Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrate FOSRestBundleByExample with an existing project #11

Open
lukeman83 opened this issue May 24, 2013 · 1 comment
Open

Integrate FOSRestBundleByExample with an existing project #11

lukeman83 opened this issue May 24, 2013 · 1 comment

Comments

@lukeman83
Copy link

Hi,
I read FOSRestBundleByExample and I added the bundles in my projects.

FOSRestBundle
NelmioApiDocBundle
MopaWSSEAuthenticationBundle

I was using FOSUserBundle yet.
I have a problem.
My firewall properties are:

security:
    providers:
        my_fos_facebook_provider:
            id: my.facebook.user          
        fos_userbundle:
            id: fos_user.user_manager
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    firewalls:
        wsse_secured:
            pattern:   ^/api/.*
            stateless:    true
            wsse:
                nonce_dir: null
                lifetime: 300
                provider: fos_userbundle
            anonymous:    true
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                check_path: fos_user_security_check
                login_path: fos_user_security_login
                default_target_path: homepage
            fos_facebook:
                app_url: %facebookAppUrl%
                server_url: %facebookServerUrl%
                login_path: fos_user_security_login
                check_path: _security_check
                default_target_path: homepage
                provider: my_fos_facebook_provider
            logout:
                handlers: ["fos_facebook.logout_handler"]
            anonymous:    true
            switch_user: true

I try to use my api in this way:

First I do a POST request:

localhost/project/web/app_dev.php/security/token/[email protected]&_password=aaa

HEADERS:

Accept : application/json
Content-Type : application/x-www-form-urlencoded

I receive response 200 OK:

BODY:
{
"WSSE":"UsernameToken Username=\"[email protected]\", PasswordDigest=\"R82hdPWyV3PoTliW5O1aoSkKRZk=\", Nonce=\"YmUwZDVhNDliNzZiM2QzZA==\", Created=\"2013-05-23T07:57:03+02:00\""
}

After I call my api with a GET request:

localhost/project/web/app_dev.php/api/something

HEADERS:

Authorization : WSSE profile="UsernameToken"
X-wsse : UsernameToken Username=\"[email protected]\", PasswordDigest=\"R82hdPWyV3PoTliW5O1aoSkKRZk=\", Nonce=\"YmUwZDVhNDliNzZiM2QzZA==\", Created=\"2013-05-23T07:57:03+02:00\"
ACCEPT : application/json

I receive response 403 FORBIDDEN.

What is the error?
Many thanks!!!
@corpulent
Copy link

@lukeman83

Your x-wsse string should look like,

X-wsse : UsernameToken Username="[email protected]", PasswordDigest="R82hdPWyV3PoTliW5O1aoSkKRZk=", Nonce="YmUwZDVhNDliNzZiM2QzZA==", Created="2013-05-23T07:57:03+02:00"

Something in this setup or maybe in symfony is escaping double quotes automatically, I am not sure what does that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@corpulent @lukeman83