jonafrank
diff --git a/‎app/AppKernel.php
+3 b/‎app/AppKernel.php
+3
diff --git a/‎app/DoctrineMigrations/Version20150410170543.php
+1 b/‎app/DoctrineMigrations/Version20150410170543.php
+1
diff --git a/‎app/DoctrineMigrations/Version20150413165736.php
+84 b/‎app/DoctrineMigrations/Version20150413165736.php
+84
diff --git a/‎app/Resources/views/login.html.twig
+22 b/‎app/Resources/views/login.html.twig
+22
diff --git a/‎app/config/config.yml
+13-2 b/‎app/config/config.yml
+13-2
diff --git a/‎app/config/routing.yml
+14 b/‎app/config/routing.yml
+14
diff --git a/‎app/config/routing_dev.yml
+4 b/‎app/config/routing_dev.yml
+4
diff --git a/‎app/config/security.yml
+30-30 b/‎app/config/security.yml
+30-30
diff --git a/‎app/config/services.yml
+18-4 b/‎app/config/services.yml
+18-4
diff --git a/‎composer.json
+3-1 b/‎composer.json
+3-1
@@ -19,9 +19,12 @@ public function registerBundles()
             new AppBundle\AppBundle(),
             new Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle(),
             new Nelmio\CorsBundle\NelmioCorsBundle(),
+            new FOS\OAuthServerBundle\FOSOAuthServerBundle(),
+            new Doctrine\Bundle\FixturesBundle\DoctrineFixturesBundle()
         );
 
         if (in_array($this->getEnvironment(), array('dev', 'test'))) {
+//            $bundles[] = new Acme\DemoBundle\AcmeDemoBundle();
             $bundles[] = new Symfony\Bundle\DebugBundle\DebugBundle();
             $bundles[] = new Symfony\Bundle\WebProfilerBundle\WebProfilerBundle();
             $bundles[] = new Sensio\Bundle\DistributionBundle\SensioDistributionBundle();
 
@@ -30,6 +30,7 @@ public function up(Schema $schema)
         $listsCategories->addColumn('category_id', 'integer');
         $listsCategories->addIndex(array('productlist_id'));
         $listsCategories->addIndex(array('category_id'));
+        $listsCategories->setPrimaryKey(array('productlist_id', 'category_id'));
         $product = $schema->createTable('product');
         $product->addColumn('id', 'integer', array('autoincrement' => true));
         $product->addColumn('category_id', 'integer');
 
