OAuth2 clients
Fastfony provides a simple way to implement OAuth2 clients in your Symfony application. This is useful for integrating with third-party services that require OAuth2 authentication and for offer login with third-party services.
Usage
Fastfony use knpuniversity/oauth2-client-bundle to manage OAuth2 clients. It is already installed and configured in Fastfony, so you can use it directly in your application.
Two providers from League are already configured in Fastfony: Google and Github , but you can add more providers as needed.
In the admin interface, on settings screen, you can manage Google and Github connection : just provide your OAuth2 credentials (client ID and secret) to enable the connection.
Adding a new OAuth2 client
You can add a new OAuth2 client library for support new third-party services.
For Facebook by example, you can add them by following these steps:
composer require league/oauth2-facebook
Create an app on Facebook for developers and get your client ID and secret.
Indicate the valid OAuth redirect URL: (your domain name followed by /connect/facebook/check
, we will create this route later in Fastfony).
Then, add the following configuration in config/packages/knpu_oauth2_client.yaml
:
knpu_oauth2_client:
clients:
facebook:
type: facebook
client_id: '%env(FACEBOOK_CLIENT_ID)%'
client_secret: '%env(FACEBOOK_CLIENT_SECRET)%'
redirect_route: connect_facebook_check
graph_api_version: v2.12
Finally, add the environment variables in your .env
file:
FACEBOOK_CLIENT_ID=your_facebook_client_id
FACEBOOK_CLIENT_SECRET=your_facebook_client_secret
(you can also create Parameter in the admin interface, and use Parameter entity).
Create two controllers to handle the connection and the check:
# src/Controller/Security/OAuthClient/Facebook/Check.php
<?php
declare(strict_types=1);
namespace App\Controller\Security\OAuthClient\Facebook;
use App\Controller\Security\OAuthClient\AbstractCheck;
use Symfony\Component\Routing\Attribute\Route;
/** @phpstan-ignore symfony.noClassLevelRoute */
#[Route('/connect/facebook/check', name: 'connect_facebook_check')]
class Check extends AbstractCheck
{
}
# src/Controller/Security/OAuthClient/Facebook/Connect.php
<?php
declare(strict_types=1);
namespace App\Controller\Security\OAuthClient\Facebook;
use App\Controller\Security\OAuthClient\AbstractConnect;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\Routing\Attribute\Route;
class Connect extends AbstractConnect
{
#[Route('/connect/github', name: 'connect_facebook', methods: ['GET'])]
public function __invoke(string $service = 'facebook'): RedirectResponse
{
$this->scopes = ['public_profile', 'email'];
return parent::__invoke($service);
}
}
Finally, create new authenticator to handle the Facebook OAuth2 client:
# src/Security/OAuthClient/FacebookAuthenticator.php
<?php
declare(strict_types=1);
namespace App\Security\OAuthClient;
class FacebookAuthenticator extends AbstractAuthenticator
{
public function getClientName(): string
{
return 'facebook';
}
// You can override the AbstractAuthenticator methods to customize the authentication process if needed.
}
Add it in your config/packages/security.yaml
:
security:
firewalls:
main:
# ...
custom_authenticators:
# ...
- App\Security\OAuthClient\FacebookAuthenticator
And, add fromFacebook
in UserFactory class to handle the user find or creation from Facebook OAuth2 client:
# src/Factory/UserFactory.php
<?php
# ...
public function fromFacebook(FacebookUser $facebookUser): User
{
$existingUser = $this->userRepository->findOneBy(['email' => $facebookUser->getEmail()]);
if ($existingUser) {
return $existingUser;
}
return $this->userRepository->create($facebookUser->getEmail());
}
#...
Now, you can use the Facebook OAuth2 client in your application. You can add a link to the connection in your templates:
{# templates/security/_oauth_clients.html.twig #}
{# ... #}
<a href="{{ path('connect_facebook') }}" class="btn bg-[#1A77F2] text-white border-[#005fd8]" data-turbo="false">
<svg aria-label="Facebook logo" width="16" height="16" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 32 32"><path fill="white" d="M8 12h5V8c0-6 4-7 11-6v5c-4 0-5 0-5 3v2h5l-1 6h-4v12h-6V18H8z"></path></svg>
Facebook
</a>
{# ... #}
You can add more OAuth2 clients by following the same steps as above, just change the provider name and the configuration accordingly.