
http://radke.linuxpl.info/app_dev.php/user/login/google

security.yml

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                login_path: /user/login
                check_path: /user/login_check
            oauth:
               resource_owners:
                   google:         "/user/login/check-google"
               login_path:        /user/login
               failure_path:      /user/login
               oauth_user_provider:
                   service: my_user_provider
            logout:
              path: /user/logout
              target: /
            anonymous: ~

    access_control:
        - { path: ^/url/, roles: ROLE_USER }
        - { path: ^/$, roles: ROLE_USER }

routing.yml


freedomes_tiny_url:
    resource: "@FreedomesTinyUrlBundle/Resources/config/routing.yml"
    prefix:   /
fos_user_security:
    resource: "@FOSUserBundle/Resources/config/routing/security.xml"

fos_user_profile:
    resource: "@FOSUserBundle/Resources/config/routing/profile.xml"
    prefix: /profile

fos_user_register:
    resource: "@FOSUserBundle/Resources/config/routing/registration.xml"
    prefix: /register

fos_user_resetting:
    resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"
    prefix: /resetting

fos_user_change_password:
    resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
    prefix: /profile

fos_user_security_login:
    pattern:  /user/login
    defaults: { _controller: FOSUserBundle:Security:login }

fos_user_security_check:
    pattern:  /user/login_check
    defaults: { _controller: FOSUserBundle:Security:check }

fos_user_security_logout:
    pattern:  /user/logout
    defaults: { _controller: FOSUserBundle:Security:logout }

#HWIOAuthBundle routes
hwi_oauth_security:
    resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
    prefix: /user/login

hwi_oauth_connect:
    resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
    prefix: /user/login

hwi_oauth_redirect:
    resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
    prefix:   /user/login
google_login:
    pattern: /user/login/check-google

config.yml

hwi_oauth:
    connect:
        account_connector: my_user_provider
    firewall_name: main
    fosub:
        username_iterations: 30
        properties:
            google: google_id
    resource_owners:
        google:
            type:                google
            client_id:           "xxx"
            client_secret:       "xxx"
            scope:               "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"

On my production environment I get the following message:
Deprecated: Using the UserManager as user provider is deprecated. Use FOS\UserBundle\Security\UserProvider instead. in /srv/www/vhosts/socialmediapipe.com/httpdocs/vendor/friendsofsymfony/user-bundle/FOS/UserBundle/Model/UserManager.php on line 129

I think it's because of the services.yml
arguments: [@fos_user.user_manager,{twitter: twitterId, facebook: facebookId}]

How this must be changed? I only found this, but don't know how to apply this.
https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Upgrade.md#user-provider

Thanks very much for contributing this gist -- one thing: has anyone tried integrating this with a site that already has local users? Say for example I have a database of users where you can create a new login/password on the site (with no social / oauth integration at all, using FOSUserBundlle) -- now I want to add in HWIOauthBundle ...

I'm not seeing how to still use my existing login setup here, but I may be missing something obvious.

Is it possible to add a flash message if user is registrating with facebook ?
I'd like to access "session" in my user provider but i don't know how.

Thanks

@danvbe,

Any chance you can update this for the latest versions of FOSUser & HWIOauth ?
I'm now getting

PHP Fatal error:  Declaration of <snip>Bundle\Security\Core\User\FOSUBUserProvider::connect() must be compatible with
 HWI\Bundle\OAuthBundle\Connect\AccountConnectorInterface::connect(Symfony\Component\Security\Core\User\UserInterface $user, HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface $response) in <snip>Bundle/Security/Core/User/FOSUBUserProvider.php on line 9

And i wouldn't be surprised if a lot of others that used this gist will be running into the same issue ;)
TIA !

Barno commented Sep 29, 2013

@speelgoedkoper

i have add

use Symfony\Component\Security\Core\User\UserInterface;
    public function connect(UserInterface $user, UserResponseInterface $response) 
Barno commented Oct 3, 2013

I have a problem with languages
hwi/HWIOAuthBundle#410

Thx!

great ideas !! :)
in fact i ve given it a test and i realised that if you ve already used some external identity provider (exple : Facebook) to register youself and after being disconnected you try to use another provider (exple : google) , you will have a exception about the email colomn while inserting in DB !! the same email adress will be used and then the exception will be fired !!

coup commented Oct 24, 2013

Well i have followed all your instruction to integrate it with FOSUserBundle but i am not getting any entries in database for facebook_id and facebook_access_token.

i am firing

http://localhost/symfony/web/app_dev.php/login/facebook

and which will ask for user name and password in facebook and on a successful login i am redirecting to the htt://localhost/travel where is my javascript client is available

here is the code of my FOSUserProvider

class FOSUBUserProvider extends BaseClass
{

public function connect(UserInterface $user, UserResponseInterface $response)
{
    $property = $this->getProperty($response);
    $username = $response->getUsername();

    //on connect - get the access token and the user ID
    $service = $response->getResourceOwner()->getName();

    $setter = 'set'.ucfirst($service);
    $setter_id = $setter.'Id';
    $setter_token = $setter.'AccessToken';

    //we "disconnect" previously connected users
    if (null !== $previousUser = $this->userManager->findUserBy(array($property => $username))) {
        $previousUser->$setter_id(null);
        $previousUser->$setter_token(null);
        $this->userManager->updateUser($previousUser);
    }

    //we connect current user
    $user->$setter_id($username);
    $user->$setter_token($response->getAccessToken());

    $this->userManager->updateUser($user);

}

public function loadUserByOAuthUserResponse(UserResponseInterface $response)
{
    $username = $response->getUsername();
    $user = $this->userManager->findUserBy(array($this->getProperty($response) => $username));
    //when the user is registrating
    if (null === $user) {
        $service = $response->getResourceOwner()->getName();
        $setter = 'set'.ucfirst($service);
        $setter_id = $setter.'Id';
        $setter_token = $setter.'AccessToken';
        // create new user here
        $user = $this->userManager->createUser();
        $user->$setter_id($username);
        $user->$setter_token($response->getAccessToken());
        //I have set all requested data with the user's username
        //modify here with relevant data
        $user->setUsername($username);
        $user->setEmail($username);
        $user->setPassword($username);
        $user->setEnabled(true);
        $this->userManager->updateUser($user);
        return $user;
    }

    //if user exists - go with the HWIOAuth way
    $user = parent::loadUserByOAuthUserResponse($response);

    $serviceName = $response->getResourceOwner()->getName();
    $setter = 'set' . ucfirst($serviceName) . 'AccessToken';

    //update access token
    $user->$setter($response->getAccessToken());

    return $user;
}

}

Got an error:
'User provider "my\UserBundle\Document\FOSUBUserProvider" must implement "Symfony\Component\Security\Core\User\UserProviderInterface" '

Is not it supposed that HWI\Bundle\OAuthBundle\Security\Core\User\FOSUBUserProvider already implements Symfony\Component\Security\Core\User\UserProviderInterface ?

got an error

ContextErrorException: Warning: Invalid argument supplied for foreach() in F:\wamp\www\Symfony\vendor\symfony\symfony\src\Symfony\Component\DependencyInjection\Loader\YamlFileLoader.php line 58

ths is my service.yml

parameters:
my_user_provider.class:Test\TestBundle\Lib\FOSUBUserProvider

services:
my_user_provider:
class: "% my_user_provider.class %"
arguments: [@fos_user.user_manager,{google:google_id}]

@ghost
ghost commented Nov 4, 2013

@danvb Isn't there a major security issue in this gist? Suppose I register on a OAuth provider with your email account which is never verified by the OAuth provider. I then use that OAuth provider to login in this symfony application. I am then logged in in this symfony application because I authenticated myself with the OAuth provider using your email and then this email address is found in this symfony application.