@@ -0,0 +1,84 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Migrations\AbstractMigration;
+use Doctrine\DBAL\Schema\Schema;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+class Version20150413165736 extends AbstractMigration
+{
+    /**
+     * @param Schema $schema
+     */
+    public function up(Schema $schema)
+    {
+        $client = $schema->createTable('client');
+        $client->addColumn('id', 'integer', array('autoincrement' => true));
+        $client->addColumn('random_id', 'string');
+        $client->addColumn('redirect_uris', 'array');
+        $client->addColumn('secret', 'string');
+        $client->addColumn('allowed_grant_types', 'array');
+        $client->setPrimaryKey(array('id'));
+        $users = $schema->createTable('users');
+        $users->addColumn('id', 'integer', array('autoincrement' => true));
+        $users->addColumn('username', 'string', array('length' => 25));
+        $users->addColumn('email', 'string', array('length' => 25));
+        $users->addColumn('salt', 'string', array('length' => 32));
+        $users->addColumn('password', 'string', array('length' => 40));
+        $users->addColumn('is_active', 'boolean');
+        $users->addUniqueIndex(array('username'));
+        $users->addUniqueIndex(array('email'));
+        $users->setPrimaryKey(array('id'));
+        $authCode = $schema->createTable('auth_code');
+        $authCode->addColumn('id', 'integer', array('autoincrement' => true));
+        $authCode->addColumn('client_id', 'integer');
+        $authCode->addColumn('user_id', 'integer');
+        $authCode->addColumn('token', 'string');
+        $authCode->addColumn('redirect_uri', 'text');
+        $authCode->addColumn('expires_at', 'integer');
+        $authCode->addColumn('scope', 'string');
+        $authCode->addUniqueIndex(array('token'));
+        $authCode->addIndex(array('client_id'));
+        $authCode->addIndex(array('user_id'));
+        $authCode->setPrimaryKey(array('id'));
+        $accessToken = $schema->createTable('access_token');
+        $accessToken->addColumn('id', 'integer', array('autoincrement' => true));
+        $accessToken->addColumn('client_id', 'integer');
+        $accessToken->addColumn('token', 'string');
+        $accessToken->addColumn('expires_at', 'integer');
+        $accessToken->addColumn('scope', 'string');
+        $accessToken->addUniqueIndex(array('token'));
+        $accessToken->addIndex(array('client_id'));
+        $accessToken->setPrimaryKey(array('id'));
+        $refreshToken = $schema->createTable('refresh_token');
+        $refreshToken->addColumn('id', 'integer', array('autoincrement' => true));
+        $refreshToken->addColumn('client_id', 'integer');
+        $refreshToken->addIndex(array('client_id'));
+        $refreshToken->addColumn('token', 'string');
+        $refreshToken->addColumn('expires_at', 'integer');
+        $refreshToken->addColumn('scope', 'string');
+        $refreshToken->addUniqueIndex(array('token'));
+        $refreshToken->setPrimaryKey(array('id'));
+        $authCode->addForeignKeyConstraint($client, array('client_id'), array('id'));
+        $authCode->addForeignKeyConstraint($users, array('user_id'), array('id'));
+        $accessToken->addForeignKeyConstraint($client, array('client_id'), array('id'));
+        $accessToken->addForeignKeyConstraint($users, array('user_id'), array('id'));
+        $refreshToken->addForeignKeyConstraint($client, array('client_id'), array('id'));
+        $refreshToken->addForeignKeyConstraint($users, array('user_id'), array('id'));
+    }
+
+    /**
+     * @param Schema $schema
+     */
+    public function down(Schema $schema)
+    {
+        $schema->dropTable('auth_code');
+        $schema->dropTable('access_token');
+        $schema->dropTable('refresh_token');
+        $schema->dropTable('client');
+        $schema->dropTable('users');
+    }
+}
@@ -0,0 +1,22 @@
+{% extends "base.html.twig" %}
+{% block body %}
+<div class="form">
+    <form  action="" method="post">
+         <h2>OAuth Authorization</h2>
+        {% if(error) %}
+            <div class='form_error' style="color: red"></div>
+        {% endif %}
+        <div class="form_item">
+            <div class="form_label"><label for="username">Username</label>:</div>
+            <div class="form_widget"><input type="text" id="username" name="_username" /></div>
+        </div>
+        <div class="form_item">
+            <div class="form_label"><label for="password">Password</label>:</div>
+            <div class="form_widget"><input type="password" id="password" name="_password" /></div>
+        </div>
+        <div class="form_button">
+            <input type="submit" id="_submit" name="_submit" value="Log In" />
+        </div>
+    </form>
+</div>
+{% endblock %}
@@ -5,7 +5,7 @@ imports:
 
 framework:
     #esi:             ~
-    #translator:      { fallbacks: ["%locale%"] }
+    translator:      { fallbacks: ["%locale%"] }
     secret:          "%secret%"
     router:
         resource: "%kernel.root_dir%/config/routing.yml"
@@ -88,4 +88,15 @@ nelmio_cors:
             allow_origin: ['*']
             allow_headers: ['*']
             allow_methods: ['POST', 'GET', 'PUT', 'DELETE']
-            max_age: 3600
+            max_age: 3600
+
+fos_oauth_server:
+    db_driver: orm
+    client_class:        AppBundle\Entity\Client
+    access_token_class:  AppBundle\Entity\AccessToken
+    refresh_token_class: AppBundle\Entity\RefreshToken
+    auth_code_class:     AppBundle\Entity\AuthCode
+    service:
+        user_provider: platform.user.provider
+        options:
+            supported_scopes: user
@@ -1,3 +1,17 @@
 app:
     resource: "@AppBundle/Controller/"
     type:     annotation
+
+fos_oauth_server_token:
+    resource: "@FOSOAuthServerBundle/Resources/config/routing/token.xml"
+
+fos_oauth_server_authorize:
+    resource: "@FOSOAuthServerBundle/Resources/config/routing/authorize.xml"
+
+acme_oauth_server_auth_login:
+    pattern:  /oauth/v2/auth_login
+    defaults: { _controller: AppBundle:Security:login }
+
+acme_oauth_server_auth_login_check:
+    pattern:  /oauth/v2/auth_login_check
+    defaults: { _controller: AppBundle:Security:loginCheck }
@@ -16,3 +16,7 @@ _errors:
 
