1

I am in the process of development of REST API server using Symfony2 framework. Following bundles have been added already and are in use:

  • FOSRestBundle
  • FOSUserBundle

  • JMSSerializerBundle

    Basically what I need to add is token generation logic so that user can receive token after authentication and use it for future API calls. I have already tried FOSOAuthServerBundle but there is one additional step during authorization for granting Client permissions. I do not need this step since I will not provide ability to register oAuth client. I will just have website and most likely mobile app for communicating with the REST server.

    Do I need FOSOAuthServerBundle in this case? Or is there a better approach (e.g. create customer authentication provider as described at http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html)? If I should go with FOSOAuthServerBundle, how can I skip a step for confirmation of granting access for oAuth Client?

Improve this question

1 Answer 1

Reset to default
0

Have finally found the answer under another question - Symfony2+FOSOAuthServerBundle: Browser-less initial authentication

Basically FOSOAuthServerBundle can be used with grand type GRANT_TYPE_USER_CREDENTIALS (https://github.com/FriendsOfSymfony/oauth2-php/blob/master/lib/OAuth2/OAuth2.php#L182)

Detailed explanation of grand types was found at http://documentation.pingidentity.com/display/PF66/Grant+Type+Parameters

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.