I'm trying to authenticate the user with Twitter using Symfony 2.7.3 + HWIOAuth 0.4, but I have some kind of authentication problem right at the beginning of the process. It just redirects me to the login page.
If I dump the $apiResponse in the getRequestToken method of HWIOAuth, I get this:
object(Buzz\Message\Response)#313 (5) { ["protocolVersion":"Buzz\Message\Response":private]=> NULL ["statusCode":"Buzz\Message\Response":private]=> NULL ["reasonPhrase":"Buzz\Message\Response":private]=> NULL ["headers":"Buzz\Message\AbstractMessage":private]=> array(21) { [0]=> string(35) "HTTP/1.1 401 Authorization Required" [1]=> string(77) "cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0" [2]=> string(51) "content-disposition: attachment; filename=json.json" [3]=> string(18) "content-length: 64" [4]=> string(45) "content-type: application/json; charset=utf-8" [5]=> string(35) "date: Sat, 01 Aug 2015 18:11:43 GMT" [6]=> string(38) "expires: Tue, 31 Mar 1981 05:00:00 GMT" [7]=> string(44) "last-modified: Sat, 01 Aug 2015 18:11:43 GMT" [8]=> string(16) "pragma: no-cache" [9]=> string(13) "server: tsa_b" [10]=> string(112) "set-cookie: guest_id=v1%3A143845270388433210; Domain=.twitter.com; Path=/; Expires=Mon, 31-Jul-2017 18:11:43 UTC" [11]=> string(24) "status: 401 Unauthorized" [12]=> string(44) "strict-transport-security: max-age=631138519" [13]=> string(55) "www-authenticate: OAuth realm="https://api.twitter.com"" [14]=> string(51) "x-connection-hash: 92baec3955e785a4708e92a6751183de" [15]=> string(31) "x-content-type-options: nosniff" [16]=> string(27) "x-frame-options: SAMEORIGIN" [17]=> string(20) "x-response-time: 103" [18]=> string(31) "x-transaction: de08c20cd3de91f7" [19]=> string(41) "x-twitter-response-tags: BouncerCompliant" [20]=> string(31) "x-xss-protection: 1; mode=block" } ["content":"Buzz\Message\AbstractMessage":private]=> string(64) "{"errors":[{"code":32,"message":"Could not authenticate you."}]}" }
Log:
[2015-08-01 20:04:15] security.INFO: An AuthenticationException was thrown; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationException(code: 0): Not a valid request token. at /home/isty001/PhpstormProjects/twitter-client/vendor/hwi/oauth-bundle/HWI/Bundle/OAuthBundle/OAuth/ResourceOwner/GenericOAuth1ResourceOwner.php:171)"} []
[2015-08-01 20:04:15] event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
[2015-08-01 20:04:15] event.DEBUG: Listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException" stopped propagation of the event "kernel.exception". [] []
[2015-08-01 20:04:15] event.DEBUG: Listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelException" was not called for event "kernel.exception". [] []
[2015-08-01 20:04:15] event.DEBUG: Listener "Symfony\Component\HttpKernel\EventListener\ExceptionListener::onKernelException" was not called for event "kernel.exception".
My security.yml:
security:
acl:
connection: default
encoders:
Foggyline\Bundle\TickerBundle\Entity\User:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_USER: ROLE_USER
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
my_custom_hwi_provider:
id: twitter_user.oauth_user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
anonymous: true
logout: true
logout:
path: /logout
target: /
oauth:
resource_owners:
twitter: "/login/check-twitter"
login_path: /login
failure_path: /login
oauth_user_provider:
service: twitter_user.oauth_user_provider
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/connect, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
routing.yml:
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
user:
resource: "@UserBundle/Resources/config/routing.yml"
prefix: /
app:
resource: "@AppBundle/Controller/"
type: annotation
twitter_login:
pattern: /login/check-twitter
logout:
path: /logout
services.yml:
services:
hwi_oauth.user.provider.entity:
class: HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUserProvider
twitter_user.oauth_user_provider:
class: UserBundle\Provider\OauthProvider
arguments: [@session, @doctrine, @service_container]