如何使用 HWIOAuthBundle 和 Auth0 修复此 Symfony 4 重定向循环?
How Can I Fix This Symfony 4 Redirect Loop With HWIOAuthBundle And Auth0?
我一直在尝试将我的 symfony 4 实例配置为使用 https 而不是 http,但一直被困在如何修复指向 uri /login/ 的重定向循环上。使用基本的 http,我可以正常工作,但是当我尝试通过此 article 添加 https 支持时,我得到一个重定向循环。所以相关的配置文件是:
hwi_oauth.yaml
hwi_oauth:
firewall_names: [secured_area]
connect: ~
resource_owners:
auth0:
type: oauth2
class: 'App\Model\Auth0ResourceOwner'
base_url: https://mytenant.auth0.com
client_id: myid
client_secret: mysecret
redirect_uri: /oauth/callback
scope: "openid profile email"
security.yaml
security:
providers:
hwi:
id: hwi_oauth.user.provider
firewalls:
secured_area:
anonymous: ~
oauth:
resource_owners:
auth0: "/oauth/callback"
login_path: /login
use_forward: false
failure_path: /login
default_target_path: /secured
oauth_user_provider:
service: hwi_oauth.user.provider
logout:
path: /logout
target: /
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secured, roles: ROLE_OAUTH_USER }
hwi_oauth_routing.yaml
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
schemes: [https]
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /connect
schemes: [https]
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
schemes: [https]
auth0_login:
path: /oauth/callback
schemes: [https]
auth0_logout:
path: /logout
schemes: [https]
我没有意识到我需要配置 symfony 如何配置代理。所以这个 article 解决了我的问题。
我使用了代码的变体
// public/index.php
// ...
$request = Request::createFromGlobals();
// tell Symfony about your reverse proxy
Request::setTrustedProxies(
// the IP address (or range) of your proxy
['192.0.0.1', '10.0.0.0/8'],
// trust *all* "X-Forwarded-*" headers
Request::HEADER_X_FORWARDED_ALL
// or, if your proxy instead uses the "Forwarded" header
// Request::HEADER_FORWARDED
// or, if you're using AWS ELB
// Request::HEADER_X_FORWARDED_AWS_ELB
);
我一直在尝试将我的 symfony 4 实例配置为使用 https 而不是 http,但一直被困在如何修复指向 uri /login/ 的重定向循环上。使用基本的 http,我可以正常工作,但是当我尝试通过此 article 添加 https 支持时,我得到一个重定向循环。所以相关的配置文件是:
hwi_oauth.yaml
hwi_oauth:
firewall_names: [secured_area]
connect: ~
resource_owners:
auth0:
type: oauth2
class: 'App\Model\Auth0ResourceOwner'
base_url: https://mytenant.auth0.com
client_id: myid
client_secret: mysecret
redirect_uri: /oauth/callback
scope: "openid profile email"
security.yaml
security:
providers:
hwi:
id: hwi_oauth.user.provider
firewalls:
secured_area:
anonymous: ~
oauth:
resource_owners:
auth0: "/oauth/callback"
login_path: /login
use_forward: false
failure_path: /login
default_target_path: /secured
oauth_user_provider:
service: hwi_oauth.user.provider
logout:
path: /logout
target: /
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secured, roles: ROLE_OAUTH_USER }
hwi_oauth_routing.yaml
hwi_oauth_redirect:
resource: "@HWIOAuthBundle/Resources/config/routing/redirect.xml"
prefix: /connect
schemes: [https]
hwi_oauth_connect:
resource: "@HWIOAuthBundle/Resources/config/routing/connect.xml"
prefix: /connect
schemes: [https]
hwi_oauth_login:
resource: "@HWIOAuthBundle/Resources/config/routing/login.xml"
prefix: /login
schemes: [https]
auth0_login:
path: /oauth/callback
schemes: [https]
auth0_logout:
path: /logout
schemes: [https]
我没有意识到我需要配置 symfony 如何配置代理。所以这个 article 解决了我的问题。
我使用了代码的变体
// public/index.php
// ...
$request = Request::createFromGlobals();
// tell Symfony about your reverse proxy
Request::setTrustedProxies(
// the IP address (or range) of your proxy
['192.0.0.1', '10.0.0.0/8'],
// trust *all* "X-Forwarded-*" headers
Request::HEADER_X_FORWARDED_ALL
// or, if your proxy instead uses the "Forwarded" header
// Request::HEADER_FORWARDED
// or, if you're using AWS ELB
// Request::HEADER_X_FORWARDED_AWS_ELB
);