-
-
Notifications
You must be signed in to change notification settings - Fork 614
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The algorithm with the alias "" is not supported #1223
Comments
I was finally able to get back to this today. After doing some additional debugging, the same problem exists in LexikJWTAuthenticationBundle/Services/WebToken/AccessTokenLoader.php Lines 48 to 52 in b20c4ae
Likewise, the service arguments are set here: LexikJWTAuthenticationBundle/DependencyInjection/LexikJWTAuthenticationExtension.php Lines 236 to 244 in b20c4ae
The service is expecting the encryption algorithms and associated keysets to be The easiest solution in both cases would probably be to make sure the appropriate arguments are set to WorkaroundI've been able to fix both of these issues in my // src/Kernel.php
namespace App;
use Symfony\Bundle\FrameworkBundle\Kernel\MicroKernelTrait;
use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\HttpKernel\Kernel as BaseKernel;
class Kernel extends BaseKernel implements CompilerPassInterface
{
use MicroKernelTrait;
// ...
public function process(ContainerBuilder $container): void
{
$accessTokenBuilderService = 'lexik_jwt_authentication.access_token_builder';
$accessTokenLoaderService = 'lexik_jwt_authentication.access_token_loader';
if ($container->hasDefinition($accessTokenBuilderService)) {
$container->getDefinition($accessTokenBuilderService)
->replaceArgument(5, null)
->replaceArgument(6, null)
->replaceArgument(7, null);
}
if ($container->hasDefinition($accessTokenLoaderService)) {
$container->getDefinition($accessTokenLoaderService)
->replaceArgument(9, null)
->replaceArgument(10, null)
->replaceArgument(11, null)
->replaceArgument(12, null);
}
}
// ...
} This doesn't solve the core problem, but it's a reasonable and easy to implement workaround until it is fixed. |
Thanks for the detailed report and workaround! |
You're welcome! I've created a pull request that addresses the root cause. Setting default values for the problematic arguments in the service configurations and changing the logic to look for empty arrays instead of This fix was originally suggested in #1209, but it wasn't fully implemented in #1214. Empty strings were set as default values and the logic wasn't updated in |
Are there any updates on this? Is there anything you'd like changed/reworked in the pull request I created? I'm using the workaround I described above in projects that use this bundle and that's continued to work well. So, there's absolutely no rush. But it'd be nice to not have to use a compiler pass to fix the configuration. |
I've been attempting to configure this bundle to use the Web-Token feature as outlined in the documentation and have run into some issues.
I have the following configuration:
If encryption isn't enabled, an
InvalidArgumentException
is always thrown byAccessTokenBuilder
whenever a request for a token is made. For example, the following always fails when encryption isn't enabled:The problematic lines of code appear to be here:
LexikJWTAuthenticationBundle/Services/WebToken/AccessTokenBuilder.php
Lines 68 to 71 in b20c4ae
$keyEncryptionAlgorithm
and$contentEncryptionAlgorithm
aren't automatically set tonull
if they aren't defined and instead are set to empty strings. This always causes an exception to the thrown due to the encryption algorithm being set to an empty string. If I manually set both variables tonull
before the above lines of code, my configuration works and a token is correctly sent in the response.The encryption related service arguments are replaced here, but only if encryption is enabled:
LexikJWTAuthenticationBundle/DependencyInjection/LexikJWTAuthenticationExtension.php
Lines 217 to 224 in b20c4ae
Otherwise, they remain as empty strings, which doesn't appear to be the intention since it makes encryption mandatory.
I've attempted to directly set the encryption configuration options to
null
as a possible workaround, but that causes a different exception to be thrown that says they can't benull
. That seems to directly contradict the service responsible for building tokens.Am I missing an important configuration option/detail that addresses these issues or is this a bug? I've gone through the code and documentation in an attempt to find such an option and haven't had any luck. Is encryption supposed to be required when using the web-token feature?
The text was updated successfully, but these errors were encountered: