I am using HWIAOuthBundle and Custom UserProvider on Symfony 4.4
in MyUserProvider
It stored the access_token and create new user. It works successfully.
namespace App\Security;
use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
use HWI\Bundle\OAuthBundle\Security\Core\User\OAuthAwareUserProviderInterface;
use HWI\Bundle\OAuthBundle\Security\Core\User\EntityUserProvider;
use Doctrine\ORM\EntityManagerInterface;
class MyUserProvider extends EntityUserProvider implements OAuthAwareUserProviderInterface
{
private $entityManager;
/**
* {@inheritdoc}
*/
public function loadUserByOAuthUserResponse(UserResponseInterface $response)
{
$username = $response->getUsername();
$email = $response->getEmail();
$user = $this->em
->getRepository(\App\Entity\User::class)
->findOneByEmail($response->getEmail());
//when the user is registrating
if (null === $user) {
$service = $response->getResourceOwner()->getName();
$setter = 'set'.ucfirst($service);
$setter_id = $setter.'Id';
$setter_token = $setter.'AccessToken';
// create new user here
$user = new \App\Entity\User();
$user->$setter_id($username);
$user->$setter_token($response->getAccessToken());
//I have set all requested data with the user's username
//modify here with relevant data
// $user->setUsername($username);
$user->setEmail($email);
$user->setPassword($username);
$user->setEnabled(true);
$this->em->persist($user);
$this->em->flush();
//$this->userManager->updateUser($user);
return $user;
}
//if user exists - go with the HWIOAuth way
$user = parent::loadUserByOAuthUserResponse($response);
$serviceName = $response->getResourceOwner()->getName();
$setter = 'set' . ucfirst($serviceName) . 'AccessToken';
//update access token
$user->$setter($response->getAccessToken());
return $user;
}
}
However even the user is created correctly in Database, but not login-ed
$this->getUser(); in Controller returns null.
So, I am confused that where the user login accomplished???
my setting is below
security:
firewalls:
main:
oauth:
resource_owners:
facebook: "/login/check-facebook"
google: "/login/check-google"
twitter: "/login/check-twitter"
login_path: /login
use_forward: false
# failure_path: /login
oauth_user_provider:
service: my.user.provider
services.yml
my.user.provider:
class: App\Security\MyUserProvider
arguments: ['@doctrine', App\Entity\User , { facebook: facebook_id, twitter: twitter_id, google: google_id }]
hwi_oauth:
resource_owners:
facebook:
type: facebook
client_id: '%env(FB_ID)%'
client_secret: '%env(FB_SECRET)%'
scope: "email user_posts"
google:
type: google
client_id: <client_id>
client_secret: <client_secret>
scope: "email profile"
twitter:
type: twitter
client_id: XXXXXXX
client_secret: XXXXXX
scope: "email profile"Additional
$token = $this->container->get('security.token_storage')->getToken();
var_dump($token);
There is only annonymous.
object(Symfony\Component\Security\Core\Authentication\Token\AnonymousToken)#664 (6) { ["secret":"Symfony\Component\Security\Core\Authentication\Token\AnonymousToken":private]=> string(7) "QZZau69" ["user":"Symfony\Component\Security\Core\Authentication\Token\AbstractToken":private]=> string(5) "anon." ["roles":"Symfony\Component\Security\Core\Authentication\Token\AbstractToken":private]=> array(0) { } ["roleNames":"Symfony\Component\Security\Core\Authentication\Token\AbstractToken":private]=> array(0) { } ["authenticated":"Symfony\Component\Security\Core\Authentication\Token\AbstractToken":private]=> bool(true) ["attributes":"Symfony\Component\Security\Core\Authentication\Token\AbstractToken":private]=> array(0) { } }
So, I think MyUserProvider or somewhere( like AuthenticationListener??) else that should store the token failed.