Anybody know how to access the session object from within loadUserByOAuthUserResponse()?

*** EDIT ***

Answered my own question. In Bund\Security\Core\User\FOSUBUserProvider I've added a construct method that catches the session object and passes along the user manager and properties to HWI\Bundle\OAuthBundle\Security\Core\User\FOSUBUserProvider

class FOSUBUserProvider extends BaseClass {
    public function __construct(\FOS\UserBundle\Doctrine\UserManager $userManager, array $properties, $session) {
        $this->session = $session;
        parent::__construct($userManager, $properties);
    }

and in your bundles services.yml file:

    my_user_provider:
        class: "%my_user_provider.class%"
        arguments: [@fos_user.user_manager,{google: google_id},@session]

Any ideas on how I could implement a refreshUser function, so the user won't be loaded from database on every request?

Owner
danvbe commented Nov 30, 2013

Hi there guys.
Sorry for not responding to request ... I was on a more than tight schedule in these last couple of months.
I am glad this gist was useful. To be honest I got back here while working on a new S2 project and I needed to integrate these 2 bundles.

Thanks to all of you who commented.
I have included @Barno comment to use the UserInterface in the connect function.
Also update to use the user_provider instead of user_manager.

Basically, beside these simple changes I had to make, I was able to setup everything in this new project in no time, only by following the instructions.

@Fraktl - the security issue you mention can be very simply fixed by validating an email address when you allow a user to register one. Using the oAuth provider does NOT set any email addres for the user in the S2 application. It simply authenticate the user with their external credentials... if you check my code (in public function loadUserByOAuthUserResponse(UserResponseInterface $response)) you programmatically set an email address there (as that field cannot be null). From there on... after the user is logged in... it is up to your S2 application to validate the email address (if you allow the user to change it).
Anyway... creating user using oAuth is in fact a user with "dummy" data... you should ALWAYS ask the user to update its data after creating it with oAuth.

Azenet commented Jan 1, 2014

Hey,

I've tried to setup this as best as I could on an existing setup, and I've got an issue that I didn't have before: The refresh token is always null, but in my settings it is setup to have offline access. Any idea on that ?

Ritin commented Jan 3, 2014

Hi,
Its not clear to me how UserRepository class is declared
what r its contents?

repositoryClass="danvbe\UserBundle\Repository\UserRepository"

so it shud be declared inside the (danvbe\UserBundle\Repository) dir
//---------------------------
googled a bit and used this UserRepository.php

namespace Acme\DoctrineBundle\Repository;
use Doctrine\ORM\EntityRepository;

class UserRepository extends EntityRepository
{

}

now cant see the Facebook/google links

checked with router:debug
//------------------------------------------
http://localhost/Symfony/web/app_dev.php/login
shows the FOSUserBundle Form

but cannot login
Unrecognized field: usernameCanonical

http://localhost/Symfony/web/app_dev.php/login/
here can see the facebook and google links

but clicking on it brings me back to the http://localhost/Symfony/web/app_dev.php/login URL
User account is disabled.

TIA

scepo commented Jan 9, 2014

Any way to implement remember_me functionaly here, I tried all from previous comments but without success ??

ppounder commented Mar 4, 2014

Hi folks,

Before I implemented this I my connect was taking me back to my registration form which prefilled my email and username (dependent on what my paths were set).

I'd like to be able to use this functionality to add the Firstname and Lastname into the registration form, but get the user to still enter a new password. So pretty much run this functionality, not set the password and return the user object back into the registration form.

Pretty much what @roxpopescu was asking. Has anyone managed to implement what @danvbe has brilliantly done, but still return to the registration form to complete extra fields such as password?

Regards
Paul

achreftl commented Mar 5, 2014

Hey, i have this when i try to update the composer , You have requested a non-existent parameter "facebook_app_id".
Can anyone help me? thanks

dmecke commented Mar 23, 2014

@achreftl I had the same problem. In my case, the reason was that I added the parameters in the parameters.yml only, but forgot to add them to the parameters.yml.dist. And with every composer update these parameters were deleted from the parameters.yml again..

a2xchip commented Apr 24, 2014

@achreftl You have to add this param in you app/config/parameters.yml and app/config/parameters.yml.dist

Victoor commented Apr 26, 2014

Nice! Works perfect! :D

mrflo commented May 14, 2014

Hello, I'm trying to implement it but mine is using services.xml.
Could anyone translate the services.yml to services.xml?

Is it something like ??
UPDATED: This is finally the right version:

 <parameters>
      <parameter key="my_user_provider.class">CityPressing\UserBundle\Services\FOSUBUserProvider</parameter>
 </parameters>
<services>
  <service id="my_user_provider" class="%my_user_provider.class%">
            <argument type="service" id="fos_user.user_manager"/>
            <argument type="collection">
                <argument key="facebook">facebook_id</argument>
                <argument key="google">google_id</argument>
            </argument>
        </service>
</services>
reypm commented May 21, 2014

I'm trying to use this on my template <a href="{{ path('hwi_oauth_service_redirect', {'service': 'facebook' }) }}"><img src="{{ asset('bundles/start/images/icons/Facebook.png') }}" class="img-responsive"></a>, but I'm getting this error: No resource owner with name 'facebook', when click on that link, why? this is what I have configured:

HWIOauth definition:

hwi_oauth:
    connect:
         account_connector: my_user_provider
    firewall_name: secured_area

    fosub:
        username_iterations: 30
        properties:
            facebook: facebook
            google: google
    resource_owners:
        facebook:
            type: facebook
            client_id: "%facebook_app_id%"
            client_secret: "%facebook_app_secret%"
            scope: ""
            options:
                display: popup
        google:
            type: google
            client_id: "%google_app_id%"
            client_secret: "%google_app_secret%"
            scope: "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"

Firewall definition at security.yml

firewalls:
    secured_area:
        anonymous: ~
        oauth:
            resource_owners:
                facebook_resource: "/login/check-facebook"
                google_resource:   "/login/check-google"
                twitter_resource:  "/login/check-twitter"
            login_path:        /login
            use_forward:       false
            failure_path:      /login

            oauth_user_provider:
                service: my_user_provider

Services definition at services.yml:

services:
    my_user_provider:
        class: Mapyet\FOSMapyetBundle\Security\FOSUBUserProvider
        arguments: [@fos_user.user_manager, {facebook: facebook, google: google}]

Some of you know how to get the facebook profil picture ?
My config is :

facebook:
            type:                facebook
            client_id:           "%facebook_client_id%"
            client_secret:       "%facebook_client_secret%"
            scope:               "email"
            paths:
                email:          email
                profilepicture: picture.data.url

But i get Null with $response->getProfilePicture() in FOSUBUserProvider ?

