I'm implementing Lexik JWT library with Sf 4.1. In my case I have to create a JWT Token when needed for several applications through custom authenticator. I have followed the lexik documentation, however I am facing an issue for couple of hours for signing my token. The only thing different than casual case : I use doctrine-odm insteand of doctrine-orm for using MongoDb.
Here the files :
security.yaml :
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
role_hierarchy:
ROLE_ADMIN: ROLE_USER
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
anonymous: ~
logout:
path: /logout
target: /login
remember_me:
secret: '%env(APP_SECRET)%'
guard:
authenticators:
- App\Security\GuardAuthenticator\LoginFormAuthenticator
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
lexik_jwt_authentication.yaml :
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(resolve:JWT_PASSPHRASE)%'
token_ttl: 3600
LoginFormAuthenticator.php (onAuthenticationSuccess method) :
/**
* @param Request $request
* @param TokenInterface $token
* @param string $providerKey
*
* @return null|JsonResponse
*/
public function onAuthenticationSuccess(
Request $request,
TokenInterface $token,
$providerKey
): ?JsonResponse {
/** @var User $user */
$user = $token->getUser();
$apiToken = $this->jwtTokenManager->create($user);
$user->setApiToken($apiToken);
$this->documentManager->persist($user);
$this->documentManager->flush();
return new JsonResponse(['Authorization' => $apiToken]);
}
private.pem :
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,F05739F4D47EE90DADA678BA60000AE4
<sensitive data>
-----END RSA PRIVATE KEY-----
I tried to inspect parameters passed to create or sign method in vendor :
- The "key" parameter passed is the path string to the file, and it is not working, getting " Unable to create a signed JWT from the given configuration." error
Do you have any piece of advice to help me please ?
Use this method to create the jwt token