 _main:
     resource: routing.yml
+
+## AcmeDemoBundle routes (to be removed)
+#_acme_demo:
+#    resource: "@AcmeDemoBundle/Resources/config/routing.yml"
@@ -1,52 +1,52 @@
-# you can read more about security in the related section of the documentation
-# http://symfony.com/doc/current/book/security.html
+
 security:
-    # http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
     encoders:
-        Symfony\Component\Security\Core\User\User: plaintext
+        AppBundle\Entity\User:
+            algorithm:        sha1
+            encode_as_base64: false
+            iterations:       1
 
-    # http://symfony.com/doc/current/book/security.html#hierarchical-roles
     role_hierarchy:
         ROLE_ADMIN:       ROLE_USER
-        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
+        ROLE_SUPER_ADMIN: ROLE_ADMIN
 
-    # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
     providers:
-        in_memory:
-            memory:
-                users:
-                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
-                    admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+        user_provider:
+          id: platform.user.provider
 
-    # the main part of the security, where you can set up firewalls
-    # for specific sections of your app
     firewalls:
-        # disables authentication for assets and the profiler, adapt it according to your needs
         dev:
             pattern:  ^/(_(profiler|wdt)|css|images|js)/
             security: false
-        # the login page has to be accessible for everybody
-        demo_login:
-            pattern:  ^/demo/secured/login$
+
+        login:
+            pattern:  ^/oauth/v2/auth_login$
             security: false
+        oauth_token:
+            pattern:    ^/oauth/v2/token
+            security:   false
 
-        # secures part of the application
-        demo_secured_area:
+        secured_area:
             pattern:    ^/demo/secured/
-            # it's important to notice that in this case _demo_security_check and _demo_login
-            # are route names and that they are specified in the AcmeDemoBundle
             form_login:
-                check_path: _demo_security_check
+                provider: user_provider
+                check_path: _security_check
                 login_path: _demo_login
             logout:
                 path:   _demo_logout
                 target: _demo
-            #anonymous: ~
-            #http_basic:
-            #    realm: "Secured Demo Area"
+        oauth_authorize:
+            pattern:    ^/oauth/v2/auth
+            form_login:
+                provider: user_provider
+                check_path: _security_check
+                login_path: _demo_login
+            anonymous: true
+        api:
+            pattern:    ^/api
+            fos_oauth:  true
+            stateless:  true
 
-    # with these settings you can restrict or allow access for different parts
-    # of your application based on roles, ip, host or methods
-    # http://symfony.com/doc/current/cookbook/security/access_control.html
     access_control:
-        #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
+       - { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
+       - { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
@@ -1,9 +1,23 @@
 # Learn more about services, parameters and containers at
 # http://symfony.com/doc/current/book/service_container.html
 parameters:
-#    parameter_name: value
+#    platform.entity.user.class: Acme\DemoBundle\Entity\User
+#    platform.user.provider.class: Acme\DemoBundle\Provider\UserProvider
 
 services:
-#    service_name:
-#        class: AppBundle\Directory\ClassName
-#        arguments: ["@another_service_name", "plain_value", "%parameter_name%"]
+    platform.user.manager:
+        class: Doctrine\ORM\EnityManager
+        factory: ["@doctrine", getManagerForClass]
+        arguments:
+            - AppBundle\Entity\User
+    platform.user.repository:
+        class: AppBundle\Entity\UserRepository
+        factory: ["@platform.user.manager", getRepository]
+        arguments:
+            - AppBundle\Entity\User
+    platform.user.provider:
+        class: AppBundle\Provider\UserProvider
+        arguments:
+            - "@platform.user.repository"
+
+
@@ -23,7 +23,9 @@
         "incenteev/composer-parameter-handler": "~2.0",
         "doctrine/migrations": "1.0.*@dev",
         "doctrine/doctrine-migrations-bundle": "2.1.*@dev",
-        "nelmio/cors-bundle": "~1.4"
+        "doctrine/doctrine-fixtures-bundle": "2.2.*",
+        "nelmio/cors-bundle": "~1.4",
+        "friendsofsymfony/oauth-server-bundle": "dev-master"
     },
     "require-dev": {
         "sensio/generator-bundle": "~2.3"