$response->getProfilePicture()

But it works with Google ! Like this :

google:
            type:                google
            client_id:           "%google_client_id%"
            client_secret:       "%google_client_secret%"
            scope:               "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
            paths:
                email:           email
                profilepicture:  picture

Is picture.data.url wrong ? I couldn't find an other one

Bebshow commented Jun 8, 2014

@paquitodev: In firewalls, the resource_owners are not identical has the config. set "facebook: /login/check-facebook" in firewall

Remiii commented Jun 14, 2014

Like @skelt I had:

InvalidArgumentException: Unable to replace alias "my_user_provider" with "hwi_oauth.user.provider.entity.main".

Do you have any idea?

Remiii commented Jun 14, 2014

OK I fixed the problem... it was an error in the services.yml. Basicaly the comment in the source file indicated #danvbe/UserBundle/Resources/services.yml and the services.yml file needs to be in the danvbe/UserBundle/Resources/config/services.yml instead of danvbe/UserBundle/Resources/services.yml. Obvious but boring! :-)

So bellow the config.yml fixed.

#danvbe/UserBundle/Resources/config/services.yml
parameters:
    my_user_provider.class: danvbe\UserBundle\Security\Core\User\FOSUBUserProvider

services:
    my_user_provider:
        class: "%my_user_provider.class%"
        #this is the place where the properties are passed to the UserProvider - see config.yml
        arguments: [@fos_user.user_manager,{facebook: facebook_id, google: google_id}]
Sashkan commented Jul 15, 2014

I'm kinda lost, how can I get the facebook username ?

So far, I managed to get the user picture with this :
$fbid = $user->getFacebookId();
$user_fb = "https://graph.facebook.com/" .$fbid;
$picture = $user_fb."/picture?width=260&height=260";

it works just fine, but I can't get any other information about the user

tttony commented Jul 16, 2014

To get the username from FB response try this:

 $username = $response->getUsername();

From database:

$username = $user->getUsername();
Owner
danvbe commented Jul 17, 2014

I got an issue:

I want to prevent users to connect with their social media accounts if the email address is already in the database. I want to redirect user to login page and display them a warning message "There is already an account with this email address".

My response was to add this checking the the loadUserByOAuthUserResponse method:

if (null === $user) {
        $service = $response->getResourceOwner()->getName();
        //we check for the email existence - if so, throw error.
        if($existent_user = $this->userManager->findUserByEmail($response->getEmail())){
            $message = 'There is already an account with this email address';
            throw new \Symfony\Component\Security\Core\Exception\AuthenticationException($message);
        }
...
}

Yet again... this only throws the error and lands the user back to /connect page, with the message displayed.
How would you guys suggest to do the redirection?

Regards.

@danvbe thanks again for a reply.

I implemented throwing an exception, and I was redirected to /login page as I wanted.

I have set

oauth:
   login_path:        /login
   failure_path:      /login

in the security.yml

Sashkan commented Jul 21, 2014

Hi ! Thank you for this great tutorial, it helped me a lot.

I was wondering, is there a way to find which resource owner was used to connect ? I integrated the "sign in with twitter" and "Facebook Connect" things, but I don't know how I can find which one was used.

I saw this line in FOSUBUserProvider.php :

$service = $response->getResourceOwner()->getName();

I tried to use it with

if ($service == "facebook")

but it doesn't seem to work. Any idea ?

Hi,
I'm trying to use this on my template , but I'm getting this error: No resource owner with name 'facebook', when click on that link.
Below are the configured files:
.
Security.yml

security:
encoders:
Phoenix\CoreBundle\Entity\User\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
providers:
users:
id: phoenix.core.manager.user
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
backend:
pattern: ^/admin
anonymous: ~
form_login:
login_path: /admin/login
check_path: /admin/login_check
always_use_default_target_path: true
default_target_path: /admin
logout:
path: /admin/logout
target: /admin/login?logout=true
frontend:
pattern: ^/
anonymous: ~
form_login:
csrf_provider: form.csrf_provider
failure_path: /user/login
login_path: /user/login
check_path: /user/login_check
success_handler: phoenix.frontend.security.authentication.success_handler
failure_handler: phoenix.frontend.security.authentication.failure_handler
always_use_default_target_path: false
logout:
path: /user/logout
target: /
remember_me:
key: "%secret%"
lifetime: 31536000
path: /
domain: ~
secured_area:
pattern: ^/
anonymous: true
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
failure_path: /login
check_path: /login_check
default_target_path: /

            oauth_user_provider:
                #this is my custom user provider, created from FOSUBUserProvider - will manage the
                #automatic user registration on your site, with data from the provider (facebook. google, etc.)
                service: my_user_provider
    login:
        pattern:  ^/login$
        security: false

        remember_me:
            key: "%secret%"
            lifetime: 31536000 # 365 days in seconds
            path: /
            domain: ~ # Defaults to the current domain from $_SERVER

access_control:
    #Backendbundle
    - { path: ^/admin/(login|login_check)$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }
    #Frontbundle
    - { path: ^/login/$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/connect, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }

Config.yml

FOSRest Configuration

fos_rest:
view:
force_redirects:
html: true
formats:
json: true
templating_formats:
html: true

FOSUser Configuration

fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: secured_area
user_class: Phoenix\CoreBundle\Entity\User\User

Socail Configuration

hwi_oauth:
#this is my custom user provider, created from FOSUBUserProvider - will manage the
#automatic user registration on your site, with data from the provider (facebook. google, etc.)
#and also, the connecting part (get the token and the user_id)
connect:
account_connector: my_user_provider
# name of the firewall in which this bundle is active, this setting MUST be set
firewall_name: secured_area
fosub:
username_iterations: 30
properties:
# these properties will be used/redefined later in the custom FOSUBUserProvider service.
facebook: facebook_id
google: google_id
resource_owners:
facebook:
type: facebook
client_id: %facebook_client_id%
client_secret: %facebook_client_secret%
scope: email
infos_url: "https://graph.facebook.com/me?fields=username,name,email,picture.type(large)"
paths:
email: email
profilepicture: picture.data.url
options:
display: popup #dialog is optimized for popup window
services:
hwi_oauth.user.provider.entity:
class: HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUserProvider

