DEV Community

Integrate Oauth2 for Symfony 4

Mert Simsek on August 22, 2018

We are going to easily integrate with KnpUOAuth2ClientBundle for Symfony 4. You can read the detail about it, https://github.com/knpuniversity/oaut...

Read full post

B1905 • Mar 24 '19

Hi,

I have tried this for Symfony 4.2.2.
When i edit my security.yaml, i have this error : " Unrecognized option "knpu_oauth2_client" under "security". Available options are "access_control", "access_decision_manager", "access_denied_url", "always_authenticate_before_granting", "encoders", "erase_credentials", "firewalls", "hide_user_not_found", "providers", "role_hierarchy", "session_fixation_strategy". "

I don't know how can i solve it ?

MedRyanReychico • Apr 3 '19

Hi ,
Did you found a solution for this problem , cause i have the same and couldn't fix it ?

Mert Simsek • Apr 3 '19 • Edited

Hi fellas,

Thank you for reply, I tried to get same error and I did as I said in this article and I got same error. I found the solution.

You have to insert these lines. security and knpu_oauth2_client must be same level for yaml format. Don't push knpu_oauth2_client to under security section.

security:

    # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
    providers:
        my_provider:
            entity: { class: App:User, property: username }

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            anonymous: ~
            logout:
                path: /logout
                target: /login
            logout_on_user_change: true

            guard:
                authenticators:
                    - App\Security\GoogleAuthenticator

knpu_oauth2_client:
            clients:
                google:
                    type: google
                    client_id: '%env(resolve:GOOGLE_CLIENT_ID)%'
                    client_secret: '%env(resolve:GOOGLE_CLIENT_SECRET)%'
                    redirect_route: connect_google_check
                    redirect_params: {}

julien-lav • Sep 24 '18 • Edited

Hi, thanks a lot for this tutorial, I followed all the steps but I still have this error :

{
"status": false,
"message": "User not found!"
}

I tried a var_dump(($this->getUser());
and I get NULL

So I don't know what is wrong, thanks for your help :)

Mert Simsek • Sep 24 '18

Hi Julien,

Where do you write var_dump($this->getUser()); ?

You should try to write dumping the User into GoogleAuthenticator class and getUser() method? And in my opinion, keep on line-by-line with this way that class.

julien-lav • Sep 24 '18

Ok I'll try this, I was tryin in the Google Controller... probably not the best idea

julien-lav • Sep 25 '18 • Edited

So I think I'm half way there, I had to change this, so I'm adding users in the bdd via google.

Once again, thanks a lot for you're toturial :)

Mert Simsek • Sep 25 '18

Don't mention it :) I got happy for you

Hans DECAESTEKER • Aug 26 '19

Hi,
Is it possible for you to explain how to mix a form login (simple page with forms) and the knpu oauth in a api that using lexik and jwt please ? I can log to my api with sending json to the login_check path that send me the jwt token and then use it to play with api route, but in a mixed login, how to implement it to connect with google and receive the jwt token (it is maybe a stupid question but i need to know it)
Thanks for this very great tut

Muhammad Bilal • May 14 '19 • Edited

thepracticaldev.s3.amazonaws.com/i...
The App\Security\GoogleAuthenticator::getUser() method must return a UserInterface. You returned App\Entity\User.
I don't know how can i solve it ?

Mert Simsek • May 14 '19

Apparently, you need to implement UserInterface to User Entity class. Open the User entity file and import this line,

class User implement UserInterface

MBJ-97 • Aug 19 '19

First thank you so much bro for this tutorial It helped me a lot and saved my project but there's one problem ... these infos doen't save to my database directly

Mert Simsek • Aug 19 '19

Thanks for the answer. What's the matter with the database?

MBJ-97 • Aug 19 '19

The infos that we brought from google doesn't persist / flush

Mert Simsek • Aug 19 '19 • Edited

Is there anything error or what?

public function getUser($credentials, UserProviderInterface $userProvider)
    {
        /** @var GoogleUser $googleUser */
        $googleUser = $this->getGoogleClient()
            ->fetchUserFromToken($credentials);

        $email = $googleUser->getEmail();

        $user = $this->em->getRepository('App:User')
            ->findOneBy(['email' => $email]);
        if (!$user) {
            $user = new User();
            $user->setEmail($googleUser->getEmail());
            $user->setFullname($googleUser->getName());
            $user->setCreatedAt(new \DateTime(date('Y-m-d H:i:s')));
            $this->em->persist($user);
            $this->em->flush();
        }

        return $user;
    }

This code should insert your user data into your database.

