I am working on creating an Amazon Alexa Skill which allows users to query data from their user account at my Symfony 3.4 based web service.
The user management and authentication in my Symfony project is handles uses FOSUserBundle. Linking the Skill to an user account using the FOSOAuthServerBundle was no problem. However, the Alaxa calls always use the same endpoint, no matter if an account has been linked yet or not. Thus using different endpoints/firewalls for linked/not-linked calls it not possible.
If an account is linked the Alexa request does contain the AccessToken within the JSON body data, no place where the OAuthListener could find it.
Thus it is up to me to extract the AccessToken from request data and to manually authenticate the user with this token. What is the correct way to do this?
Hi,
I am working on creating an Amazon Alexa Skill which allows users to query data from their user account at my
Symfony 3.4
based web service.The user management and authentication in my Symfony project is handles uses
FOSUserBundle
. Linking the Skill to an user account using theFOSOAuthServerBundle
was no problem. However, the Alaxa calls always use the same endpoint, no matter if an account has been linked yet or not. Thus using different endpoints/firewalls for linked/not-linked calls it not possible.If an account is linked the Alexa request does contain the
AccessToken
within the JSON body data, no place where the OAuthListener could find it.Thus it is up to me to extract the
AccessToken
from request data and to manually authenticate the user with this token. What is the correct way to do this?