Routing.yml

FosUserBundle Routes

fos_user_security:
resource: "@FOSUserBundle/Resources/config/routing/security.xml"

fos_user_profile:
resource: "@FOSUserBundle/Resources/config/routing/profile.xml"
prefix: /profile

fos_user_register:
resource: "@FOSUserBundle/Resources/config/routing/registration.xml"
prefix: /register

fos_user_resetting:
resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"
prefix: /resetting

fos_user_change_password:
resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
prefix: /profile

HWIOAuthBundle routes

hwi_oauth_security:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login

hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /login

hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /login

facebook_login:
pattern: /login/check-facebook

It is not working throwing an error "No resource owner with name 'check-facebook'". Any Idea?

Hello Danvbe,
I am getting a "No resource owner with name 'check-facebook'. 500 Internal Server Error - RuntimeException". I tried several options found on the web, but no luck. you can find the three files config.yml, security.yml and routing.yml at the link below.

https://gist.github.com/jgudavalli/da804f4e4fcd83834985

I have followed the process mentioned above in your blog. Please let me know if you find any mistake in my files.
Regards,
Jyothi

Thanks for this tutorial - this really helped me get things setup and working with facebook - much appreciated.

I just wanted to add a bit of information for those that might hit the same issue that I did when needing to redirect to, say a profile page, on first time that the user logs in for instance as I needed to get the user to fill in their profile with more info than facebook provides and also select a proper username, etc.

To do this you need to implement the AuthenticationSuccessHandlerInterface. I could only get it to work with the following configuration:

// security.yml

security:
    firewalls:
        main:
            form_login:
                ...
                success_handler: security.authentication.success_handler.main.oauth
                ...

// services.yml

    security.authentication.success_handler.main.oauth:
        class: ACME\MyBundle\Security\Handler\LoginSuccessHandler
        arguments: [@router]

`// LoginSuccessHandler.php

<?php

namespace ACME\MyBundle\Security\Handler;


use Doctrine\ORM\EntityManager;
use Symfony\Bundle\FrameworkBundle\Routing\Router;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;

class LoginSuccessHandler implements AuthenticationSuccessHandlerInterface
{
    /**
     * @var Router $router
     */
    protected $router;

    /**
     * @param Router $router
     */
    function __construct(Router $router)
    {
        $this->router = $router;
    }

    /**
     * This is called when an interactive authentication attempt succeeds. This
     * is called by authentication listeners inheriting from
     * AbstractAuthenticationListener.
     *
     * @param Request        $request
     * @param TokenInterface $token
     *
     * @return Response never null
     */
    public function onAuthenticationSuccess(Request $request, TokenInterface $token)
    {
        // check if this is the first time the user has connected
        // and redirect to the profile page to continue filling in
        // their profile data
        if ($token->getUser()->isNewUser()) {
            // redirect to profile for newly created user so they can continue
            // registration process
            $uri = $this->router->generate('profile');
        } else {
            $uri = $request->headers->get('referer');
        }

        return new RedirectResponse($uri);
    }

This is all pretty straight forward except I wasted a day trying to figure out that I need to use security.authentication.success_handler.main.oauth instead of my own custom reference to my service.

I hope this helps someone including myself the next time I implement this in another project.

Using Symfony 2.5, I had to change the login path in the access_control section of security.yml to the following:

access_control:
    - { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }

Without this change, the google auth link would just bounce back to the login screen all the time.

zazzou commented Sep 14, 2014

Hey, i have this when i try to update the composer , You have requested a non-existent parameter "facebook_app_id".
Can anyone help me? thanks

I got the same issue, but what are we suppose to put in parameters.yml?
thanks

edit: ok done.

greg606 commented Sep 18, 2014

Thanks, great implementation.
It lacks one thing IMHO - using oauth data in register form as is often the case.
Anyway I also found the bundle itself offers FOSUBUserProvider
https://github.com/hwi/HWIOAuthBundle/blob/master/Security/Core/User/FOSUBUserProvider.php

I get Error: redirect_uri_mismatch my REDIRECT URIS is set to

http://mysite.com:8080/googleauth/web/app_dev.php/login/check-google

i tried without port number, same result.

The error:

The redirect URI in the request: 
http://mysite.com/googleauth/web/app_dev.php/login/check-google 
did not match a registered redirect URI.

I am using only google.

Hi

I implemented everything with the Sonata user route (which extends FOS User). One thing I am unclear about, is that the facebook_login route which has the check-facebook pattern, does not seem to point to any Controller and Action. So, when connecting with Facebook, I get re-directed to the ../check-facebook pattern, but the page rendered is blank. Am I missing a step or why would this happen?

#routing.yml
facebook_login:
    pattern: /oauth/check-facebook

Thanks in advance!

zazzou commented Oct 13, 2014

hi ican't retrieve the username from facebook.
Everything is working fine with google.
But with facebook i can get only the id of the user, so with that id i can get the profile picture like this

but i don't know how to get the username, when i logged in with facebook instead of username i get the id in the database.
Thank you sorry for my english
Edit : it's ok now i'm getting user nickname

Hi, thank for the tutorial. But in login page I always see only facebook login link and do not see login\pwd for basic auth. What I must do for see basic logging\pwd with social login links?

Hi,

After successful authentication from OAuth (combination of FOSUSERBundle and FOSOAuthBundle) and in application(combination of FOSUserBundle and HWIOAuthBundle) I am getting error "An authentication exception occurred.".

