-
Notifications
You must be signed in to change notification settings - Fork 453
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuthToken with null user is not authenticated anymore since symfony 5.4 #688
Comments
I'm also having this issue, specifically when using a |
I agree, it's very odd, especially for My quick and dirty solution was to override For Example:
and then configure it as a "replacement" for in your fos_oauth_server.security.authentication.provider:
class: App\Security\OAuth\Provider\OAuthProvider
arguments: [ ~, '@fos_oauth_server.server', ~ ]
public: false I tried to decorate the original In |
While its definitely not an ideal solution, and it lacks some things I'd like to do with it, it does at least get around the issue. |
+1 |
1 similar comment
+1 |
I'm using
->isGranted('ROLE_SCOPE1')
to authorize a machine token so there is no user context.Since Symfony 5.4, AuthorizationChecker relies on
getUser()
instead ofgetToken()
which make user-less access tokens not authenticated (cf diff).In some way Symfony introduced a BC break but I think the OAuthToken should fill the
user
property with a string constant to pass this condition.What do you think?
@nicolas-grekas what would be the good practice?
The text was updated successfully, but these errors were encountered: