I'm trying to add HWIOAuthBundle in my existing project, and i'm stuck with this error message :
[Symfony\Component\DependencyInjection\Exception\InvalidArgumentException]
Unable to replace alias "hwi_oauth.user.provider.fosub_bridge" with
"hwi_oaut
[Symfony\Component\DependencyInjection\Exception\InvalidArgumentException]
The service definition "hwi_oauth.user.provider.fosub_bridge" does not
exist.
PS C:\wamp\www\test> php app/console debug:container hwi_oauth.user.provider.fosub_bridge
[Symfony\Component\DependencyInjection\Exception\InvalidArgumentException]
Unable to replace alias "hwi_oauth.user.provider.fosub_bridge" with "hwi_oauth.user.provider.entity.main".
[Symfony\Component\DependencyInjection\Exception\InvalidArgumentException]
The service definition "hwi_oauth.user.provider.fosub_bridge" does not exist.
My configuration is :
#config.yml
fos_user:
db_driver: orm
firewall_name: main
user_class: ScopIt\UserBundle\Entity\User
hwi_oauth:
firewall_name: main
resource_owners:
any_name:
type: azure
client_id: <client_id>
client_secret: <client_secret>
options:
resource: https://graph.windows.net
application: common
#Security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
switch_user: { role: ROLE_ADMIN, parameter: _want_to_be_this_user }
anonymous: true
form_login:
# submit the login form here
check_path: /login_check
# the user is redirected here when they need to log in
login_path: /login
# if true, forward the user to the login form instead of redirecting
use_forward: false
# login success redirecting options (read further below)
always_use_default_target_path: true
default_target_path: /
use_referer: false
oauth:
resource_owners:
azure: "/login/check-azure"
login_path: /login
use_forward: false
failure_path: /login
oauth_user_provider:
service: hwi_oauth.user.provider.fosub_bridge
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_ADMIN }
Any idea where i'm wrong ?
Thanks for your help,
Related
I'm getting the error which surprises me because in below security.yaml file
default_target_path: createEvent
is giving me an error.
If I include default_target_path: createEvent in security.yaml I get
The file "E:\Symfony\myproj\config/packages/security.yaml" does not contain valid YAML in E:\Symfony\myproj\config/packages/security.yaml (which is loaded in resource "E:\Symfony\myproj\config/packages/security.yaml").
If I remove default_target_path then it is working well, but I'm unable to redirect after login.
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User:
algorithm: bcrypt
providers:
db_provider:
entity:
class: App\Entity\User
property: uname
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
provider: db_provider
form_login:
login_path: login
check_path: login
default_target_path: createEvent
logout:
path: /logout
target: /login
access_control:
- { path: ^/login/, roles: ROLE_ADMIN }
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
# - { path: ^/profile, roles: ROLE_USER }
Check if your path name createEvent is correct in your controller and add this in security.yml file
form_login:
login_path: login
check_path: login_check
always_use_default_target_path: false
default_target_path: YOUR_PATH_NAME
logout:
path: logout
target: login
When I try to login with wrong credentials it says "try again, wrong credentials", but after entering the correct credentials it gives error
No route found for "GET /" (from "http://localhost/bdayProj/web/app_dev.php/login"). Below is the configuration of my security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
logout: true
anonymous: true
# activate different ways to authenticate
# http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
And my routing.yml
app:
resource: "#AppBundle/Controller/"
type: annotation
fos_user:
resource: "#FOSUserBundle/Resources/config/routing/all.xml"
You have to specify the login path in your security file
This is an example :
firewalls:
main:
pattern: ^/
form_login:
login_path: fos_user_security_login
check_path: fos_user_security_check
provider: fos_userbundle
csrf_provider: security.csrf.token_manager
default_target_path: /
Hope it helps
I try to configure FOSUserBundle in Symfony 2.7 but I still get "You must configure the check path to be handled by the firewall using form_login in your security firewall configuration." exception.
I searched vendor folder for Security Controller and I found that checkAction throws such exception.
I would like to allow
admin to log into /admin section,
and editors to /editor section.