Please can anyone can help me out.
config.yml
hwi_oauth:
#this is my custom user provider, created from FOSUBUserProvider - will manage the
#automatic user registration on your site, with data from the provider (facebook. google, etc.)
#and also, the connecting part (get the token and the user_id)
connect:
account_connector: my_user_provider
# name of the firewall in which this bundle is active, this setting MUST be set
firewall_name: main
fosub:
username_iterations: 30
properties:
# these properties will be used/redefined later in the custom FOSUBUserProvider service.
github: githubID
atssso: ssoID
resource_owners:
github:
type: github
client_id: a8b7e3e35e46271d10a5
client_secret: 6abca3ded9a19d9e2bf52b42f017d23a745bd540
scope: "user:email"
atssso:
type: oauth2
client_id : 22_2gru4z9wp2o044w0k4cco8ggks8go8os40ko88skkggwg4gksk
client_secret: 2q608w9kl1yck4k8o0w40csokwwg0ok48cggoo8c84c4wk004
access_token_url: http://192.168.11.71/atssso/web/app_dev.php/oauth/v2/token
authorization_url: http://192.168.11.71/atssso/web/app_dev.php/oauth/v2/auth
infos_url: http://192.168.11.71/atssso/web/app_dev.php/api/user
user_response_class: HWI\Bundle\OAuthBundle\OAuth\Response\PathUserResponse
paths:
identifier: id
nickname: username
realname: username
email: email
# here you will add one (or more) configurations for resource owners

security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_USER

providers:
    fos_userbundle:
        id: fos_user.user_provider.username_email

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            login_path: /login
            check_path: /login_check
        oauth:
            resource_owners:
                github:           "/login/check-github"
                atssso: "/login/check-atssso"
            login_path:        /login
            failure_path:      /login

            oauth_user_provider:
                #this is my custom user provider, created from FOSUBUserProvider - will manage the
                #automatic user registration on your site, with data from the provider (facebook. google, etc.)
                service: my_user_provider
        logout:       true
        anonymous:    true

    login:
        pattern:  ^/login$
        security: false

        remember_me:
            key: "%secret%"
            lifetime: 31536000 # 365 days in seconds
            path: /
            domain: ~ # Defaults to the current domain from $_SERVER

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }

Thanks,
Amit

@danvbe

Above article is working with github oauth but when I am trying with generic resource owner. After redirection from oauth login, user is not getting registered in application.

I am getting error "An authentication exception occurred."

Please anyone can help me out.

aequasi commented Nov 25, 2014

@quantizer

@danvbe thanks, it works :-)
If use $user->setPassword($username); passwords saved as plain text, but if use $user->setPlainPassword($username); it saves with salt :-)

do NOT do this!!! All of your passwords will be the username that is given from the oauth provider!

The way it is set now, the password will never be able to be brute forced/guessed because the encoder will never be able to hash into the plain text username.

Zamoud commented Jan 27, 2015

Hi
I can connect, and save data in my database.
If I disconnect the user can't reconnect because I aldrealy have my user registered in my DB so that give me an SQL error duplicate entry.
Thank you the community.

yanict commented Jan 27, 2015

Hi all,
when the user want to cancel the connection (instead of accepting) on the provider side. He gets redirected to :
http://www.mysite.com/app_dev.php/login/service/google?error=access_denied

and have the following error

Catchable Fatal Error: Argument 1 passed to HWI\Bundle\OAuthBundle\OAuth\ResourceOwner\GenericOAuth2ResourceOwner::getUserInformation() must be of the type array, null given, called in C:\apache64\htdocs\mysite\vendor\hwi\oauth-bundle\HWI\Bundle\OAuthBundle\Controller\ConnectController.php on line 186 and defined
500 Internal Server Error - ContextErrorException

does anyone already face that error ? thanks for your help.

@zamoud, do you have implemented both methods : connect and loadUserByOAuthUserResponse ?
paste your FOSUBUserProvider.php file ?

Zamoud commented Feb 4, 2015

thanks @yanict
i reinstall it and it work

Zamoud commented Feb 4, 2015

i have the same pb of "get the facebook username"
like @Sashkan and @zazzou

so
$fbid = $user->getFacebookId();
$pic = "https://graph.facebook.com/" .$fbid."/picture"; ==> work
$userData = "https://graph.facebook.com/" .$fbid; ==> pb "code": 100

now with real link
https://graph.facebook.com/10205810650693432/picture ==> work
https://graph.facebook.com/10205810650693432 ==>pb "code": 100

the pb is "FacebookId" is wrong
and the real Facebookid is "1472127719"
you can test it https://graph.facebook.com/1472127719 (the same image)

the first link work because facebook convert the id of OAuth to get the real facebookId
this is the link after loaded

https://fbcdn-profile-a.akamaihd.net/hprofile-ak-xpa1/v/t1.0-1/p50x50/10888838_10205522960661361_6666071637152803952_n.jpg?oh=3fc95b6409d1f0ecf7daffc2412db2d4&oe=556751F7&__gda__=1432231754_75b5a63dac6c09d918f0e9ddcb60ec9c

so we should correct setFacebookId()

Thank you sorry for my english

@danvbe Is there a way to validate the user within this UserProvider ? I had an issue with one Facebook account, i had the email in the response equals to null (old account and the email does not exist anymore, i guess that's why I had an null value...). Anyway, I'd like to make sure that I have all the proper data in order to avoid a 500 error (SQL one in my case : email can not be null). Thanks for your ideas guys !

kimwue commented Feb 25, 2015

Could anyone let me know where/in which case the FOSUBUserProvider:connect method is actually used?
I can't find any situation its called...

Apart from that thanks - works like a charm :)

Hi. I have realized every step and now I can login with faceboook. I go first to login/facebook register the user, then go to /profile And I get numbers

Identificado como 801567456598134 | Salir
Nombre de usuario: 801567456598134
Email: 801567456598134

Why I can not get the email of the user???

@ SakyaStelios

Please read author's comments carefully, your issue, I suspect, is in the file FOSUBUserProvider.php

        //I have set all requested data with the user's username
        //modify here with relevant data
        $user->setUsername($username);
        $user->setEmail($username);
        $user->setPassword($username);

Add $email = $response->getEmail(); before or after $username = $response->getUsername(); in public function loadUserByOAuthUserResponse

Thereafter modify $user->setEmail($username); to $user->setEmail($email);

To be safe, clear cache

chalasr commented Mar 11, 2015

Magical ! First Try !!!
I have taken your code, adapted it for twitter (instead of facebook & google), and all run in 5minues.
Thank you for this great gist !

Very nice Gist!

The problem I found was the length limit on the access token. I use a custom service with a access token length of more then 255 characters. I changed the column type to text, because the oAuth specs doesn't say anything about the length.

My Symfony app can't find the service and I got this error:

ServiceNotFoundException in CheckExceptionOnInvalidReferenceBehaviorPass.php line 58: The service "hwi_oauth.security.oauth_utils" has a dependency on a non-existent service "hwi_oauth.resource_ownermap.name".

My services.yml is the next one:

parameters:
my_user_provider.class: Main\SiteBundle\Services\FOSUBUserProvider

services:
my_user_provider:
class: "%my_user_provider.class%"
arguments: [@fos_user.user_manager,{facebook: facebook_id, google: googl
e_id}]

I'm getting crazy with this, it seems to have a wrong path, but all is right...

Hey @danvbe,
Already fixed.
How I can associate the login with facebook to REGISTRATION_SUCCESS or REGISTRATION_COMPLETED of fosuserbundle event?

I've tried in this way, but with errors.

