Symfony Oauth2 access_denied при использовании токена

Я следую этой идее и добавляю Oauth в мой Symfony Restful API, проблема в том, что после того, как я получаю токен с сервера, я не могу заставить его работать, просто получаю 401, кто-нибудь может мне помочь? Проект (кроме небольших изменений в последнем тесте) находится на github. Кстати, я использую Symfony 3.1.

Неудачный тест:

  public function testCreate()
  {
      $clientManager = $this->client->getContainer()->get('fos_oauth_server.client_manager.default');
      $client = $clientManager->createClient();
      $client->setRedirectUris(array('http://www.example.com'));
      $client->setAllowedGrantTypes(array('token', 'authorization_code', 'password'));
      $clientManager->updateClient($client);
      $crawler = $this->client->request(
                       'POST',
                       '/oauth/v2/token',
                       array(),
                       array(),
                       array('CONTENT_TYPE' => 'application/json'),
                       '{
                         "grant_type":"password",
                         "client_id":"' . $client->getId() . '_' . $client->getRandomId() . '",
                         "client_secret":"' . $client->getSecret() . '",
                         "username": "Alvaro",
                         "password": "1231251265"
                        }'
                       );
      $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
      $response = json_decode($this->client->getResponse()->getContent(), true);
      $this->assertTrue( strlen($response['access_token']) > 10 );
      $this->assertEquals( 'bearer', $response['token_type'] );
      $this->assertTrue( strlen($response['refresh_token']) > 10 );
      $this->assertEquals( 3600, $response['expires_in'] );
      $crawler = $this->client->request(
                                        'GET',
                                        '/businesses', //@TODO: Move this to a common route
                                        array(),
                                        array(),
                                        array('CONTENT_TYPE' => 'application/json'));
      $this->assertEquals(401, $this->client->getResponse()->getStatusCode());
      $crawler = $this->client->request(
                                        'GET',
                                        '/businesses', //@TODO: Move this to a common route
                                        array(),
                                        array(),
                                        array('CONTENT_TYPE' => 'application/json', 'Authorization:Bearer' => $response['access_token']));
      $this->assertEquals(200, $this->client->getResponse()->getStatusCode()); <-- failing assertion

Последнее утверждение не удалось, я попытался изменить заголовок на Authorization, HTTP_AUTHORIZATION и несколько других без результата. Я также проверил это с помощью CURL, таких как curl -H 'X-Access-Token YjBkYTYzNmM5NTJjNzE1YTNlZDQ3NjliNjg2NWRjM12ZGQxZDg5Y2Q5NWVkM33zNjM5NjdmMTc0NmNiMTQ4NQ' '192.168.99.100/businesses' но тоже не сработает.

Мой security.yml

security:
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username        # fos_user.user_provider.username_email does not seem to work (OAuth-spec related ("username + password") ?)
    firewalls:
        docs:                                   # Everyone can access the docs
            pattern: ^/api/doc
            security: false

        oauth_token:                                   # Everyone can access the access token URL.
            pattern: ^/oauth/v2/token
            security: false
            anonymous: true                          
        api:
            pattern: ^/                                # All URLs are protected
            fos_oauth: true                            # OAuth2 protected resource
            stateless: true                            # Do no set session cookies
            anonymous: false                           # Anonymous access is not allowed

`.

config.yml

fos_rest:
    routing_loader:
        default_format: json                            # All responses should be JSON formated
        include_format: false                           # We do not include format in request, so that all responses
                                                        # will eventually be JSON formated
    body_listener:
        decoders:
            json: fos_rest.decoder.json

fos_user:
    db_driver: orm
    firewall_name: api                                  # Seems to be used when registering user/reseting password,
                                                        # but since there is no "login", as so it seems to be useless in
                                                        # our particular context, but still required by "FOSUserBundle"
    user_class: Aescarcha\UserBundle\Entity\User

fos_oauth_server:
    db_driver:           orm
    client_class:        Aescarcha\OauthServerBundle\Entity\Client
    access_token_class:  Aescarcha\OauthServerBundle\Entity\AccessToken
    refresh_token_class: Aescarcha\OauthServerBundle\Entity\RefreshToken
    auth_code_class:     Aescarcha\OauthServerBundle\Entity\AuthCode
    service:
        user_provider: fos_user.user_manager             # This property will be used when valid credentials are given to load the user upon access token creation

0 ответов

Другие вопросы по тегам