lenybernard · November 15, 2016 22:39
diff --git a/app__config__hwi_oauth.yml b/app__config__hwi_oauth.yml
 hwi_oauth:
    firewall_names:
        - main
    connect:
        account_connector: app.security.provider.gitlab
    fosub:
        username_iterations: 30
        properties:
            gitlab: gitlabId
    resource_owners:
        gitlab:
            type:               oauth2
            client_id:          %gitlab_client_id%
            client_secret:      %gitlab_client_secret%
            access_token_url:   %gitlab_access_token_url%
            authorization_url:  %gitlab_authorization_url%
            infos_url:          %gitlab_infos_url%
            paths:
                identifier:     id
                nickname:       username
                realname:       fullname
                email:          email
diff --git a/app__config__parameters.yml.dist b/app__config__parameters.yml.dist
 parameters:
    gitlab_client_id: your_client_id
    gitlab_client_secret: your_client_secret
    gitlab_access_token_url: http://gitlab.your.domain/oauth/token
    gitlab_authorization_url: http://gitlab.your.domain/oauth/authorize
    gitlab_infos_url: http://gitlab.your.domain/api/v3/user
diff --git a/app__config__routing.yml b/app__config__routing.yml
 gitlab_login:
     path: /login/check-gitlab
diff --git a/app__config__services.yml b/app__config__services.yml
 services:
    app.security.provider.gitlab:
        class: AppBundle\Security\Provider\GitlabUserProvider
        arguments:
            - "@fos_user.user_manager"
            - {gitlab: gitlabId}
diff --git a/security.yml b/security.yml
 security:
    ...
    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
                failure_path: /login
                check_path: /login_check
                default_target_path: /
            logout: true
            anonymous: true
            switch_user: ~
            oauth:
                resource_owners:
                    gitlab:        /login/check-gitlab
                check_path:        /login_check
                login_path:        /login
                failure_path:      /login
                use_forward:       false
                oauth_user_provider:
                    service: app.security.provider.gitlab
diff --git a/src__AppBundle__Entity__User.php b/src__AppBundle__Entity__User.php
 <?php
 namespace AppBundle\Entity\User;

 use FOS\UserBundle\Model\FosUser;

 class User extends FosUser {
    ...
      
    /**
     * @ORM\Column(name="gitlab_id", type="string", length=255, nullable=true)
     */
    private $gitlabId;

    /**
     * @ORM\Column(name="gitlab_access_token", type="string", length=255, nullable=true)
     */
    private $gitlabAccessToken;

    ...
 
    /**
     * @param string $gitlabId
     * @return User
     */
    public function setGitlabId($gitlabId)
    {
        $this->gitlabId = $gitlabId;

        return $this;
    }

    /**
     * @return string
     */
    public function getGitlabId()
    {
        return $this->gitlabId;
    }

    /**
     * @param string $gitlabAccessToken
     * @return User
     */
    public function setGitlabAccessToken($gitlabAccessToken)
    {
        $this->gitlabAccessToken = $gitlabAccessToken;
         return $this;
    }
 
    /**
     * @return string
     */
    public function getGitlabAccessToken()
    {
        return $this->gitlabAccessToken;
    }
 }
diff --git a/src__AppBundle__Security__Provider__GitlabUserProvider.php b/src__AppBundle__Security__Provider__GitlabUserProvider.php
 <?php

 namespace AppBundle\Security\Provider;

 use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
 use HWI\Bundle\OAuthBundle\Security\Core\User\FOSUBUserProvider as BaseClass;
 use Symfony\Component\Security\Core\User\UserInterface;

 class GitlabUserProvider extends BaseClass
 {
    /**
     * {@inheritdoc}
     */
    public function connect(UserInterface $user, UserResponseInterface $response)
    {
        $property = $this->getProperty($response);
        $username = $response->getUsername();
        //on connect - get the access token and the user ID
        $service = $response->getResourceOwner()->getName();
        $setterPrefix = 'set'.ucfirst($service);
        $setter_id = $setterPrefix.'Id';
        $setter_token = $setterPrefix.'AccessToken';
        //we "disconnect" previously connected users
        if (null !== $previousUser = $this->userManager->findUserBy(array($property => $username))) {
            $previousUser->$setter_id(null);
            $previousUser->$setter_token(null);
            $this->userManager->updateUser($previousUser);
        }
        //we connect current user
        $user->$setter_id($username);
        $user->$setter_token($response->getAccessToken());
        $this->userManager->updateUser($user);
    }

    /**
     * {@inheritdoc}
     */
    public function loadUserByOAuthUserResponse(UserResponseInterface $response)
    {
        $service = $response->getResourceOwner()->getName();
        $accessToken = $response->getAccessToken();
        $serviceId = $response->getUsername();
        $email = $response->getEmail();

        $setter = 'set'.ucfirst($service);
        $setter_id = $setter.'Id';
        $setter_token = $setter.'AccessToken';

