added oauth2 documentation #182
Conversation
| @@ -0,0 +1,340 @@ | |||
| # Adding a OAuth2 authentication using `FOSOAuthServerBundle` | |||
There was a problem hiding this comment.
We use Title Case:
Adding a OAuth2 Authentication using `FOSOAuthServerBundle`
| @@ -0,0 +1,340 @@ | |||
| # Adding a OAuth2 authentication using `FOSOAuthServerBundle` | |||
|
|
|||
| > [OAuth](https://oauth.net/2/) is an open standard for authorization, commonly used as a way for Internet users to authorize websites or applications to access their information on other websites but without giving them the passwords.[1] This mechanism is used by companies such as Google, Facebook, Microsoft and Twitter to permit the users to share information about their accounts with third party applications or websites. | |||
There was a problem hiding this comment.
Can you remove the [1] please as the reference is not in this document.
|
|
||
| public function registerBundles() | ||
| { | ||
| $bundles = array( |
There was a problem hiding this comment.
Can you use the short array syntax please?
| } | ||
| ``` | ||
|
|
||
| ## Create oauth2 entites |
There was a problem hiding this comment.
Creating Entities to Store OAuth2 Data
|
|
||
| Add all the following classes to your entities and run `php bin/console doctrine:schema:update --force`: | ||
|
|
||
| `AppBundle/Entity/AccessToken.php` |
There was a problem hiding this comment.
We put the filename as a comment just after <?php directly in the code sample (same for all other files).
| $client->setAllowedGrantTypes([$grantType]); | ||
| $clientManager->updateClient($client); | ||
|
|
||
| $output->writeln(sprintf("<info>The client <comment>%s</comment> was created with <comment>%s</comment> as public id and <comment>%s</comment> as secret</info>", |
There was a problem hiding this comment.
Can you switch to single quotes?
| Add the following code to your `app/config/config.yml` and replace the `clientId` and `clientSecret` with the data from the generated application client with the `client_credentials` grant type. | ||
|
|
||
| ```yaml | ||
| # ... |
| # ... | ||
| fos_oauth_server: | ||
| db_driver: orm # Drivers available: orm, mongodb, or propel | ||
| client_class: AppBundle\Entity\Client |
There was a problem hiding this comment.
Can you remove indentation and put class names into single quotes (it can cause issues without single quotes when the class name contains special chars like \t)
| # ... | ||
| oauth2: | ||
| enabled: true | ||
| clientId: 'enter-swagger-api-documentation-client-id' |
There was a problem hiding this comment.
IMO it should be done using parameters.yml.dist.
| ``` | ||
|
|
||
| That's all, now your OAuth2 authentication should work. | ||
|
|
|
This is awesome! Thank you very much for this tutorial it's really appreciated. I just left some minor comments. |
| php bin/console oauth:client:create password | ||
|
|
||
| # Application client | ||
| php bin/console oauth:client:create client_credentials |
There was a problem hiding this comment.
I think the comments are switched. The 2nd one should be the swagger one.
| user_provider: fos_user.user_provider.username | ||
| options: | ||
| access_token_lifetime: 10800 | ||
| supported_scopes: user |
There was a problem hiding this comment.
This is a bit weird, as it will add ROLE_USER to every authentication, even the client_credentials one, when no user is present.
This may lead to problems... in my case, the user is not allowed to list all users:
access_control:
- { path: ^/users, roles: [ ROLE_ADMIN ] }but it will appear in the docs, and the request fails. I think there should be a hint about this.
Also, from now on user should be null checked even if the ROLE_USER is available.
There was a problem hiding this comment.
Is this ever got into official docs? Installing fresh api-platform, doesn't contain this .md file.
Where is this file located, where we can read the full doc?
There was a problem hiding this comment.
The full docs are available here: https://api-platform.com/docs
And also in this GitHub repository.
I really want to merge this one, but it need to be rebased and finished first...
|
I do not have the branch anymore and can't fix that. |
|
Wait so after all this works this never got merged? Is anyone working on oauth integrations docs at all? If not I might have some time on my hands this week and could give it a try EDIT: Ah looking at the changes I see now that the structure of the documentation has completely changed. So this will need to be completely restructured. @dunglas am I correct in noticing that the index file that was manually edited in this pull request is now dynamically generated based on the markdown files? |
|
The raw text is still available in the diff tab. It would be nice to copy and finish it! |
|
Quick response ^^ I added a question in my edited comment above. And yes I was already looking at https://github.com/api-platform/docs/pull/182.diff to distill the changes. |
|
Hi, is this going to be merged ? |
Documentation for the OAuth2 integration as promised in #180.