Last active
March 23, 2022 15:58
-
-
Save webdevilopers/38acf88833fe46574bdbe66e52e0fff6 to your computer and use it in GitHub Desktop.
Sending JWT Token in Guzzle POST with LexikJWTAuthenticationBundle
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace AppBundle\Controller; | |
| class DefaultController extends Controller | |
| { | |
| /** | |
| * @Route("/gettoken") | |
| */ | |
| public function getToken() | |
| { | |
| $request = $this->getRequest(); | |
| $user = $this->getDoctrine() | |
| ->getRepository('AppBundle:User') | |
| ->findOneBy(['username' => $request->getUser()]); | |
| if (!$user) { | |
| throw $this->createNotFoundException(); | |
| } | |
| $isValid = $this->get('security.password_encoder') | |
| ->isPasswordValid($user, $request->getPassword()); | |
| if (!$isValid) { | |
| throw new BadCredentialsException(); | |
| } | |
| $token = $this->get('lexik_jwt_authentication.jwt_manager')->create($user); | |
| return new JsonResponse(['token' => $token]); | |
| } | |
| /** | |
| * @Route("/client", name="rewotec_customer.jwt_client") | |
| */ | |
| public function apiClient() | |
| { | |
| $client = new Client(); | |
| $response = $client->post('http://dev.microservice1.com/gettoken', [ | |
| 'auth' => ['admin', 'test1234'] | |
| ]); | |
| $body = json_decode($response->getBody(), true); | |
| $token = $body['token']; | |
| $decrypt = $this->get('lexik_jwt_authentication.encoder')->decode($token); // Success! | |
| $response2 = $client->post('http://dev.microservice1.com/api/secure', [ | |
| 'headers' => [ | |
| 'Authorization' => 'Bearer '.$token | |
| ] | |
| ]); | |
| return new Response($response2->getBody()); | |
| } | |
| /** | |
| * @Route("/api/secure") | |
| */ | |
| public function secure() | |
| { | |
| return new Response('Logged in'); | |
| } | |
| } | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| security: | |
| encoders: | |
| FOS\UserBundle\Model\UserInterface: { id: security.encoder.legacy } | |
| role_hierarchy: | |
| ROLE_ADMIN: | |
| - ROLE_USER | |
| - ROLE_CUSTOMER | |
| ROLE_SUPER_ADMIN: ROLE_ADMIN | |
| ROLE_API: [ROLE_USER] | |
| providers: | |
| fos_userbundle: | |
| id: fos_user.user_provider.username | |
| firewalls: | |
| login: | |
| pattern: ^/api/login | |
| stateless: true | |
| anonymous: true | |
| provider: fos_userbundle | |
| form_login: | |
| check_path: /api/login_check | |
| require_previous_session: false | |
| success_handler: lexik_jwt_authentication.handler.authentication_success | |
| failure_handler: lexik_jwt_authentication.handler.authentication_failure | |
| api: | |
| pattern: ^/api | |
| stateless: true | |
| anonymous: false | |
| provider: fos_userbundle | |
| guard: | |
| authenticators: | |
| - lexik_jwt_authentication.jwt_token_authenticator | |
| lexik_jwt: | |
| authorization_header: # check token in Authorization Header | |
| enabled: true | |
| prefix: Bearer | |
| query_parameter: # check token in query string parameter | |
| enabled: false | |
| dev: | |
| pattern: ^/(_(profiler|wdt)|css|images|js)/ | |
| security: false | |
| access_control: | |
| - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/client, roles: [IS_AUTHENTICATED_ANONYMOUSLY] } | |
| - { path: ^/gettoken, roles: [IS_AUTHENTICATED_ANONYMOUSLY] } | |
| - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/api, roles: [IS_AUTHENTICATED_FULLY] } |
curl -H "Authorization: Bearer TOKEN" http://dev.customer.rewotec.com/api/secure
returns "Bad credentials"
My virtual host needed the entry from the original symfony .htaccess which was not loaded by my apache:
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
Thanks to @chalasr supporting me on this.
Is the /api/login_check URL just for testing the application or is it also recommended to be used as the public login URL?
Thanks to @chalasr supporting me on this.
The /api/login_check URL is not just for testing the application. It can be used in production!
Came from:
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
successfully returns the token.