            $this->userManager->updateUser($user,true);

            $dispatcher = $this->container->get('event_dispatcher');
            $event = new FOSUserEvents($user);
            $dispatcher->dispatch(FOSUserEvents::REGISTRATION_SUCCESS, $event);

Can I have help?

@ghost
ghost commented Apr 10, 2015

Hi, I got this error:

FatalErrorException in FOSUBUserProvider.php line 78: Compile Error: Cannot redeclare class Webworks\UserBundle\Security\Core\User\FOSUBUserProvider

Can't find my mistake...

durthar commented Apr 18, 2015

@danvbe Thanks! This was very helpful in integrating FB Login.

I'm still a bit skeptical about the int username/email/password. Does anyone have a "best practices" resource for this?

@danvbe Can you helpme,

I'm trying configured this Bundle but don't understand whappend, paste my implementation, don't error display only "Authentication request could not be processed due to a system problem",

So, how try update my schema tell me that : [Doctrine\Common\Persistence\Mapping\MappingException]
Class 'RegistroBundle\Entity\metadata\orm\Actividad' does not exist

app/config.yml
imports:
- { resource: parameters.yml }
- { resource: security.yml }
- { resource: services.yml }

framework:
#esi: ~
#translator: { fallbacks: ["%locale%"] }
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig','php']
#assets_version: SomeVersionScheme
default_locale: "%locale%"
trusted_hosts: ~
trusted_proxies: ~
session:
# handler_id set to null will use default session handler from php.ini
handler_id: ~
fragments: ~
http_method_override: true

Twig Configuration

twig:
debug: "%kernel.debug%"
strict_variables: "%kernel.debug%"

Assetic Configuration

assetic:
debug: "%kernel.debug%"
use_controller: false
bundles: [ ]
#java: /usr/bin/java
filters:
cssrewrite: ~
#closure:
# jar: "%kernel.root_dir%/Resources/java/compiler.jar"
#yui_css:
# jar: "%kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar"

Doctrine Configuration

doctrine:
dbal:
driver: "%database_driver%"
host: "%database_host%"
port: "%database_port%"
dbname: "%database_name%"
user: "%database_user%"
password: "%database_password%"
charset: UTF8
# if using pdo_sqlite as your database driver:
# 1. add the path in parameters.yml
# e.g. database_path: "%kernel.root_dir%/data/data.db3"
# 2. Uncomment database_path in parameters.yml.dist
# 3. Uncomment next line:
# path: "%database_path%"

orm:
    auto_generate_proxy_classes: "%kernel.debug%"
    auto_mapping: true

Swiftmailer Configuration

swiftmailer:
transport: "%mailer_transport%"
host: "%mailer_host%"
username: "%mailer_user%"
password: "%mailer_password%"
spool: { type: memory }

fos_user:
db_driver: orm
firewall_name: main
user_class: RegistroBundle\Entity\User

hwi_oauth:
#this is my custom user provider, created from FOSUBUserProvider - will manage the
#automatic user registration on your site, with data from the provider (facebook. google, etc.)
#and also, the connecting part (get the token and the user_id)
connect:
account_connector: my_user_provider

name of the firewall in which this bundle is active, this setting MUST be set

firewall_name: main
fosub:
    username_iterations: 30
    properties:
        # these properties will be used/redefined later in the custom FOSUBUserProvider service.
        # facebook: facebook_id
        google: google_id
resource_owners:
    # facebook:
    #     type:                facebook
    #     client_id:           "%facebook_app_id%"
    #     client_secret:       "%facebook_app_secret%"
    #     scope:               ""
    google:
        type:                google
        client_id:          xxx.apps.googleusercontent.com
        client_secret:       xxxxxxxxxxxxxxn
        scope:               "https://www.googleapis.com/auth/userinfo.email 
################################3

app/security.yml

security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_USER

providers:
    fos_userbundle:
        id: fos_user.user_provider.username_email

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            login_path: /login
            check_path: /login_check
        oauth:
            resource_owners:
                #facebook:           "/login/check-facebook"
                google:             "/login/check-google"
            login_path:        /login
            failure_path:      /login

            oauth_user_provider:
                #this is my custom user provider, created from FOSUBUserProvider - will manage the
                #automatic user registration on your site, with data from the provider (facebook. google, etc.)
                service: my_user_provider
        logout:       true
        anonymous:    true

    login:
        pattern:  ^/login$
        security: false

        remember_me:
            key: "%secret%"
            lifetime: 31536000 # 365 days in seconds
            path: /
            domain: ~ # Defaults to the current domain from $_SERVER

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }
#####################3

myBundle/Resources/config/services.yml

please help me

thanks

youpixxl commented May 1, 2015

Hi and thanks a lot @Danvbe, your Gist helped me a lot !

@roxpopescu , @ppover, @greg606, dunno if it fits exactly your needs but I have implemented a way to fill a register form from the 0Auth data.

The trick is to throw an Account not linked exception if the userId from OAuth data is not found in your db. This will trigger the register action, and fill the register form with the OAuthData.

Create your own FOSUBUserProvider and override loadUserByOAuthUserResponse like this

 /**
 * {@inheritdoc}
 */
public function loadUserByOAuthUserResponse(UserResponseInterface $response)
{
    $data = $response->getResponse();
    $username = $response->getUsername();

    $user = $this->userManager->findUserBy(array($this->getProperty($response) => $username));
    //when the user is registrating
    if (null === $user) {
        throw new AccountNotLinkedException();           
    }

    //if user exists - go with the HWIOAuth way
    $user = parent::loadUserByOAuthUserResponse($response);

    $serviceName = $response->getResourceOwner()->getName();
    $setter = 'set' . ucfirst($serviceName) . 'AccessToken';

    //update access token
    $user->$setter($response->getAccessToken());

    return $user;
}

That's it !

Then if like me you want to use your custom RegisterForm, you can also fill it automatically with OAuthData by overriding the FOSUBRegistrationFormHandler.

Step 1/ Create your custom FOSregister form, by ex. with additional Name and Gender fields. (see FOSUserBundle doc on how to override forms).

