如何为FOSOAuthServerBundle覆盖TokenController？

Question

I followed Symfony's cookbook on how to override bundle controller, but for some reason I can't get it working.

My OAuth bundle is a child of FOSOAuthServerBundle . My TokenController is declared as class TokenController extends \\FOS\\OAuthServerBundle\\Controller\\TokenController . But for some reason I still get parent controller executed, instead of my own controller (child). When I alter routing manually to point /oauth/v2/token to my TokenController directly, I get it executing, but with an 500 error:

Argument 1 passed to FOS\\OAuthServerBundle\\Controller\\TokenController::__construct() must be an instance of OAuth2\\OAuth2, none given, called in /.../vendor/symfony/symfony/src/Symfony/Bundle/FrameworkBundle/Controller/ControllerResolver.php on line 78 and defined (500 Internal Server Error)

Why? I am puzzled. What's wrong? Any help will be appreciated. Thanks.

Answer 1

What Mick said is true. To follow up on 3 (overriding a service), read on.

In app/config/services.yml , add the following:

services:
    fos_oauth_server.controller.token:
        class: OAuth2Bundle\Controller\TokenController
        arguments: [@fos_oauth_server.server]

Where OAuth2Bundle\\Controller\\TokenController is your custom controller extending the one from the FOS bundle.

For example:

namespace OAuth2Bundle\Controller;

use FOS\OAuthServerBundle\Controller\TokenController as BaseController;
use OAuth2\OAuth2;
use Symfony\Component\HttpFoundation\Request;

class TokenController extends BaseController {

    public function tokenAction(Request $request)
    {
        // Do whatever you like here

        $result = parent::tokenAction($request);

        // More custom code.

        return $result;
    }
}

Of course, you can do whatever you like with $result . You can even omit the parent:: call and perform your own authentication to return a token.

EDIT

This is a follow up on the above. I had to access some entities and do some updates when a user would receive a token. This required me to have access to the entity manager. In my case I had to check if the OAuth client is still active; it isn't deleted, but just temporarily disabled to block a group of users.

Because the controller is a service, you can add extra parameters like the entity manager:

The service definition now looks like this:

fos_oauth_server.controller.token:
  class: ApiBundle\Controller\OAuth\TokenController
  arguments: [@fos_oauth_server.server, @doctrine.orm.entity_manager]

And of course the controller now has a constructor. It now looks like this:

namespace OAuth2Bundle\Controller;

use Doctrine\ORM\EntityManager;
use FOS\OAuthServerBundle\Controller\TokenController as BaseController;
use OAuth2\OAuth2;
use Symfony\Component\HttpFoundation\Request;

class TokenController extends BaseController {

    /**
     * @var EntityManager
     */
    private $em;

    /**
     * @param OAuth2 $server
     */
    public function __construct(OAuth2 $server, EntityManager $entityManager )
    {
        parent::__construct($server);
        $this->em = $entityManager;
    }

    public function tokenAction(Request $request)
    {
        // Do whatever you like here

        $result = parent::tokenAction($request);

        // More custom code.

        return $result;
    }
}

Answer 2

A few thoughts:

1 Did you declare your bundle in AppKernel.php ?

$bundles = array(
        ...
        new Acme\OAuthServerBundle()
    );

2 As you can see in oauth.xml and in the Controller class , the controller expects the server OAuth2 in its constructor. So if you override the constructor, make sure to include 'use OAuth2\\OAuth2;' at the top of your file.

3 Since the controller is used as a service, you might have to override oauth.xml to redefine the class to use for that service.