Authorise a user on symfony4 using AOUTH2 and GuardHow can I sanitize user input with PHP?Detect access_control in controller symfony2Symfony2: how to implement custom user login & registration - get rid of FOSUSerBundleCan't Logout user in Symfony4Symfony4 DATABASE_URL in .env not workingSymfony4 asset with parameter base_pathInvalidArgumentException Symfony4package injection in symfony4get $this->getUser() in FormType Symfony4Google+ authentication with FOSUserBundle
Super Duper Vdd stiffening required on 555 timer, what is the best way?
Does Nightpack Ambusher's second ability trigger if I cast spells during the end step?
How exactly are corporate bonds priced at issue
Why command hierarchy, if the chain of command is standing next to each other?
Can sampling rate be a floating point number?
Are there any other rule mechanics that could grant Thieves' Cant?
How much can I judge a company based on a phone screening?
How do I call a 6 digit Austrailian phone number with a US based mobile phone?
What kind of liquid can be seen 'leaking' from the upper surface of the wing of a Boeing 737-800?
Is this n-speak?
If you know the location of an invisible creature, can you attack it?
Why aren’t there water shutoff valves for each room?
Is it okay for a ticket seller to grab a tip in the USA?
Programming of ICs in general (MCU / FPGA / Serdes IC)
Why is Python 2.7 still the default Python version in Ubuntu?
My cat is a houdini
Why does my purified Pokémon need to be healed?
How would timezones work on a planet 100 times the size of our Earth
Corroded Metal vs Magical Armor, should it melt it?
How many British prisoners of war were taken by the Wehrmacht and how many died?
How should I deal with a potential date who wouldn’t take no for an answer?
A torrent of foreign terms
Why does tag require braces while frac doesn't?
Is it possible to grow new organs through exposure to radioactivity?
Authorise a user on symfony4 using AOUTH2 and Guard
How can I sanitize user input with PHP?Detect access_control in controller symfony2Symfony2: how to implement custom user login & registration - get rid of FOSUSerBundleCan't Logout user in Symfony4Symfony4 DATABASE_URL in .env not workingSymfony4 asset with parameter base_pathInvalidArgumentException Symfony4package injection in symfony4get $this->getUser() in FormType Symfony4Google+ authentication with FOSUserBundle
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I am a bit confusing using guard and oauth2 on symfony to secure an API. I have a controller to handle the callback from FB or another provider, then I made this authenticator from an example I find online:
class FacebookAuthenticator extends SocialAuthenticator
private $clientRegistry;
private $em;
public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $em)
$this->clientRegistry = $clientRegistry;
$this->em = $em;
public function supports(Request $request)
return $request->attributes->get('_route') === 'connect_facebook_check';
public function getCredentials(Request $request)
return $this->fetchAccessToken($this->getFacebookClient());
public function getUser($credentials, UserProviderInterface $userProvider)
/** @var FacebookUser $facebookUser */
$facebookUser = $this->getFacebookClient()
->fetchUserFromToken($credentials);
$email = $facebookUser->getEmail();
$user = $this->em->getRepository(User::class)
->findOneBy(['email' => $email]);
if(!$user)
$user = new User();
$user->setCreated(new DateTime());
$user->setEmail($facebookUser->getEmail());
$user->setLastLogin(new DateTime());
$this->em->persist($user);
$this->em->flush();
return $user;
/**
* @return FacebookClient
*/
private function getFacebookClient()
return $this->clientRegistry->getClient('facebook');
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
return null;
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
$data = [
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
];
return new JsonResponse($data, Response::HTTP_FORBIDDEN);
/**
* Called when authentication is needed, but it's not sent.
* This redirects to the 'login'.
*/
public function start(Request $request, AuthenticationException $authException = null)
$data = [
'message' => 'Authentication Required'
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
// ...
the core of this class is the getUser() method. This works just fine, I can get info from FB and save it to my local db. However, what should I do to actually authenticate the user?
php symfony4
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
add a comment |
I am a bit confusing using guard and oauth2 on symfony to secure an API. I have a controller to handle the callback from FB or another provider, then I made this authenticator from an example I find online:
class FacebookAuthenticator extends SocialAuthenticator
private $clientRegistry;
private $em;
public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $em)
$this->clientRegistry = $clientRegistry;
$this->em = $em;
public function supports(Request $request)
return $request->attributes->get('_route') === 'connect_facebook_check';
public function getCredentials(Request $request)
return $this->fetchAccessToken($this->getFacebookClient());
public function getUser($credentials, UserProviderInterface $userProvider)
/** @var FacebookUser $facebookUser */
$facebookUser = $this->getFacebookClient()
->fetchUserFromToken($credentials);
$email = $facebookUser->getEmail();
$user = $this->em->getRepository(User::class)
->findOneBy(['email' => $email]);
if(!$user)
$user = new User();
$user->setCreated(new DateTime());
$user->setEmail($facebookUser->getEmail());
$user->setLastLogin(new DateTime());
$this->em->persist($user);
$this->em->flush();
return $user;
/**
* @return FacebookClient
*/
private function getFacebookClient()
return $this->clientRegistry->getClient('facebook');
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
return null;
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
$data = [
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
];
return new JsonResponse($data, Response::HTTP_FORBIDDEN);
/**
* Called when authentication is needed, but it's not sent.
