I'm using Symfony2 with FOSOAuthServerBundle. What I want to do is login with an user over OAuth and make an API call with the retrieved access_token. Therefore the following steps are executed:
1. GET http://localhost/oauth/v2/token?client_id=4_123456&client_secret=123456&grant_type=password&password=PASSWORD&username=USEWRNAME
2. access_token is retrieved and used for the next request
3. GET http://localhost/api2/stats?access_token=ACCESS_TOKEN
4. processing the stats
This is working fine on localhost, but not online! After retrieving an access token via http://test.mydomain.de/oauth/v2/token it is used for the API call http://test.mydomain.de/api2/stats but I get redirected to the login path provided in the security.yml.
The same system and database is used on localhost and online. Are there any differences I should have been taking care of? Any extra settings for online usage, domain settings? Any idea?
security.yml
oauth_authorize:
pattern: ^/oauth/v2/auth
form_login:
provider: my_fos_facebook_provider
check_path: _security_check
login_path: fos_user_security_login
anonymous: true
oauth_token:
pattern: ^/oauth/v2/token
security: false
api2:
pattern: ^/api2
fos_oauth: true
stateless: true
The client used has the needed grant_type, password and username are correct. I've also tried it with different redirect_uris (
http://localhost/
http://test.mydomain.de
), but is it really necessary? If yes, how should it look like?