I tried to change the:
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
But nothing happens. What should I do?
according to symfony it should be, you missed the security layer. Try adding it:
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
Related
I have updated my project to Symfony 6, and now my google login is not working as before. The remember me token is not working if I close the browser. In 5.4, I had written my security.yaml like this :
google:
pattern: ^/connect/google
guard:
authenticators:
- App\Security\GoogleAuthenticator
logout:
path: app_logout
target: home
remember_me:
secret: "%env(GOOGLE_CLIENT_SECRET)%"
lifetime: 604800
always_remember_me: true
but now the cli tell me I need to change "guard". If I use custom_authenticator option, there are a lot of errors because I'm using SocialAuthenticator as you can see here : https://codeshare.io/Od84jx If I remove the google part from security.yaml I don't have error, and register and login are working, but not remember me token.
I finally succeeded, I share my solution for those who have the same problem.
So in symfony 5.4 to symfony 6.1, you need to use OAuth2Authenticator instead of SocialAuthenticator. You can follow the doc to write your GoogleAuthenticator : https://github.com/knpuniversity/oauth2-client-bundle#step-1-using-the-new-oauth2authenticator-class
Then you only need to add it in your custom_authenticator section in the security.yaml file. For example :
main:
switch_user: true
lazy: true
provider: app_user_provider
custom_authenticator:
- App\Security\LoginAuthenticator
- App\Security\GoogleAuthenticator
And then it will work if you already have your controller. (https://github.com/knpuniversity/oauth2-client-bundle#step-3-use-the-client-service)
A friend who has a Symfony tool asks me to change his password. I am a PHP developer but I don't know Symfony...
I found the security.yml file with the password encrypted in bcrypt (12 passes). When I replace the password by another bcrypt password (12 passes) directly in the code, it crashes when I try to connect (wrong credential). When I put back the old password, it works again...
Any idea ?
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory:
users:
nextstep:
password: $2a$12$et/Xz8tDrdB3b5[etc...]
roles: 'ROLE_ADMIN'
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: bcrypt
cost: 12```
Trying to use both bundles with latest Symfony (V:2.7.2).
FOSOauth is set and works fine, but adding HWIOAuthBundle isn't so trivial. Following the instruction in native Read.me brought me to this:
The service "hwi_oauth.security.oauth_utils" has a dependency on a
non-existent service "hwi_oauth.resource_ownermap.api".
How to setup this two together?
It seems you haven't configured properly oauth section in the firewall (security.yml file) you want HWIOAuthBundle to work with.
For example, with Facebook:
// app/config/config.yml
hwi_oauth:
firewall_name: main
resource_owners:
facebook:
type: facebook
...
Then you need to configure main firewall
// app/config/security.yml
main:
pattern: ^/
oauth:
resource_owners:
facebook: "/login/check-facebook"
oauth_user_provider:
service: my_custom_oauth_user_provider
...
Don't forget to declare facebook login-check route
// app/config/routing.yml
facebook_login:
path: /login/check-facebook
and you also need to create a user provider (the bundle itself has some built-in providers that you can extend and modify) and register it as a service
// app/config/services.yml
my_custom_oauth_user_provider:
class: AppBundle\Security\OAuthUserProvider
As your question is how to setup HWIOAuthBundle with FOSOAuthServerBundle, there is a very complete guide of how to achieve this: A way to integrate FosUserBundle and HWIOAuthBundle
You need to add new firewall (e.g. secured_area) with authentication way "oauth".
For example:
security:
firewalls:
secured_area:
anonymous: ~
oauth:
resource_owners:
facebook: "/login/check-facebook"
google: "/login/check-google"
my_custom_provider: "/login/check-custom"
my_github: "/login/check-github"
login_path: /login
use_forward: false
failure_path: /login
oauth_user_provider:
service: my.oauth_aware.user_provider.service
You can find this info here
I am trying to configure SonataAdmin to display certain entity management for different roles. Read sonata docs, lots of QnA on stackoverflow, cannot find the problem...
Problem:
If I login as ROLE_ADMIN user, I can see all blocks, so sonata admin is working fine. But if I log in with other user, I just see empty page with no blocks. I would say I only need to add role ROLE_SONATA_CONTRACT to my user but as it did not work I tried every role I could think of including all roles auto-generated in user admin form.
I can give more information from configs, now I just copied parts I think are relevant.
My config:
Reference: http://sonata-project.org/bundles/admin/master/doc/reference/security.html#role-handler
# services.yml
services:
sonata.block.admin.contract:
class: STH\OrderBundle\Admin\ContractAdmin
tags:
- { name: sonata.admin, manager_type: orm, group: "Orders", label: "Orders" }
arguments: [null, STH\OrderBundle\Entity\Contract, SonataAdminBundle:CRUD ]
# security.yml
role_hierarchy:
ROLE_SONATA_CONTRACT:
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_VIEW
- ROLE_SONATA_BLOCK_ADMIN_CONTRACT_GUEST
ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH, ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT, ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT]
ROLE_SUPER_ADMIN: ROLE_ADMIN
SONATA:
- ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT # if you are using acl then this line must be commented
- ROLE_SONATA_PAGE_ADMIN_BLOCK_EDIT
access_decision_manager:
strategy: unanimous
# config.yml
security:
handler: sonata.admin.security.handler.role
# acl security information
information:
GUEST: [VIEW, LIST]
STAFF: [EDIT, LIST, CREATE]
EDITOR: [OPERATOR, EXPORT]
ADMIN: [MASTER, ROLE_ADMIN]
# permissions not related to an object instance and also to be available when objects do not exist
# the DELETE admin permission means the user is allowed to batch delete objects
admin_permissions: [CREATE, LIST, DELETE, UNDELETE, EXPORT, OPERATOR, MASTER]
# permission related to the objects
object_permissions: [VIEW, EDIT, DELETE, UNDELETE, OPERATOR, MASTER, OWNER]
System: Symfony 2.5.2, SonataAdminBundle, SonataUserBundle, FOSUserBundle.
I think you are not correctly defining your role hierearchies. Did you tried something like:
role_hierarchy:
ROLE_USER: [ROLE_SONATA_BLOCK_ADMIN_CONTRACT_VIEW,ROLE_SONATA_BLOCK_ADMIN_CONTRACT_GUEST ]
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
Just to trigger some insights about the way you define your hierarchies. hope it helps.
I'm currently having some frustration trying to implement the Symfony2 cookbook for creating a custom user provider utilising doctrine:
http://symfony.com/doc/2.0/cookbook/security/entity_provider.html
Here is my security.yml file:
security:
encoders:
Rep\Bundle\ProjectBundle\Model\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_USER: ROLE_USER
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
user_db:
entity: { class: ProjectBundle:User, property: username }
firewalls:
admin_area:
pattern: ^/admin
http_basic: ~
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
Here is my error:
Obvious questions:
Do I have doctrine installed? Yes. And Registered in the kernel.
Have I created the user interface and provider. Yes.
Also, I am choosing to build this instead of using the FOSUserBundle as it's too "bulky" for what I need, so any help would be ideal!
Problem was caused by missing configuration information for doctrine, however the bundle was registered in the kernel. Strange error message which doesn't point towards lacking config, but process of elimination resolved my issue.