        $user = $this->userManager->findUserByEmail($email);
        if (null === $user) {
            $user = $this->userManager->createUser();
            $user->setUsername($email);
            $user->setEmail($email);
            $user->setPassword('');
            $user->setEnabled(true);
        }

        $user->$setter_id($serviceId);
        $user->$setter_token($accessToken);
        $this->userManager->updateUser($user);

        return $user;
    }
 }
	hwi_oauth:
	firewall_names:
	- main
	connect:
	account_connector: app.security.provider.gitlab
	fosub:
	username_iterations: 30
	properties:
	gitlab: gitlabId
	resource_owners:
	gitlab:
	type: oauth2
	client_id: %gitlab_client_id%
	client_secret: %gitlab_client_secret%
	access_token_url: %gitlab_access_token_url%
	authorization_url: %gitlab_authorization_url%
	infos_url: %gitlab_infos_url%
	paths:
	identifier: id
	nickname: username
	realname: fullname
	email: email
	parameters:
	gitlab_client_id: your_client_id
	gitlab_client_secret: your_client_secret
	gitlab_access_token_url: http://gitlab.your.domain/oauth/token
	gitlab_authorization_url: http://gitlab.your.domain/oauth/authorize
	gitlab_infos_url: http://gitlab.your.domain/api/v3/user
	services:
	app.security.provider.gitlab:
	class: AppBundle\Security\Provider\GitlabUserProvider
	arguments:
	- "@fos_user.user_manager"
	- {gitlab: gitlabId}
	security:
	...
	firewalls:
	main:
	pattern: ^/
	form_login:
	provider: fos_userbundle
	csrf_provider: form.csrf_provider
	failure_path: /login
	check_path: /login_check
	default_target_path: /
	logout: true
	anonymous: true
	switch_user: ~
	oauth:
	resource_owners:
	gitlab: /login/check-gitlab
	check_path: /login_check
	login_path: /login
	failure_path: /login
	use_forward: false
	oauth_user_provider:
	service: app.security.provider.gitlab
	<?php
	namespace AppBundle\Entity\User;

	use FOS\UserBundle\Model\FosUser;

	class User extends FosUser {
	...

	/**
	* @ORM\Column(name="gitlab_id", type="string", length=255, nullable=true)
	*/
	private $gitlabId;

	/**
	* @ORM\Column(name="gitlab_access_token", type="string", length=255, nullable=true)
	*/
	private $gitlabAccessToken;

	...

	/**
	* @param string $gitlabId
	* @return User
	*/
	public function setGitlabId($gitlabId)
	{
	$this->gitlabId = $gitlabId;

	return $this;
	}

	/**
	* @return string
	*/
	public function getGitlabId()
	{
	return $this->gitlabId;
	}

	/**
	* @param string $gitlabAccessToken
	* @return User
	*/
	public function setGitlabAccessToken($gitlabAccessToken)
	{
	$this->gitlabAccessToken = $gitlabAccessToken;
	return $this;
	}

	/**
	* @return string
	*/
	public function getGitlabAccessToken()
	{
	return $this->gitlabAccessToken;
	}
	}
	<?php

	namespace AppBundle\Security\Provider;

	use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
	use HWI\Bundle\OAuthBundle\Security\Core\User\FOSUBUserProvider as BaseClass;
	use Symfony\Component\Security\Core\User\UserInterface;

	class GitlabUserProvider extends BaseClass
	{
	/**
	* {@inheritdoc}
	*/
	public function connect(UserInterface $user, UserResponseInterface $response)
	{
	$property = $this->getProperty($response);
	$username = $response->getUsername();
	//on connect - get the access token and the user ID
	$service = $response->getResourceOwner()->getName();
	$setterPrefix = 'set'.ucfirst($service);
	$setter_id = $setterPrefix.'Id';
	$setter_token = $setterPrefix.'AccessToken';
	//we "disconnect" previously connected users
	if (null !== $previousUser = $this->userManager->findUserBy(array($property => $username))) {
	$previousUser->$setter_id(null);
	$previousUser->$setter_token(null);
	$this->userManager->updateUser($previousUser);
	}
	//we connect current user
	$user->$setter_id($username);
	$user->$setter_token($response->getAccessToken());
	$this->userManager->updateUser($user);
	}

	/**
	* {@inheritdoc}
	*/
	public function loadUserByOAuthUserResponse(UserResponseInterface $response)
	{
	$service = $response->getResourceOwner()->getName();
	$accessToken = $response->getAccessToken();
	$serviceId = $response->getUsername();
	$email = $response->getEmail();

	$setter = 'set'.ucfirst($service);
	$setter_id = $setter.'Id';
	$setter_token = $setter.'AccessToken';

	$user = $this->userManager->findUserByEmail($email);
	if (null === $user) {
	$user = $this->userManager->createUser();
	$user->setUsername($email);
	$user->setEmail($email);
	$user->setPassword('');
	$user->setEnabled(true);
	}

	$user->$setter_id($serviceId);
	$user->$setter_token($accessToken);
	$this->userManager->updateUser($user);

	return $user;
	}
	}