FOSRestBundleByExample icon indicating copy to clipboard operation
FOSRestBundleByExample copied to clipboard
verified publisher icon sdiaz

Integrate FOSRestBundleByExample with an existing project

Open lukeman83 opened this issue 12 years ago • 1 comments

Hi, I read FOSRestBundleByExample and I added the bundles in my projects.

FOSRestBundle NelmioApiDocBundle MopaWSSEAuthenticationBundle

I was using FOSUserBundle yet. I have a problem. My firewall properties are:

security:
    providers:
        my_fos_facebook_provider:
            id: my.facebook.user          
        fos_userbundle:
            id: fos_user.user_manager
    encoders:
        FOS\UserBundle\Model\UserInterface: sha512

    firewalls:
        wsse_secured:
            pattern:   ^/api/.*
            stateless:    true
            wsse:
                nonce_dir: null
                lifetime: 300
                provider: fos_userbundle
            anonymous:    true
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                check_path: fos_user_security_check
                login_path: fos_user_security_login
                default_target_path: homepage
            fos_facebook:
                app_url: %facebookAppUrl%
                server_url: %facebookServerUrl%
                login_path: fos_user_security_login
                check_path: _security_check
                default_target_path: homepage
                provider: my_fos_facebook_provider
            logout:
                handlers: ["fos_facebook.logout_handler"]
            anonymous:    true
            switch_user: true

I try to use my api in this way:

First I do a POST request:

localhost/project/web/app_dev.php/security/token/[email protected]&_password=aaa

HEADERS:

Accept : application/json
Content-Type : application/x-www-form-urlencoded

I receive response 200 OK:

BODY:
{
"WSSE":"UsernameToken Username=\"[email protected]\", PasswordDigest=\"R82hdPWyV3PoTliW5O1aoSkKRZk=\", Nonce=\"YmUwZDVhNDliNzZiM2QzZA==\", Created=\"2013-05-23T07:57:03+02:00\""
}

After I call my api with a GET request:

localhost/project/web/app_dev.php/api/something

HEADERS:

Authorization : WSSE profile="UsernameToken"
X-wsse : UsernameToken Username=\"[email protected]\", PasswordDigest=\"R82hdPWyV3PoTliW5O1aoSkKRZk=\", Nonce=\"YmUwZDVhNDliNzZiM2QzZA==\", Created=\"2013-05-23T07:57:03+02:00\"
ACCEPT : application/json

I receive response 403 FORBIDDEN.

What is the error? Many thanks!!!

lukeman83 avatar May 24 '13 08:05 lukeman83

@lukeman83

Your x-wsse string should look like,

X-wsse : UsernameToken Username="[email protected]", PasswordDigest="R82hdPWyV3PoTliW5O1aoSkKRZk=", Nonce="YmUwZDVhNDliNzZiM2QzZA==", Created="2013-05-23T07:57:03+02:00"

Something in this setup or maybe in symfony is escaping double quotes automatically, I am not sure what does that.

corpulent avatar Sep 04 '13 13:09 corpulent