Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oauth2: true option is not clear to me #188

Closed
VincentLanglet opened this issue Jun 3, 2024 · 1 comment · Fixed by #189
Closed

oauth2: true option is not clear to me #188

VincentLanglet opened this issue Jun 3, 2024 · 1 comment · Fixed by #189

Comments

@VincentLanglet
Copy link
Contributor

Hi @chalasr ,

This bundle is great and simplify the integration of oauth. Thanks a lot.
But I ended up with some questions.

We're having our firewall config done this way:

        oauth:
            host: '%oauth_domain%'
            context: main_context
            provider: main_provider
            form_login:
                login_path: weglot_security_oauth_login
                check_path: weglot_security_oauth_login
                enable_csrf: true
        api_oauth:
            host: '%api_domain%'
            pattern: ^/v2
            stateless: true
            access_token:
                token_handler: App\Security\AccessTokenHandler
            provider: api_provider

And I discovered that if I try to reach v2/foo route, I get errors log

Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\HttpException: "Full authentication is required to access this resource." at ExceptionListener.php line 232

and

No Authentication entry point configured, returning a 401 HTTP response. Configure "entry_point" on the firewall "api_oauth" if you want to modify the response.

Re-reading the doc, I think it's because I was missing oauth2: true on the api_oauth firewall, this option seems to use the OAuth2Authenticator and solve the "No Authentication entry point configured" error. But I soon as I use this option, the page go from
image
to
image

I assume it's because of the code

public function start(Request $request, ?AuthenticationException $authException = null): Response
    {
        return new Response('', 401, ['WWW-Authenticate' => 'Bearer']);
    }

Wouldn't it better to still have the symfony-profiler/debug tools in debug mode ? Is it possible ?
Also, why my custom 401 error page is not used ?

Wouldn't it better to rely on Symfony Exception listener and throw an AuthenticationException in the start method rather than

new Response('', 401, ['WWW-Authenticate' => 'Bearer']);

Something like a OAuth2AuthenticationException ?
@VincentLanglet
Copy link
Contributor Author

Hi @mtarld, seems like you're the one who wrote the OAuth2Authenticator in #24 maybe you could help me on the choice to send

new Response('', 401, ['WWW-Authenticate' => 'Bearer']);

rather than an AuthenticationException ?

@VincentLanglet VincentLanglet mentioned this issue Jun 17, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add response message when not authenticated VincentLanglet/oauth2-server-bundle
1 participant
@VincentLanglet