I use two ways of logging: one is in_memory, and second fos_userbundle. This is my security.yml
encoders:
Symfony\Component\Security\Core\User\User: plaintext
Inpero\PageBundle\Entity\User: bcrypt
# http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
ROLE_EDITOR: ROLE_USER
ROLE_ADMIN: [ROLE_EDITOR, ROLE_USER]
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory:
users:
admin: { password: pass1, roles: [ 'ROLE_ADMIN' ] }
fos_userbundle:
id: fos_user.user_provider.username
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# the login page has to be accessible for everybody
page_login:
pattern: ^/admin/login$
security: false
page_admin:
pattern: ^/admin
form_login:
check_path: my_page_check
login_path: my_page_login
logout:
path: my_page_logout
target: /
editor_login:
pattern: ^/editor/login
security: false
editors:
pattern: ^/editor
form_login:
provider: fos_userbundle
check_path: /editor/login_check
login_path: /editor/login
failure_path: /editor/login
default_target_path: /editor/
always_use_default_target_path: true
#csrf_token_generator: security.csrf.token_manager
# if you are using Symfony < 2.8, use the following config instead:
csrf_provider: form.csrf_provider
logout:
path: fos_user_security_logout
target: /
anonymous: ~
# with these settings you can restrict or allow access for different parts
# of your application based on roles, ip, host or methods
# http://symfony.com/doc/current/book/security.html#security-book-access-control-matching-options
access_control:
- { path: ^/efconnect, role: IS_AUTHENTICATED_REMEMBERED }
- { path: ^/elfinder, role: IS_AUTHENTICATED_REMEMBERED }
- { path: ^/admin, role: ROLE_ADMIN }
- { path: ^/editor, role: ROLE_EDITOR }
What am I doing wrong?
I am trying configure HWIOauthBundle in my Symfony2 application with this link.
When I run app/console cache:clear, or composer install I get this message:
[Symfony\Component\DependencyInjection\Exception\ServiceNotFoundException]
The service "security.firewall.map.context.main" has a dependency on a non-
existent service "form.csrf_provider".
My security.yml file:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_USER
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
in_memory:
memory:
users:
restapi: { password: secretpw, roles: [ 'ROLE_API' ] }
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
login_path: /login
check_path: /login_check
oauth:
resource_owners:
facebook: "/login/check-facebook"
login_path: /login
failure_path: /login
oauth_user_provider:
service: my_user_provider
logout: true
anonymous: true
http_basic:
realm: "Demo REST API (username: restapi, password: secretpw)"
stateless: true
login:
pattern: ^/login$
security: false
remember_me:
key: "%secret%"
lifetime: 31536000 # 365 days in seconds
path: /
domain: ~ # Defaults to the current domain from $_SERVER
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
I was looking for this error in network, but I can't find good solution for me.
I can't look now to hwio bundle but looks like you doesn't have 'form.csrf_provider' provider regisrered like service. search in project if 'form.csrf_provider' exist.
I have a knowledge problem I guess.
I thought, secure an area is done by the firewall. So for my understanding, I only have to write the area down inside the "access_control" to secure it by roles, isn't iT?
Actually, my security.yml looks like:
security:
encoders:
FOS\UserBundle\Model\UserInterface: pbkdf2
role_hierarchy:
ROLE_USER: [ROLE_USER]
ROLE_MODERATOR: [ROLE_AUTHOR]
ROLE_ADMIN: [ROLE_MODERATOR]
ROLE_SUPER_ADMIN: [ROLE_ADMIN]
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
# restrict the firewall to specific http methods
methods: [GET, POST]
access_denied_url: /error403
form_login:
check_path: /login_check
# the user is redirected here when they need to log in
login_path: /login
# if true, forward the user to the login form instead of redirecting
use_forward: true
# login success redirecting options (read further below)
always_use_default_target_path: false
default_target_path: /de/dashboard/
target_path_parameter: _target_path
use_referer: false
provider: fos_userbundle
csrf_provider: form.csrf_provider
default_target_path: /login
logout: true
anonymous: true
logout:
path: /logout
target: /login
invalidate_session: false
delete_cookies:
a: { path: null, domain: null }
b: { path: null, domain: null }
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/user, role: ROLE_ADMIN }
- { path: ^/administration, role: ROLE_ADMIN }
But if I login with a "ROLE_USER" account, I can access the "administration path anyway.
Where is my problem? Do I miss somenthing? Do I need a listener or something or will this be handled automatically?