Step 2/ Set up your config file to retrieve the additional fields from your OAuth Provider (here Facebook)

your app/config/config.yml

resource_owners:
    facebook:
        type:                facebook
        client_id:           "%facebook_app_id%"
        client_secret:       "%facebook_app_secret%"
        scope:               "email, public_profile"
        infos_url:           "https://graph.facebook.com/me?fields=id,name,email,gender"
        paths:
            name:           name
            email:          email

Step 3/ Create your custom FOSUBRegistrationFormHandler.php and add your custom logic in the setUserInformation function

/**
 * Set user information from form
 *
 * @param UserInterface         $user
 * @param UserResponseInterface $userInformation
 *
 * @return UserInterface
 */
protected function setUserInformation(UserInterface $user, UserResponseInterface $userInformation)
{
    $accessor = PropertyAccess::createPropertyAccessor();
    $accessor->setValue($user, 'username', $this->getUniqueUserName($userInformation->getNickname()));

    if ($accessor->isWritable($user, 'email')) {
        $accessor->setValue($user, 'email', $userInformation->getEmail());
    }
    //Custom Logic here
    //Here I retrieve the name and gender
    $user->setName($userInformation->getResponse()['name']);
    $user->setGender($userInformation->getResponse()['gender']);

    return $user;
}

Then in your custom ConnectController, modify the registerAction function and change the formhandler service to your own

/**
 *
 */
public function registrationAction(Request $request, $key)
{
    $connect = $this->container->getParameter('hwi_oauth.connect');
    if (!$connect) {
        throw new NotFoundHttpException();
    }

    $hasUser = $this->container->get('security.context')->isGranted('IS_AUTHENTICATED_REMEMBERED');
    if ($hasUser) {
        throw new AccessDeniedException('Cannot connect already registered account.');
    }

    $session = $request->getSession();
    $error = $session->get('_hwi_oauth.registration_error.'.$key);
    $session->remove('_hwi_oauth.registration_error.'.$key);

    if (!($error instanceof AccountNotLinkedException) || (time() - $key > 300)) {
        // todo: fix this
        throw new \Exception('Cannot register an account.');
    }

    $userInformation = $this
        ->getResourceOwnerByName($error->getResourceOwnerName())
        ->getUserInformation($error->getRawToken())
    ;

    // enable compatibility with FOSUserBundle 1.3.x and 2.x
    if (interface_exists('FOS\UserBundle\Form\Factory\FactoryInterface')) {
        $form = $this->container->get('hwi_oauth.registration.form.factory')->createForm();
    } else {
        $form = $this->container->get('hwi_oauth.registration.form');
    }

    //Here you specify your custom service  
    $formHandler = $this->container->get('your_custom.registration.form.handler');

    if ($formHandler->process($request, $form, $userInformation)) {
        $this->container->get('hwi_oauth.account.connector')->connect($form->getData(), $userInformation);
        // Authenticate the user
        $this->authenticateUser($request, $form->getData(), $error->getResourceOwnerName(), $error->getRawToken());

        return $this->container->get('templating')->renderResponse('HWIOAuthBundle:Connect:registration_success.html.' . $this->getTemplatingEngine(), array(
            'userInformation' => $userInformation,
        ));
    }
    // reset the error in the session
    $key = time();
    $session->set('_hwi_oauth.registration_error.'.$key, $error);

    return $this->container->get('templating')->renderResponse('HWIOAuthBundle:Connect:registration.html.' . $this->getTemplatingEngine(), array(
        'key' => $key,
        'form' => $form->createView(),
        'userInformation' => $userInformation
    ));
}

Do not forget to modify your service.yml

your_custom.registration.form.type:
    class: Path\to\your\RegistrationFormType
    tags:
        - { name: form.type, alias: your_custom_registration }

your_custom.registration.form.handler:
    class: Path\to\your\FOSUBRegistrationFormHandler
    arguments: [@fos_user.user_manager,@fos_user.mailer, @fos_user.util.token_generator]

Hi, I login with Google, if the user doesn't exist I save it in the database and login, but if I login again I have an error: Code was alreade redeemed

If anyone encounters with the No resource owner with name 'check-facebook' or 'check-*' problem try to define
facebook_login:
pattern: /login/check-facebook
route before the hwioauth route lines.

Otherwise /login/{service} which is defined in @HWIOAuthBundle/Resources/config/routing/redirect.xml overrides these routes.

zetta commented Jun 15, 2015

This gist helped me a lot. Thank you!!!!!

This implementation might have a problem, for example:

  1. User login using facebook
  2. User changes email
  3. User logout
  4. User login again, UserProvider try to create a new user entity because it looks up using email but the facebook id is still attached to original account and creation of new user fails as well as updating of old user.

Any idea on how to solve this ?

Hi @youpixxl, do you have a working project example of that implementation?

Hello,

Very nice gist.
But how you manage when a user not accept all permissions with Facebook Connect. I can see in the documentation an option : "auth_type: rerequest" but when i use it i take an error : "The option "auth_type" does not exist."

Any idea ?

Sorry for my english.

dude, this gists is simply amazing, +10 to you, just what I'm looking for.

xserrat commented Aug 20, 2015

Thank you @danvbe, excellent gists!

madEng84 commented Oct 2, 2015

I have encountered this problem:

No resource owner with name 'check-facebook'.

As @feyyazesat said, i moved it before hwi_oauth routes but then i have this problem:

Unable to find the controller for path "/login/check-facebook". The route is wrongly configured.

@danvbe can you help me?

Hi!

What I can to do in the method loadUserByOAuthUserResponse when the user no return email?

I had one case that this it happened...

Thank's!

As far as I tested, same problem than @madEng84

Also, it would be great if some people publish their own custom GISTs, just to see the way they're implementing their solution (I'd be very pleased)

EDIT: I found a solution to the same case @madEng84 has: hwi/HWIOAuthBundle#781 (comment)

I have created a Gist with my working setup:

https://gist.github.com/yahuarkuntur/5c7b4b5f9d05106219b8

Hope this helps anyone 😄

deyvid5 commented Oct 17, 2015

I'm getting

 Uncaught PHP Exception PropelException: "Unknown column Facebook_id in model     FOS\UserBundle\Propel\User" at C:\xampp\htdocs\portalsportowy\vendor\propel\propel1\runtime\lib\query\ModelCriteria.php line 2145 

Who can explain me why.

I do have:

fos_user:
    db_driver: propel
    firewall_name: main
    user_class: Back\UserBundle\Model\User

and overriden the fosuerbundle schema.xml with extra facebookId var.

malud commented Oct 22, 2015

@deyvid5
I think you have to update your ORM information und generate your migration out of the resulting model <> db diff and finally migrate your changes.

See http://symfony.com/doc/current/bundles/DoctrineMigrationsBundle/index.html for more details.

@danvbe

thanks, this was really helpful

jorgadan commented Nov 3, 2015

I need realize the login with google, I did all configuration of this gist, but when i do click in "google log in" button I'm redirected from "login/google" to "/login" .

< a href="{{ path('hwi_oauth_service_redirect', {'service':'google'}) }}" class="gplus">
                        <i class="fa-google-plus"></i>
                        Login con Google+
  </a>

I don't sure about parameters:

#parameters.yml

parameters:
     google_app_id: gsdg
     google_app_secret: gsdg 

the missing code is equal to the tutorial.

