[英]Symfony Oauth2 with gard
I am trying to configure guard with an OAuth 2 connection. 我正在尝试使用OAuth 2连接配置防护。 I am trying to do this with a redirection in the getCredentials function to the Microsoft login website but I can't make it work.
我试图通过将getCredentials函数中的重定向重定向到Microsoft登录网站,但是无法正常工作。 I don't know how I can make it worked.
我不知道该如何运作。 It seems there is no redirection possible in this function.
似乎此功能无法重定向。
public function getCredentials(Request $request)
{
$provider = new Microsoft([
'clientId' => '0000000032624',
'clientSecret' => 'my-secret',
'redirectUri' => 'https://mysite/oauthlogin'
]);
if(!$request->query->has('code')){
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$request->getSession()->set('oauth2state', $provider->getState());
//This doesn't work
return new RedirectResponse($authUrl);
// Check given state against previously stored one to mitigate CSRF attack
}elseif ( empty($request->query->get('state')) || ($request->query->get('state')!==$request->getSession()->get('oauth2state')) ){
return null;
}else{
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken('authorization_code', [
'code' => $request->query->get('code')
]);
try {
//when log with microsoft, check if user is allowed
// We got an access token, let's now get the user's details
$user = $provider->getResourceOwner($token);
} catch (Exception $e) {
// Failed to get user details
}
}
}
public function getUser($credentials, UserProviderInterface $userProvider)
{
return $userProvider->loadUserByUsername($user->getEmail());
}
public function checkCredentials($credentials, UserInterface $user)
{
// check credentials - e.g. make sure the password is valid
// no credential check is needed in this case
// return true to cause authentication success
return true;
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
{
$url = $this->router->generate('homepage');
return new RedirectResponse($url);
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
$data = array(
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
// or to translate this message
// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
);
$request->getSession()->set(Security::AUTHENTICATION_ERROR, $data);
$url = $this->router->generate('login');
return new RedirectResponse($url);
}
Function getCredentials()
is not supposed to return a Response
, it provide the credentials used in getUser()
. 函数
getCredentials()
不应该返回Response
,它提供了getUser()
使用的凭据。
In the getUser()
documentation : 在
getUser()
文档中:
The credentials are the return value from getCredentials()
凭证是getCredentials()的返回值
You may throw an AuthenticationException if you wish.
如果愿意,可以抛出AuthenticationException。 If you return null, then a UsernameNotFoundException is thrown for you.
如果返回null,则将为您引发UsernameNotFoundException。
In case of exception thrown, onAuthenticationFailure()
is called and here you can return your RedirectResponse
. 如果抛出异常,则会调用
onAuthenticationFailure()
,在这里您可以返回RedirectResponse
。
For more detailled informations, see the source code of the \\Symfony\\Component\\Security\\Guard\\GuardAuthenticatorInterface
which contains a lots of explanations in its methods. 有关更多详细信息,请参见
\\Symfony\\Component\\Security\\Guard\\GuardAuthenticatorInterface
的源代码,其中包含有关其方法的大量说明。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.