MBJ-97 • Aug 20 '19

I had a little problem in my code and it worked thanks again , I want to ask you please how can I retrieve the Date of birth

Mert Simsek • Aug 20 '19

As I read, there is a scope about it. Here you are, the documentation.

developers.google.com/people/v1/ho...

You need to add this scope as the documentation.

googleapis.com/auth/user.birthday....

MBJ-97 • Aug 20 '19

where shall I add it ?

Mert Simsek • Aug 20 '19

In fact, I don't know but Could try this? I've changed user_fields line.
Also, check out developers.google.com/+/web/api/re...

knpu_oauth2_client:
    clients:
        google:
            # must be "google" - it activates that type!
            type: google
            # add and configure client_id and client_secret in parameters.yml
            client_id: '%env(resolve:GOOGLE_CLIENT_ID)%'
            client_secret: '%env(resolve:GOOGLE_CLIENT_SECRET)%'
            # a route name you'll create
            redirect_route: connect_google_check
            redirect_params: {}
            # Optional value for sending access_type parameter. More detail: https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
            # access_type: ''
            # Optional value for sending hd parameter. More detail: https://developers.google.com/identity/protocols/OpenIDConnect#hd-param
            # hosted_domain: ''
            # Optional value for additional fields to be requested from the user profile. If set, these values will be included with the defaults. More details: https://developers.google.com/+/web/api/rest/latest/people
            user_fields: {'birthday'}
            # whether to check OAuth2 "state": defaults to true
            # use_state: true

MBJ-97 • Aug 21 '19

It didnt worked :(

Sasa Milivojevic • Apr 21 '20 • Edited

HI I thing that something Google changed in past couple days

github.com/thephpleague/oauth2-goo...

so I dont know how to override so I can make it work - until somene fix the bundle.

Mert Simsek • Apr 22 '20

I check it out the issue, I assume you find a solution, right?

Sasa Milivojevic • Apr 22 '20

Oh yes sorry I didnt write

in googleController should be

public function connectAction(ClientRegistry $clientRegistry)
{
    return $clientRegistry
        ->getClient('google')
        ->redirect([], [
            'prompt' => 'consent',
        ]);
}

Mert Simsek • Apr 22 '20

Perfect! Nowadays, I move to Symfony 5, thanks a lot!

Sasa Milivojevic • Dec 7 '21

Hi,

I implement new symfony security

symfony.com/doc/current/security.html

and now I have this error

Argument 1 passed to Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator::__construct() must implement interface Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface, instance of App\Security\GoogleAuthAuthenticator given, called in /opt/app/vendor/symfony/security-http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php on line 60

MarcoMorandin • Apr 11 '21

Hi,
I have tried this for Symfony 5. I cannot do the authentication because when I have done the login with google it returns {"status":false,"message":"User not found!"}.
I cannot understand what's wrong, can you help me?

Mert Simsek • Apr 11 '21

Hi @marcomorain

Actually, I haven't moved to Symfony 5 version. However, it might be an easy way because most things got easier regarding security on that version as I know.

Alexander • Jul 23 '20

Thank you, very quickly helped set up!

Mert Simsek • Jul 24 '20

I'm glad to hear that :)

harabazan zouhir • Sep 27 '22

Hi,
I don't know exactly why I am facing this error

error
<< Attempted to load class "AbstractGuardAuthenticator" from namespace "Symfony\Component\Security\Guard".
Did you forget a "use" statement for another namespace? >>

Raphael Mouton • Oct 1 '18

Really cool ! Thanks a lot ! Works perfectly for me !
I'm going to try the same with facebook :)

Mert Simsek • Oct 1 '18 • Edited

That's superb! I am pleased.
Yes, i integrated Facebook last week. It happened fine :)

Sasa Milivojevic • Dec 15 '19

Great tutorial everything works great

Mert Simsek • Dec 16 '19

I'm glad to hear it from you :)

babababou • Dec 12 '18

Hey great tuto ! thks !
Can you make a little one for facebook ??? Because I really can't do it....

Tks you :)

Mert Simsek • Dec 12 '18

Hi,

Thank you for pretty reply :) In fact, there is a document related as you want. Here you are :)

github.com/knpuniversity/oauth2-cl...

ThomasCms • Mar 4 '19

@babababou did you success ? Cause I'm following knpuniversity documentation but I feel like I have to be in HTTPS...

Sasa Milivojevic • Feb 9 '20

Hi,

If I try to login but I dont have gmail account, I get epmty form for login on gmail account, but I want if there is no gmail account to redirect user on other url for log in.

Can you help?