duanliushua5026
2015-08-01 18:10 阅读 44
已采纳

在Symfony中使用HWIOAuth进行Twitter身份验证

I'm trying to authenticate the user with Twitter using Symfony 2.7.3 + HWIOAuth 0.4, but I have some kind of authentication problem right at the beginning of the process. It just redirects me to the login page.

If I dump the $apiResponse in the getRequestToken method of HWIOAuth, I get this:

object(Buzz\Message\Response)#313 (5) { ["protocolVersion":"Buzz\Message\Response":private]=> NULL ["statusCode":"Buzz\Message\Response":private]=> NULL ["reasonPhrase":"Buzz\Message\Response":private]=> NULL ["headers":"Buzz\Message\AbstractMessage":private]=> array(21) { [0]=> string(35) "HTTP/1.1 401 Authorization Required" [1]=> string(77) "cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0" [2]=> string(51) "content-disposition: attachment; filename=json.json" [3]=> string(18) "content-length: 64" [4]=> string(45) "content-type: application/json; charset=utf-8" [5]=> string(35) "date: Sat, 01 Aug 2015 18:11:43 GMT" [6]=> string(38) "expires: Tue, 31 Mar 1981 05:00:00 GMT" [7]=> string(44) "last-modified: Sat, 01 Aug 2015 18:11:43 GMT" [8]=> string(16) "pragma: no-cache" [9]=> string(13) "server: tsa_b" [10]=> string(112) "set-cookie: guest_id=v1%3A143845270388433210; Domain=.twitter.com; Path=/; Expires=Mon, 31-Jul-2017 18:11:43 UTC" [11]=> string(24) "status: 401 Unauthorized" [12]=> string(44) "strict-transport-security: max-age=631138519" [13]=> string(55) "www-authenticate: OAuth realm="https://api.twitter.com"" [14]=> string(51) "x-connection-hash: 92baec3955e785a4708e92a6751183de" [15]=> string(31) "x-content-type-options: nosniff" [16]=> string(27) "x-frame-options: SAMEORIGIN" [17]=> string(20) "x-response-time: 103" [18]=> string(31) "x-transaction: de08c20cd3de91f7" [19]=> string(41) "x-twitter-response-tags: BouncerCompliant" [20]=> string(31) "x-xss-protection: 1; mode=block" } ["content":"Buzz\Message\AbstractMessage":private]=> string(64) "{"errors":[{"code":32,"message":"Could not authenticate you."}]}" }

Log:

[2015-08-01 20:04:15] security.INFO: An AuthenticationException was thrown; redirecting to authentication entry point. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\AuthenticationException(code: 0): Not a valid request token. at /home/isty001/PhpstormProjects/twitter-client/vendor/hwi/oauth-bundle/HWI/Bundle/OAuthBundle/OAuth/ResourceOwner/GenericOAuth1ResourceOwner.php:171)"} []
[2015-08-01 20:04:15] event.DEBUG: Notified event "kernel.exception" to listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException". [] []
[2015-08-01 20:04:15] event.DEBUG: Listener "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException" stopped propagation of the event "kernel.exception". [] []
[2015-08-01 20:04:15] event.DEBUG: Listener "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelException" was not called for event "kernel.exception". [] []
[2015-08-01 20:04:15] event.DEBUG: Listener "Symfony\Component\HttpKernel\EventListener\ExceptionListener::onKernelException" was not called for event "kernel.exception".

My security.yml:

security:
acl:
    connection: default
encoders:
    Foggyline\Bundle\TickerBundle\Entity\User:
        algorithm:        sha1
        encode_as_base64: false
        iterations:       1

role_hierarchy:
    ROLE_USER:       ROLE_USER
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

providers:
    my_custom_hwi_provider:
        id: twitter_user.oauth_user_provider

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    main:
        pattern: ^/
        anonymous: true
        logout: true
        logout:
            path:   /logout
            target: /
        oauth:
            resource_owners:
                twitter: "/login/check-twitter"
            login_path: /login
            failure_path: /login
            oauth_user_provider:
                service: twitter_user.oauth_user_provider

access_control:
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/connect, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: ROLE_USER }

routing.yml:

hwi_oauth_login:
    resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
    prefix:   /

hwi_oauth_redirect:
    resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
    prefix:   /connect

user:
    resource: "@UserBundle/Resources/config/routing.yml"
    prefix:   /

app:
    resource: "@AppBundle/Controller/"
    type:     annotation

twitter_login:
    pattern: /login/check-twitter

logout:
    path:   /logout

services.yml:

services:
    hwi_oauth.user.provider.entity:
        class: HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUserProvider
    twitter_user.oauth_user_provider:
        class: UserBundle\Provider\OauthProvider
        arguments: [@session, @doctrine, @service_container]
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

1条回答 默认 最新

  • 已采纳
    dto52236 dto52236 2015-08-02 13:35

    The problem was with the screwed config. In the config.yml (for Twitter), you have to give the Consumer Key for the ownerId parameter.

    点赞 评论 复制链接分享

相关推荐