Symfony Oauth2 access_denied при использовании токена
Я следую этой идее и добавляю Oauth в мой Symfony Restful API, проблема в том, что после того, как я получаю токен с сервера, я не могу заставить его работать, просто получаю 401, кто-нибудь может мне помочь? Проект (кроме небольших изменений в последнем тесте) находится на github. Кстати, я использую Symfony 3.1.
Неудачный тест:
public function testCreate()
{
$clientManager = $this->client->getContainer()->get('fos_oauth_server.client_manager.default');
$client = $clientManager->createClient();
$client->setRedirectUris(array('http://www.example.com'));
$client->setAllowedGrantTypes(array('token', 'authorization_code', 'password'));
$clientManager->updateClient($client);
$crawler = $this->client->request(
'POST',
'/oauth/v2/token',
array(),
array(),
array('CONTENT_TYPE' => 'application/json'),
'{
"grant_type":"password",
"client_id":"' . $client->getId() . '_' . $client->getRandomId() . '",
"client_secret":"' . $client->getSecret() . '",
"username": "Alvaro",
"password": "1231251265"
}'
);
$this->assertEquals(200, $this->client->getResponse()->getStatusCode());
$response = json_decode($this->client->getResponse()->getContent(), true);
$this->assertTrue( strlen($response['access_token']) > 10 );
$this->assertEquals( 'bearer', $response['token_type'] );
$this->assertTrue( strlen($response['refresh_token']) > 10 );
$this->assertEquals( 3600, $response['expires_in'] );
$crawler = $this->client->request(
'GET',
'/businesses', //@TODO: Move this to a common route
array(),
array(),
array('CONTENT_TYPE' => 'application/json'));
$this->assertEquals(401, $this->client->getResponse()->getStatusCode());
$crawler = $this->client->request(
'GET',
'/businesses', //@TODO: Move this to a common route
array(),
array(),
array('CONTENT_TYPE' => 'application/json', 'Authorization:Bearer' => $response['access_token']));
$this->assertEquals(200, $this->client->getResponse()->getStatusCode()); <-- failing assertion
Последнее утверждение не удалось, я попытался изменить заголовок на Authorization
, HTTP_AUTHORIZATION
и несколько других без результата. Я также проверил это с помощью CURL, таких как curl -H 'X-Access-Token YjBkYTYzNmM5NTJjNzE1YTNlZDQ3NjliNjg2NWRjM12ZGQxZDg5Y2Q5NWVkM33zNjM5NjdmMTc0NmNiMTQ4NQ' '192.168.99.100/businesses'
но тоже не сработает.
Мой security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
providers:
fos_userbundle:
id: fos_user.user_provider.username # fos_user.user_provider.username_email does not seem to work (OAuth-spec related ("username + password") ?)
firewalls:
docs: # Everyone can access the docs
pattern: ^/api/doc
security: false
oauth_token: # Everyone can access the access token URL.
pattern: ^/oauth/v2/token
security: false
anonymous: true
api:
pattern: ^/ # All URLs are protected
fos_oauth: true # OAuth2 protected resource
stateless: true # Do no set session cookies
anonymous: false # Anonymous access is not allowed
`.
config.yml
fos_rest:
routing_loader:
default_format: json # All responses should be JSON formated
include_format: false # We do not include format in request, so that all responses
# will eventually be JSON formated
body_listener:
decoders:
json: fos_rest.decoder.json
fos_user:
db_driver: orm
firewall_name: api # Seems to be used when registering user/reseting password,
# but since there is no "login", as so it seems to be useless in
# our particular context, but still required by "FOSUserBundle"
user_class: Aescarcha\UserBundle\Entity\User
fos_oauth_server:
db_driver: orm
client_class: Aescarcha\OauthServerBundle\Entity\Client
access_token_class: Aescarcha\OauthServerBundle\Entity\AccessToken
refresh_token_class: Aescarcha\OauthServerBundle\Entity\RefreshToken
auth_code_class: Aescarcha\OauthServerBundle\Entity\AuthCode
service:
user_provider: fos_user.user_manager # This property will be used when valid credentials are given to load the user upon access token creation