#routing.yml

fos_user:
  resource: "@FOSUserBundle/Resources/config/routing/all.xml"

hwi_oauth_security:
    resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
    prefix: /login

hwi_oauth_connect:
    resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
    prefix: /login

hwi_oauth_redirect:
    resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
    prefix:   /login

google_login:
    pattern: /login/check-google

some of my config.yml

#config.yml
hwi_oauth:
    connect:
        account_connector: my_user_provider
    firewall_name: main
    fosub:
        username_iterations: 30
        properties:
            google: google_id
    resource_owners:
        google:
            type: google
            client_id: "%google_app_id%"
            client_secret: "%google_app_secret%"
            scope: "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"

Somebody know how it work the routing for access with google??
Am I forgetting something in another file that here is not specified.

Works perfectly, just that it creates different accounts for google and facebook for the same email. Username, email and password are also completed with an id, but I guess that's the part where we must interfere with our own code. 👍

bnd170 commented Dec 20, 2015

It doens't work for me :( I don't know what im doing wrongly.

Im using Symfony 2.7, this doc works on 2.7?

I do not understand what I am doing wrong. I've installed the code as stated, but when I go to "Sign in with Facebook" the only thing that is returned is the facebook_access_token. Nothing such as email, name, id are returned. Here is my code.

Ive tried this:

        scope:         "email"
        infos_url:     "https://graph.facebook.com/me?fields=id,name,email,picture.type(square)"
        paths:
        email:     email
        profilepicture: picture.data.url
        options:
        display:    popup

I've tried this:

        scope:         "email"
        infos_url:     "https://graph.facebook.com/me?fields=id,name,email,picture.type(square)"

and I've tried this...

        scope:         "email"

Nothing works. When I try and echo the username, email or id all I get is NULL responses.

echo $response->getUsername(); results in NULL response.
echo $response->getEmail(); results in NULL response.
echo $response->getId(); results in NULL response.

Can anyone help me get thought this issue. Thanks.

Is there a way to redirect users to a specific URL after authentication? I.e. each user might go to a different URL depending on the context of their login. In the configuration there is the default_target_path setting, I'm wondering if there is a way to dynamically alter this value or would there be a better approach?

Any ideas appreciated.

Hi @danvbe

I have implemented your solution in Symfony 2.8.2. For some reason, I see the the popup window calls the facebook api, but always ends up on a FOSUserbundle login form (assuming it's defaults to this)

How could I go about solving this?

@waynobweno, i have added this code

paths:
    email: email

in Facebook resource_owners.

My code:

hwi_oauth:
    connect:
        account_connector: footgears.oauth_user_provider
    firewall_name: main
    target_path_parameter: _destination
    fosub:
        username_iterations: 5
        properties:
            vkontakte: vkontakteId
            facebook: facebookId
    resource_owners:
        vkontakte:
            type: vkontakte
            client_id: %vk_client_id%
            client_secret: %vk_client_secret%
            scope: email
            user_response_class: Footgears\MainBundle\Security\VKUserResponse
        facebook:
            type: facebook
            client_id: %fb_client_id%
            client_secret: %fb_client_secret%
            scope: email
            paths:
                email: email

The Bundle is ready on my application but when i register a member with facebook, all of columns in my user database [ firstname, lastname, email, etc ] are save with the facebookID's member. when i can update this with his facebook's email, firstname, lastname ?

Thanks

i got an error like
ParameterNotFoundException in ParameterBag.php line 84:
You have requested a non-existent parameter "mailer_encryption".
what to do????
thanks

I got error on $form = $this->createForm('form'); . Did you get that?

@waynobweno did you get sorted? I have made great progress in Symfony3 getting this to work, I can now login/register with Facebook :) - if you still need help I can spend time putting some notes together?

I spoke too soon - having trouble connecting services to existing and logged in users... get a

Could not load type "form"

Exception... just cannot reverse engineer deep enough to work out why :(

gabma commented Aug 18, 2016

@quantizer @danvbe
If you use the $username (which returns the ID, right?) and set it as the password, you could suppose that anyone could log in on a users account if he has his email address, and finds his Facebook account Id ... which is not really complicated to figure out these days.

Wouldn’t it be more efficient to set the default password with the token?

Works fine on localhost but when I upload it to live server, I get the following error:

Fatal error: Class 'HWI\Bundle\OAuthBundle\HWIOAuthBundle' not found in /home/xyz/symfony3/app/AppKernel.php on line 21

AppKernel.php has such entry:

$bundles = [
            ...,
            ...,
            new HWI\Bundle\OAuthBundle\HWIOAuthBundle(),
        ];

What could be the problem? I'm using Symfony 3.1.1 on Windows for localhost.
PS: I have no access to the terminal as it is a shared hosting thus clear:cache is not possible. Alternatives?

@de-itsnotme did you composer require hwi/oauth-bundle on server ?

hariharasudhan94 commented Nov 18, 2016 edited

hi i am new to hwiauthbundle i cant figure out why we use connect()

Very Nice and Clear Tutorial.
Thank You, you saved time to a lot of people !

Thanks @yamennassif, I don't know the reason but cache clear did solve the issue back then.

varnitsaini commented Feb 28, 2017 edited

@northern, i know its bit late but did you get the answer to redirect based on context of login after successful login? i am facing the same issue and i dont want to use default_target_path. thanks in advance!

phpdeveloper1 commented Mar 8, 2017 edited

I have implemented hwio auth bundle for facebook.But after facebook login I am redirected to failure_path instead of login_path.
My security.yml is as follows :

main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                check_path: /login_check
                login_path: /login
                #use_forward: false
                #use_referer: false
                default_target_path: /artist
                
            oauth:
                resource_owners:
                    facebook:           "/login/check-facebook"
                login_path:        /login
                failure_path:      /login
                default_target_path: /artist
                oauth_user_provider:
                    service: hwi_oauth.user.provider.fosub_bridge
            logout:                target: /
            anonymous:    true
            switch_user:  { role: ROLE_ADMIN }
            context: primary_auth

My config.yml is as follows:

hwi_oauth:
    
    connect:
        account_connector: hwi_oauth.user.provider.fosub_bridge
          
    firewall_names: [main]
    fosub:
        username_iterations: 30
        properties:
            facebook: facebookId
    resource_owners:
        facebook:
            type:                facebook
            client_id:           "%fb_app_id%"
            client_secret:       "%fb_app_secret%"

Hi
Thanks for this good bundle. I'm using it from a year ago. But now I need modify the way to work, I only need connect to facebook by example only in the login action, not in the others requests.
Is possible only connect to the social network in the login, validate and later not connect more?

Thanks for your time
Regards Ernesto

ducho commented Apr 26, 2017

Hi.
Today I have same problem in Symfony3 as @speelgoedkoper. :(
Unrecognized field: facebook_id
500 Internal Server Error - ORMException
Configuration is same as @danvbe wrote....
Please, any suggestions ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment