请求标题未通过生产

时间:2017-08-29 07:16:07

标签: symfony request-headers lexikjwtauthbundle

我有一个Symfony 2.8 API,用于响应webapp的数据,之前一切正常。 我正在使用LexikJWTAuthenticationBundle + Guard来验证/ api。

仅在生产中我的请求中缺少auth标头。在当地一切都很好。我正在使用邮递员进行测试。

生产申请标题:

object(Symfony\Component\HttpFoundation\HeaderBag)#10 (2) {
  ["headers":protected]=>
  array(9) {
    ["cache-control"]=>
    array(1) {
      [0]=>
      string(8) "no-cache"
    }
    ["postman-token"]=>
    array(1) {
      [0]=>
      string(36) "9ad903a8-9f35-4ecf-8da3-dddb1f8ff2ca"
    }
    ["user-agent"]=>
    array(1) {
      [0]=>
      string(20) "PostmanRuntime/6.2.5"
    }
    ["accept"]=>
    array(1) {
      [0]=>
      string(3) "*/*"
    }
    ["host"]=>
    array(1) {
      [0]=>
      string(16) "pro.musehall.com"
    }
    ["cookie"]=>
    array(1) {
      [0]=>
      string(36) "PHPSESSID=6ca4iil63v2fiadfdpfnb6vlq4"
    }
    ["accept-encoding"]=>
    array(1) {
      [0]=>
      string(13) "gzip, deflate"
    }
    ["connection"]=>
    array(1) {
      [0]=>
      string(10) "keep-alive"
    }
    ["x-php-ob-level"]=>
    array(1) {
      [0]=>
      int(1)
    }
  }

本地请求标头:

object(Symfony\Component\HttpFoundation\HeaderBag)#10 (2) {
  ["headers":protected]=>
  array(10) {
    ["authorization"]=>
    array(1) {
      [0]=>
      string(938) ""Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJlbWFpbCI6Im5pY29sYXNAYXB4LWRldi5jb20iLCJpZCI6OTExMTExNDExLCJhcGlLZXkiOiJhNGExZjM3NjQwZDkzM2UwYjRlYzg4ZDBiY2VjMjgyODNkYTRjNzU1IiwiZmlyc3RuYW1lIjoiTmljb2xhcyIsImxhc3RuYW1lIjoiQXB4IiwiaWF0IjoiMTUwMzk1NzYyNSJ9.j1hLlRoVNSkS5UotPGuV1PsVgePGb9BQSxceBrE2oxilpXNJUApfwHJ4iGjhvjtAugBO5LTd9EF4_cTSlh9NxGy_oTRalH8EeM8BNE2tK6WTvxiC-B0hxRl9ifmKfIVdNZm4_l6NFZaYGdE7isQozPj8stwjfWkitUg5cRSLCztKmXAc8fU4DttFzLMUi7G2cB1JxeWxYpXSmy_DNrVeDzvEt86MmE7xCuO79kk6MBDC4P848NOOZLTy8hMKpXFwqHV0A8voJTVNGJZZWIrX2GiUBQZxZBquJyqRgO3C2bboHQChPF_ETZ1Wj7OvCMwIsqAFPIasPZqcK3eBMmAde9CAWQ_a7-_izk5iBD6wbSrCVMd_NDpATsKK5uqI23Kvm5PY8A__TpYMI7DmIKd6NZe2WaBIA9nIkPLNWgomy_OUISsR1DfTUgpX9R_lT5odqDxLfHU17pEhrXnwMoghYQFN2oZuqtC6wwht05qDVvCvNMpM3VLqySus7j7lUogjEMawW-WvmUhVqnCJ079ZkpqU-CDTKOwt2rS63Y3ojGKCc3_faFNlB1T_Arm1M91ukfzSZS3uctkm9Sfcfwt8KMizWvmLpYbs7Mj6QsAhseNbW9MZ2kger_BvRSCOc0rhWWVylZ_n0ra5wz5yJbgoKo252YxMWhqW5YGPDAH6xZE""
    }
    ["cache-control"]=>
    array(1) {
      [0]=>
      string(8) "no-cache"
    }
    ["postman-token"]=>
    array(1) {
      [0]=>
      string(36) "144afa4f-c482-4a30-8369-2a4b2f6e1a29"
    }
    ["user-agent"]=>
    array(1) {
      [0]=>
      string(20) "PostmanRuntime/6.2.5"
    }
    ["accept"]=>
    array(1) {
      [0]=>
      string(3) "*/*"
    }
    ["host"]=>
    array(1) {
      [0]=>
      string(12) "musehall.dev"
    }
    ["cookie"]=>
    array(1) {
      [0]=>
      string(36) "PHPSESSID=22v5la94j3m97mr54c31um67g2"
    }
    ["accept-encoding"]=>
    array(1) {
      [0]=>
      string(13) "gzip, deflate"
    }
    ["connection"]=>
    array(1) {
      [0]=>
      string(10) "keep-alive"
    }
    ["x-php-ob-level"]=>
    array(1) {
      [0]=>
      int(1)
    }
  }
  ["cacheControl":protected]=>
  array(1) {
    ["no-cache"]=>
    bool(true)
  }
}

正如您所见,生产服务器上缺少令牌。

我最近改变的唯一一件事就是我更新了我的证书机构证书。

Lexi config:

# json web token bundle
lexik_jwt_authentication:
    private_key_path: "%jwt_private_key_path%"
    public_key_path:  "%jwt_public_key_path%"
    pass_phrase:      "%jwt_key_pass_phrase%"
    token_ttl:        "%jwt_token_ttl%"

任何想法?

1 个答案:

答案 0 :(得分:0)

可能是因为apache剥离了授权标头。请参阅软件包文档中的"Important note for apache users"

  

Apache服务器将剥离任何不具有有效HTTP BASIC AUTH格式的Authorization标头。

     

如果您打算使用此捆绑包的授权标头模式(您应该),请将这些规则添加到您的VirtualHost配置中:

     

RewriteEngine On
  RewriteCond %{HTTP:Authorization} ^(.*)
  RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

相关问题
最新问题