* This redirects to the 'login'.
*/
public function start(Request $request, AuthenticationException $authException = null)
$data = [
'message' => 'Authentication Required'
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
// ...
the core of this class is the getUser() method. This works just fine, I can get info from FB and save it to my local db. However, what should I do to actually authenticate the user?
php symfony4
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
add a comment |
I am a bit confusing using guard and oauth2 on symfony to secure an API. I have a controller to handle the callback from FB or another provider, then I made this authenticator from an example I find online:
class FacebookAuthenticator extends SocialAuthenticator
private $clientRegistry;
private $em;
public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $em)
$this->clientRegistry = $clientRegistry;
$this->em = $em;
public function supports(Request $request)
return $request->attributes->get('_route') === 'connect_facebook_check';
public function getCredentials(Request $request)
return $this->fetchAccessToken($this->getFacebookClient());
public function getUser($credentials, UserProviderInterface $userProvider)
/** @var FacebookUser $facebookUser */
$facebookUser = $this->getFacebookClient()
->fetchUserFromToken($credentials);
$email = $facebookUser->getEmail();
$user = $this->em->getRepository(User::class)
->findOneBy(['email' => $email]);
if(!$user)
$user = new User();
$user->setCreated(new DateTime());
$user->setEmail($facebookUser->getEmail());
$user->setLastLogin(new DateTime());
$this->em->persist($user);
$this->em->flush();
return $user;
/**
* @return FacebookClient
*/
private function getFacebookClient()
return $this->clientRegistry->getClient('facebook');
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
return null;
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
$data = [
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
];
return new JsonResponse($data, Response::HTTP_FORBIDDEN);
/**
* Called when authentication is needed, but it's not sent.
* This redirects to the 'login'.
*/
public function start(Request $request, AuthenticationException $authException = null)
$data = [
'message' => 'Authentication Required'
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
// ...
the core of this class is the getUser() method. This works just fine, I can get info from FB and save it to my local db. However, what should I do to actually authenticate the user?
php symfony4
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
I am a bit confusing using guard and oauth2 on symfony to secure an API. I have a controller to handle the callback from FB or another provider, then I made this authenticator from an example I find online:
class FacebookAuthenticator extends SocialAuthenticator
private $clientRegistry;
private $em;
public function __construct(ClientRegistry $clientRegistry, EntityManagerInterface $em)
$this->clientRegistry = $clientRegistry;
$this->em = $em;
public function supports(Request $request)
return $request->attributes->get('_route') === 'connect_facebook_check';
public function getCredentials(Request $request)
return $this->fetchAccessToken($this->getFacebookClient());
public function getUser($credentials, UserProviderInterface $userProvider)
/** @var FacebookUser $facebookUser */
$facebookUser = $this->getFacebookClient()
->fetchUserFromToken($credentials);
$email = $facebookUser->getEmail();
$user = $this->em->getRepository(User::class)
->findOneBy(['email' => $email]);
if(!$user)
$user = new User();
$user->setCreated(new DateTime());
$user->setEmail($facebookUser->getEmail());
$user->setLastLogin(new DateTime());
$this->em->persist($user);
$this->em->flush();
return $user;
/**
* @return FacebookClient
*/
private function getFacebookClient()
return $this->clientRegistry->getClient('facebook');
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
return null;
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
$data = [
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
];
return new JsonResponse($data, Response::HTTP_FORBIDDEN);
/**
* Called when authentication is needed, but it's not sent.
* This redirects to the 'login'.
*/
public function start(Request $request, AuthenticationException $authException = null)
$data = [
'message' => 'Authentication Required'
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
// ...
the core of this class is the getUser() method. This works just fine, I can get info from FB and save it to my local db. However, what should I do to actually authenticate the user?
php symfony4
php symfony4
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
edited Mar 27 at 10:52
Shanteshwar Inde
1,1742 gold badges11 silver badges20 bronze badges
1,1742 gold badges11 silver badges20 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
asked Mar 27 at 10:15
user3174311user3174311
3691 gold badge7 silver badges22 bronze badges
3691 gold badge7 silver badges22 bronze badges
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55374726%2fauthorise-a-user-on-symfony4-using-aouth2-and-guard%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Is this question similar to what you get asked at work? Learn more about asking and sharing private information with your coworkers using Stack Overflow for Teams.
Is this question similar to what you get asked at work? Learn more about asking and sharing private information with your coworkers using Stack Overflow for Teams.
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55374726%2fauthorise-a-user-on-symfony4-using-aouth2-and-guard%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
