php - Symfony 4 + HWIOAuthBundle:注销时没有用户提供程序
问题描述
我一直在尝试使用此捆绑包和 Auth0 在 Symfony4 项目中实现用户管理。目前,我有几个问题:其中一个是,当我注销时,我会遇到:用户“HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUser”没有用户提供程序。这是在使用路径/auth0/logout时。问题是我有一个扩展 OAuthUser 类的 User 类,我认为这就足够了。不是吗?(我在 services.yaml 文件中也有默认的 HWI OAuthUserProvider,但那是因为在那里禁用或启用它似乎没有任何改变。)
我对如何设置用户提供程序和文档混乱感到非常非常困惑(我使用的是一个文件,资源所有者,来自教程,直到我的高级开发人员向我展示实际 repo 中的推荐文件是例如,非常不同。)所以这是我到目前为止所拥有的:
服务.yaml
# Put parameters here that don't need to change on each machine where the app is deployed
# https://symfony.com/doc/current/best_practices/configuration.html#application-related-configuration
parameters:
locale: 'en'
services:
# default configuration for services in *this* file
_defaults:
autowire: true # Automatically injects dependencies in your services.
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
public: false # Allows optimizing the container by removing unused services; this also means
# fetching services directly from the container via $container->get() won't work.
# The best practice is to be explicit about your dependencies anyway.
hwi_oauth.user.provider.entity:
class: HWI\Bundle\OAuthBundle\Security\Core\User\OAuthUserProvider
my.oauth_user_provider:
class: App\Providers\OAuthProvider
autowire: false
arguments:
- '@session'
- '@doctrine'
- '@service_container'
# makes classes in src/ available to be used as services
# this creates a service per class whose id is the fully-qualified class name
App\:
resource: '../src/*'
exclude: '../src/{Entity,Migrations,Tests,Kernel.php}'
# controllers are imported separately to make sure services can be injected
# as action arguments even if you don't extend any base controller class
App\Controller\:
resource: '../src/Controller'
tags: ['controller.service_arguments']
App\EventListener\:
resource: '../src/EventListener'
# App\EventListener\UserEventListener:
# tags:
# - { name: 'kernel.event_listener', event: 'hwi_oauth.connect.completed' }
# add more service definitions when explicit configuration is needed
# please note that last definitions always *replace* previous ones
安全.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# in_memory: { memory: ~ }
# user_provider:
# entity:
# class: App\Entity\User
# property: email
my_provider:
id: my.oauth_user_provider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
# main:
# pattern: ^/
# anonymous: ~
# http_basic: ~
# provider: user_provider
# form_login:
# login_path: login
# check_path: login
secured_area:
pattern: ^/
anonymous: ~
oauth:
resource_owners:
auth0: "/auth0/callback"
login_path: /login
use_forward: false
failure_path: /login
oauth_user_provider:
service: my.oauth_user_provider
logout:
path: /auth0/logout
target: /
main:
anonymous: ~
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/secured, roles: ROLE_OAUTH_USER }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_DEVELOPER: ROLE_ADMIN
encoders:
App\Entity\User: bcrypt
hwi_oauth.yaml
hwi_oauth:
firewall_names: [secured_area]
resource_owners:
auth0:
type: oauth2
class: 'App\Auth0ResourceOwner'
client_id: "%env(AUTH0_CLIENT_ID)%"
client_secret: "%env(AUTH0_CLIENT_SECRET)%"
base_url: "https://%env(AUTH0_DOMAIN)%"
scope: "openid email profile"
paths:
identifier: sub
firstname: given_name
middlename: middle_name
lastname: family_name
email_verified: email_verified
dob: birthdate
identities: https://www.example.org/identities
我真的对这里发生的事情感到困惑。我错过了什么?如果它在文档中,有人可以指出我描述解决方案的具体点吗?我在 Stack Overflow 上查看了几个问题,但他们要么谈论我没有使用的 Symfony 2,要么他们的答案不适用,比如在安全提供者下添加“hwi_oauth.user.provider” .yaml,但是如果我这样做,那么我会遇到提供者过多的问题。(如果我尝试通过让它说“提供者”而不是“oauth_user_provider”来明确设置提供者,它会让我陷入一个说子节点未配置的兔子洞,在我的搜索中我没有找到任何解释正是错误消息的含义。)我正处于撕裂我遗漏的小头发的地步。我错过了什么?我没有阅读或误读文档的哪些部分?我不确定下一步该转向哪里。
解决方案
事实证明,即使我的 User 类扩展了 OAuthUser 类,并且我的用户提供者扩展了 HWI 的用户提供者,我的用户提供者正在调用一个仅在默认值中的函数 (loadUserByUsername),所以我只需要编写我自己在我自己的提供者中覆盖它。这解决了一个问题,但现在我必须弄清楚为什么我的用户在我登录时都是 NULL。但我认为这是一个单独的问题。