-
-
Notifications
You must be signed in to change notification settings - Fork 791
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use HWIOAuth for stateless API authentication? #1824
Comments
This is how we managed to use stateless authentication with # security.yaml
security:
firewalls:
api_login:
lazy: true
provider: your_provider
pattern: ^/api/login
stateless: true
oauth:
check_path: /api/login
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
resource_owners:
facebook: /api/login-facebook
google: /api/login-google
apple: /api/login-apple
login_path: /
require_previous_session: false
oauth_user_provider:
service: App\Repository\UserRepository If you need it to be used with a mobile app, your mobile app has to:
The We are able to make it working as expected with But we cannot find a way to generate an authorization code for facebook from the mobile app (react native), if someone has an idea on how to do this? (Using https://github.com/thebergamo/react-native-fbsdk-next, we can only retrieve an |
@Seb33300 Could you share some more details? I am trying this and I always get a failed authentication. From google I get access_token, not an authorization code, is this the same? |
@plamenh With Google the authorization code is called |
Thanks for the tip. I got the service auth code with a different method. However, I still get 'failed authentication' and cannot debug it. Bummer. What version of symfony are you using? When I try setting lazy and stateless, I get these are not valid options. |
Ok, nevermind, it's a problem with the code. I get "invalid_grant" from Google. |
Thanks @Seb33300 it works indeed out of the box for apple. For facebook we decided to create a custom oauth resource owner that instantiate internally the FacebookResourceOwner (extension is not possible because it is final in next version). We redefined the |
@Nek- Yeah, I ended with the same solution. |
I had the same issue and resolved it in a similar way, decorating hwi_oauth.resource_owner.facebook service. |
Message to comment on stale issues. If none provided, will not mark issues stale |
Hum, I think this is indeed stale but shouldn't! Also it's definitely not only a support request. |
Message to comment on stale issues. If none provided, will not mark issues stale |
This issue was closed because it has been stalled for 5 days with no activity. |
Actual Behavior
Need an example code or New feature for Symfony Headless Applications.
Expected Behavior
If we need to create Custom Controller or Command what code should we write? I think there need to be functional or simple service
that return access token or Exception.
Possible Solutions
I wrote my idea in #1300 .
If it possible I just wanna call new feature method(it checks social provider's token and process authentication) to return my Symfony system's access token. If you interested I'll share my custom controller's code.
The text was updated successfully, but these errors were encountered: