使用Guard的Symfony 4.3中的JWT身份验证

时间:2019-08-26 11:18:58

标签: symfony4 lexikjwtauthbundle

我是symfony的新手。

我正在尝试使用lexik / jwt-authentication-bundle v2.6和Symfony v4.3实施JWT身份验证 我成功实现了登录,它为我提供了jwt令牌。 使用JWT令牌访问限制区域时,也可以在security.yml中使用以下配置进行操作

login:
            pattern: ^/login
            stateless: true
            anonymous: true
            json_login:
                check_path: /login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
            pattern: ^/
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator

但是此配置给出以下警告: @自2.0以来已弃用,请使用“ lexik_jwt_authentication.jwt_token_authenticator”防护程序

所以我实现了自己的App \ Security \ TokenAuthenticator 扩展了AbstractGuardAuthenticator 并更改了

guard:
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator


guard:
            authenticators:
                #- lexik_jwt_authentication.jwt_token_authenticator
                - App\Security\TokenAuthenticator

更改配置后,我收到“无效的JWT令牌”错误。 抛出错误是因为在vendor / lexik / jwt-authentication-bundle / Services / JWTManager.php(第96行)中

    /**
 * {@inheritdoc}
 */
public function decode(TokenInterface $token)
{
    if (!($payload = $this->jwtEncoder->decode($token->getCredentials()))) { //line 96
        return false;
    }

    $event = new JWTDecodedEvent($payload);
    if ($this->dispatcher instanceof ContractsEventDispatcherInterface) {
        $this->dispatcher->dispatch($event, Events::JWT_DECODED);
    } else {
        $this->dispatcher->dispatch(Events::JWT_DECODED, $event);
    }

    if (!$event->isValid()) {
        return false;
    }

    return $payload;
}

$ token是Symfony \ Component \ Security \ Guard \ Token \ PostAuthenticationGuardToken 类型及其getCredentials()函数的实现返回空数组:

    /**
 * This is meant to be only an authenticated token, where credentials
 * have already been used and are thus cleared.
 *
 * {@inheritdoc}
 */
public function getCredentials()
{
    return [];
}

我在Internet上找不到解决方案。

预先感谢

1 个答案:

答案 0 :(得分:0)

事实证明,LexikJWTAuthenticationBundle捆绑包具有使用Guard的自己的实现:JWTTokenAuthenticator 您还可以扩展它:

namespace App\Security\Guard;

use Lexik\Bundle\JWTAuthenticationBundle\Security\Guard\JWTTokenAuthenticator as BaseAuthenticator;

class JWTTokenAuthenticator extends BaseAuthenticator

{
    // Your own logic
}

在services.yml 

# config/services.yaml
services:
    app.jwt_token_authenticator:
        class: App\Security\Guard\JWTTokenAuthenticator
        parent: lexik_jwt_authentication.security.guard.jwt_token_authenticator            
        #---below 3 lines are absent in documentation
        public: true
        autowire: true
        autoconfigure: false

最后进入security.yml:

security:
    # ...
    firewalls:
        # ...
        api:
            pattern:   ^/api
            stateless: true
            guard: 
                authenticators:
                    - app.jwt_token_authenticator

有关更多信息,请在此处登录:Extending JWTTokenAuthenticator

相关问题
最新问题