Symfony 4 + HWIOAuthBundle:注销时没有用户提供者
Symfony 4 + HWIOAuthBundle: No user provider on logout
我一直在尝试使用此捆绑包和 Auth0 在 Symfony4 项目中实施用户管理。目前,我有几个问题:其中一个是,当我注销时,我会看到:There is no user provider for user "HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUser". 这是同时使用路径 /auth0/logout。问题是我有一个扩展 OAuthUser class 的用户 class,我认为这就足够了。不是吗? (我在 services.yaml 文件中也有默认的 HWI OAuthUserProvider,但那是因为禁用它或启用它似乎没有任何改变。)
我真的对如何设置用户提供者感到困惑,而且文档也很混乱(我使用的是教程中的资源所有者文件,直到我的高级开发人员向我展示了推荐的文件例如,在实际的回购协议中是非常不同的。)所以这是我到目前为止所拥有的:
services.yaml
# Put parameters here that don't need to change on each machine where the app is deployed
# https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: 'en'
services:
# default configuration for services in *this* file
_defaults:
autowire: true # Automatically injects dependencies in your services.
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
public: false # Allows optimizing the container by removing unused services; this also means
# fetching services directly from the container via $container->get() won't work.
# The best practice is to be explicit about your dependencies anyway.
hwi_oauth.user.provider.entity:
class: HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUserProvider
my.oauth_user_provider:
class: App\Providers\OAuthProvider
autowire: false
arguments:
- '@session'
- '@doctrine'
- '@service_container'
# makes classes in src/ available to be used as services
# this creates a service per class whose id is the fully-qualified class name
App\:
resource: '../src/*'
exclude: '../src/{Entity,Migrations,Tests,Kernel.php}'
# controllers are imported separately to make sure services can be injected
# as action arguments even if you don't extend any base controller class
App\Controller\:
resource: '../src/Controller'
tags: ['controller.service_arguments']
App\EventListener\:
resource: '../src/EventListener'
# App\EventListener\UserEventListener:
# tags:
# - { name: 'kernel.event_listener', event: 'hwi_oauth.connect.completed' }
# add more service definitions when explicit configuration is needed
# please note that last definitions always *replace* previous ones
security.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# in_memory: { memory: ~ }
# user_provider:
# entity:
# class: App\Entity\User
# property: email
my_provider:
id: my.oauth_user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# main:
# pattern: ^/
# anonymous: ~
# http_basic: ~
# provider: user_provider
# form_login:
# login_path: login
# check_path: login
secured_area:
pattern: ^/
anonymous: ~
oauth:
resource_owners:
auth0: "/auth0/callback"
login_path: /login
use_forward: false
failure_path: /login
oauth_user_provider:
service: my.oauth_user_provider
logout:
path: /auth0/logout
target: /
main:
anonymous: ~
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secured, roles: ROLE_OAUTH_USER }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_DEVELOPER: ROLE_ADMIN
encoders:
App\Entity\User: bcrypt
hwi_oauth.yaml
hwi_oauth:
firewall_names: [secured_area]
resource_owners:
auth0:
type: oauth2
class: 'App\Auth0ResourceOwner'
client_id: "%env(AUTH0_CLIENT_ID)%"
client_secret: "%env(AUTH0_CLIENT_SECRET)%"
base_url: "https://%env(AUTH0_DOMAIN)%"
scope: "openid email profile"
paths:
identifier: sub
firstname: given_name
middlename: middle_name
lastname: family_name
email_verified: email_verified
dob: birthdate
identities: https://www.example.org/identities
我真的对这里发生的事情感到困惑。我错过了什么?如果它在文档中,有人可以指出解决方案描述的具体点吗?我在这里查看了 Stack Overflow 上的几个问题,但他们要么谈论我没有使用的 Symfony 2,要么他们有不适用的答案,比如在 [=25] 中的提供者下添加 "hwi_oauth.user.provider" =]security.yaml,但如果我这样做,我就会遇到提供者过多的问题。 (如果我试图通过说 "provider" 而不是 "oauth_user_provider" 来明确设置提供者,它会让我陷入一个兔子洞,说子节点没有配置,并且在我的搜索中我没有找到任何东西来解释错误消息的含义。)我正处于撕裂遗漏的小头发的地步。我错过了什么?我没有阅读或误读文档的哪一部分?我不确定下一步该去哪里。
事实证明,即使我有用户 class 扩展 OAuthUser class,并且我的用户提供者扩展了 HWI 的用户提供者,我的用户提供者正在调用一个函数 (loadUserByUsername)那只是默认设置,所以我不得不在我自己的提供程序中编写自己的代码来覆盖它。这解决了一个问题,但现在我必须弄清楚为什么我的用户在登录时全部为 NULL。但我认为这是一个单独的问题。
我一直在尝试使用此捆绑包和 Auth0 在 Symfony4 项目中实施用户管理。目前,我有几个问题:其中一个是,当我注销时,我会看到:There is no user provider for user "HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUser". 这是同时使用路径 /auth0/logout。问题是我有一个扩展 OAuthUser class 的用户 class,我认为这就足够了。不是吗? (我在 services.yaml 文件中也有默认的 HWI OAuthUserProvider,但那是因为禁用它或启用它似乎没有任何改变。)
我真的对如何设置用户提供者感到困惑,而且文档也很混乱(我使用的是教程中的资源所有者文件,直到我的高级开发人员向我展示了推荐的文件例如,在实际的回购协议中是非常不同的。)所以这是我到目前为止所拥有的:
services.yaml
# Put parameters here that don't need to change on each machine where the app is deployed
# https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: 'en'
services:
# default configuration for services in *this* file
_defaults:
autowire: true # Automatically injects dependencies in your services.
