Closed quba closed 12 years ago
@makasim can you tell me where the token is set? The token that is refreshUser's function argment returns 0 when I want to debug $token->getUser()-getId(). I don't know why openIdbundles authentication sets this token incorrectly. For example $token->getUser()-getUsername() returns good value. There's only problem with ID, which is needed to realod user from security user provider.
the token created in the security listener: https://github.com/formapro/FpOpenIdBundle/blob/master/Security/Http/Firewall/OpenIdAuthenticationListener.php#L36
fpopenid bundle does not refresh token: https://github.com/formapro/FpOpenIdBundle/blob/master/Model/UserManager.php#L67
do you have id in serialize method of the user?
I am using fosuserbundle and yes - user id is serialized in model. When I am trying to login with a fresh user and I create user with createUserFromIdentity, then user is correct reloaded from session. So after creating account I am correct authenticated. What is strange here - when I am trying to login, serialized token has strange proxy. Serialized user while registering new account:
C:62:"Fp\OpenIdBundle\Security\Core\Authentication\Token\OpenIdToken":502:{a:3:{i:0;s:6:"public";i:1;s:80:"https://www.google.com/accounts/o8/id?id=AItOawnA9Y_2CZR50TQOsswOfhDj_SZHgXaA8JA";i:2;s:374:"a:4:{i:0;C:30:"codebug\UserBundle\Entity\User":121:{a:2:{i:0;N;i:1;s:97:"a:9:{i:0;s:0:"";i:1;s:0:"";i:2;s:3:"u18";i:3;s:3:"u18";i:4;b:0;i:5;b:0;i:6;b:0;i:7;b:1;i:8;i:18;}";}}i:1;b:1;i:2;a:1:{i:0;O:41:"Symfony\Component\Security\Core\Role\Role":1:{s:47:"Symfony\Component\Security\Core\Role\Rolerole";s:9:"ROLE_USER";}}i:3;a:1:{s:13:"contact/email";s:14:"kuba@bomba.org";}}";}}
Serialized user before executing refreshUser from FosUserBundle:
C:62:"Fp\OpenIdBundle\Security\Core\Authentication\Token\OpenIdToken":517:{a:3:{i:0;s:6:"public";i:1;s:80:"https://www.google.com/accounts/o8/id?id=AItOawnA9Y_2CZR50TQOsswOfhDj_SZHgXaA8JA";i:2;s:389:"a:4:{i:0;C:45:"Proxies\__CG__\codebug\UserBundle\Entity\User":121:{a:2:{i:0;N;i:1;s:97:"a:9:{i:0;s:0:"";i:1;s:0:"";i:2;s:3:"u18";i:3;s:3:"u18";i:4;b:0;i:5;b:0;i:6;b:0;i:7;b:1;i:8;i:18;}";}}i:1;b:1;i:2;a:1:{i:0;O:41:"Symfony\Component\Security\Core\Role\Role":1:{s:47:"Symfony\Component\Security\Core\Role\Rolerole";s:9:"ROLE_USER";}}i:3;a:1:{s:13:"contact/email";s:14:"kuba@bomba.org";}}";}}
What is this Proxies\__CG__
?
Maybe that's the thing which is causing problems?
In onKernelResponse() before serializing the token, $token->getUser()->getId() returns correct value. So it is before the token is set to session.
Then while reading token from session in handle() function after $token = unserialize($token);
, $token->getUser()->getId()
returns 0.
So it's serialization issue. Don't know what's wrong there :/
Looks like it isn't possible to correct serialize doctrine proxys. User is retrieved from identityManager->getUser(). So as far as I have read, we cant serialize it. It wasn't problem in fosfacebookbundle, because there we don't have OpenIdIdentity entity. I don't know what is the best solution but it could be solved by adding EAGER to the doctrine's assotiation between OpenIdIdentity
and User
class.
It looks now so:
/**
* @var Symfony\Component\Security\Core\User\UserInterface
*
* @ORM\OneToOne(targetEntity="codebug\UserBundle\Entity\User", fetch="EAGER")
* @ORM\JoinColumn(name="user_id", referencedColumnName="id")
*/
protected $user;
Please close unless you can propose better solution. BTW. thanks for integrating this bundle with Symfony's security layer. That was the only thing I was missing in this bundle. ;) Great job.
@quba I am not sure but it could help. the UsernamePasswordListener
try to resolve all POST
request to check_path
url. https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php#L58
Please try one of these:
fp_openid
listener before form
one
Maybe somebody will have time to answer it. I'm almost done with fosuserbundle integration. everything seems look alright except one thing. After successfull login and redirect to the homepage (as specified in the firewall) I'm not logged in. It looks so in logs:
So there's an error while reloading user from user provider. This query:
Should select user with ID 16, not 0. I dont know why it cant read that ID from the session.