-
-
Notifications
You must be signed in to change notification settings - Fork 612
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new jwt
authenticator for Symfony 5.3+ Security system
#872
Add new jwt
authenticator for Symfony 5.3+ Security system
#872
Conversation
Added unit tests to my new authenticator. The only point that frustrates me is being forced to inject the UserProvider & store the payload as a property of the class to be able to pass them down to the I didn't find a way to work around this issue and rely simply on the UserProvider structure & pass only the identifier to the UserBadge to let the magic work it all! If anyone has an idea, I'm open to it :) |
@TristanPouliquen Thank you very much for this PR! You just made my day :) |
cae10f4
to
656812a
Compare
@chalasr Np! Still fighting with getting it to pass all the different CIs & make it backwards compatible though |
I bounced this PR around in one of my apps yesterday to see if there was a way to just use Symfony's authenticator manager without the authenticator needing to be aware of the user provider, and I couldn't come up with anything. It's basically stuck like this thanks to |
One of the biggest things that'll help will be to check if |
68c2176
to
d1cfc68
Compare
Tests are passing on all scenarii except for PHP8 & SF5.x-dev => composer does not seem to be able to resolve a correct set of dependencies. Someone has any idea of why? |
In the meantime, I've switched it to a more reasonable |
Sounds good 👍 |
There isn’t a 5.x branch anymore, so it can always use a version string and work right. |
What's the next step on this PR now? :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice start! This misses registering the authenticator as a service (via a factory). I'm going to address my own comments and add what's missing if you don't mind.
* @return array|false The JWT token payload or false if an error occurs | ||
* @throws JWTDecodeFailureException | ||
*/ | ||
public function decodeFromJsonWebToken(string $jwtToken); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adding a new method to an interface is a BC break.
To avoid that, we need to introduce that method as "virtual" first using the @method
phpdoc annotation. Then, in 3.0, we will remove the phpdoc and add the real method.
Here is an example from Symfony core for inspiration: https://github.com/symfony/symfony/blob/5.4/src/Symfony/Component/PasswordHasher/Hasher/UserPasswordHasherInterface.php#L21
81c2f28
to
f27d469
Compare
1e86bb9
to
0f395a5
Compare
0f395a5
to
c503ce9
Compare
Now green and deprecation-free! (well, one remaining notice but purely testing/internal, should not impact developers). Before: # config/packages/security.yaml
security:
# ...
firewalls:
api:
pattern: ^/api
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator After: # config/packages/security.yaml
security:
enable_authenticator_manager: true
# ...
firewalls:
api:
pattern: ^/api
stateless: true
jwt: ~ We might add more configuration under the I'm going to merge this and draft a new release later today. |
jwt
authenticator for Symfony 5.3+ Security system
Thank you very much @TristanPouliquen, this is much appreciated. |
Released in v2.12.0. |
Hi! Please correct me if I'm wrong, but looks like the idea from this comment: #872 (comment) was never executed? There's a new method in the interface in 2.12: Our CI setup started failing with:
which pointed me to this PR. |
@mnocon You're right, I'm going to revert that breaking change this weekend. Thanks for noticing! |
@chalasr thank you for confirming this, for now we will stick with 2.11.x and update when the next release is available. Also thank you for maintaining this bundle! 💪 |
Working on implementing the new Authenticator system with Passports & Badges in LexikJWT.
Fixes #874
Fixes #866
Fixes #810