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
public: false # Allows optimizing the container by removing unused services; this also means
# fetching services directly from the container via $container->get() won't work.
# The best practice is to be explicit about your dependencies anyway.
hwi_oauth.user.provider.entity:
class: HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUserProvider
my.oauth_user_provider:
class: App\Providers\OAuthProvider
autowire: false
arguments:
- '@session'
- '@doctrine'
- '@service_container'
# makes classes in src/ available to be used as services
# this creates a service per class whose id is the fully-qualified class name
App\:
resource: '../src/*'
exclude: '../src/{Entity,Migrations,Tests,Kernel.php}'
# controllers are imported separately to make sure services can be injected
# as action arguments even if you don't extend any base controller class
App\Controller\:
resource: '../src/Controller'
tags: ['controller.service_arguments']
App\EventListener\:
resource: '../src/EventListener'
# App\EventListener\UserEventListener:
# tags:
# - { name: 'kernel.event_listener', event: 'hwi_oauth.connect.completed' }
# add more service definitions when explicit configuration is needed
# please note that last definitions always *replace* previous ones
security.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# in_memory: { memory: ~ }
# user_provider:
# entity:
# class: App\Entity\User
# property: email
my_provider:
id: my.oauth_user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# main:
# pattern: ^/
# anonymous: ~
# http_basic: ~
# provider: user_provider
# form_login:
# login_path: login
# check_path: login
secured_area:
pattern: ^/
anonymous: ~
oauth:
resource_owners:
auth0: "/auth0/callback"
login_path: /login
use_forward: false
failure_path: /login
oauth_user_provider:
service: my.oauth_user_provider
logout:
path: /auth0/logout
target: /
main:
anonymous: ~
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secured, roles: ROLE_OAUTH_USER }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_DEVELOPER: ROLE_ADMIN
encoders:
App\Entity\User: bcrypt
hwi_oauth.yaml
hwi_oauth:
firewall_names: [secured_area]
resource_owners:
auth0:
type: oauth2
class: 'App\Auth0ResourceOwner'
client_id: "%env(AUTH0_CLIENT_ID)%"
client_secret: "%env(AUTH0_CLIENT_SECRET)%"
base_url: "https://%env(AUTH0_DOMAIN)%"
scope: "openid email profile"
paths:
identifier: sub
firstname: given_name
middlename: middle_name
lastname: family_name
email_verified: email_verified
dob: birthdate
identities: https://www.example.org/identities
我真的对这里发生的事情感到困惑。我错过了什么?如果它在文档中,有人可以指出解决方案描述的具体点吗?我在这里查看了 Stack Overflow 上的几个问题,但他们要么谈论我没有使用的 Symfony 2,要么他们有不适用的答案,比如在 [=25] 中的提供者下添加 "hwi_oauth.user.provider" =]security.yaml,但如果我这样做,我就会遇到提供者过多的问题。 (如果我试图通过说 "provider" 而不是 "oauth_user_provider" 来明确设置提供者,它会让我陷入一个兔子洞,说子节点没有配置,并且在我的搜索中我没有找到任何东西来解释错误消息的含义。)我正处于撕裂遗漏的小头发的地步。我错过了什么?我没有阅读或误读文档的哪一部分?我不确定下一步该去哪里。
事实证明,即使我有用户 class 扩展 OAuthUser class,并且我的用户提供者扩展了 HWI 的用户提供者,我的用户提供者正在调用一个函数 (loadUserByUsername)那只是默认设置,所以我不得不在我自己的提供程序中编写自己的代码来覆盖它。这解决了一个问题,但现在我必须弄清楚为什么我的用户在登录时全部为 NULL。但我认为这是一个单独的问题。