Bonjour,

j'utilise le bundle : LexikJWTAuthenticationBundle pour une API REST

je veux simplement me connecter en utilisant in_memory comme provider (ne pas tenir compte de App/Entity/User)

j'obtiens un Bad credentials - 401


Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
 
POST http://localhost:8000/login_check
{
    "username": "admin",
    "password": "admin"
}
security.yaml
Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
security:
    encoders:
        App\Entity\User:
            algorithm: bcrypt
        Symfony\Component\Security\Core\User\User:
            algorithm: bcrypt
 
    role_hierarchy:    
        ROLE_ADMIN: ROLE_USER
 
    providers:
        entity_provider:
            entity:
                class: App\Entity\User
                property: username
 
        in_memory:
            memory:
                users:
                    admin:
                        password: admin
                        roles: 'ROLE_ADMIN'
 
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login:
            pattern:  ^/login
            stateless: true
            anonymous: true
            provider: in_memory
            json_login:
                check_path: /login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
 
        register:
            pattern:  ^/register
            stateless: true
            anonymous: true
 
        api:
            pattern:  ^/api
            stateless: true
            anonymous: false
            provider: in_memory
            guard:
                authenticators:
                    - App\Security\MemoryAuthenticator
                    #- lexik_jwt_authentication.jwt_token_authenticator
                entry_point: App\Security\MonEntrepriseAuthenticator
 
    access_control:



Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 
<?php
 
// src/Security/TokenAuthenticator.php
namespace App\Security;
 
use App\Entity\User;
use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
use Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\AuthorizationHeaderTokenExtractor;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserProviderInterface;
 
class MemoryAuthenticator extends AbstractGuardAuthenticator
{
    private $jwtEncoder;
    private $em;
 
    /**
     * Default message for authentication failure.
     *
     * @var string
     */
    private $failMessage = 'Invalid credentials';
 
    public function __construct(JWTEncoderInterface $jwtEncoder, EntityManagerInterface $em)
    {
        $this->jwtEncoder = $jwtEncoder;
        $this->em = $em;
    }
 
    /**
     * Called on every request to decide if this authenticator should be
     * used for the request. Returning false will cause this authenticator
     * to be skipped.
     */
    public function supports(Request $request)
    {
        return $request->headers->has('X-AUTH-TOKEN');
    }
 
    /**
     * Called on every request. Return whatever credentials you want to
     * be passed to getUser() as $credentials.
     */
    public function getCredentials(Request $request)
    {
        $extractor = new AuthorizationHeaderTokenExtractor(
            'Bearer',
            'Authorization'
        );
        $token = $extractor->extract($request);
 
        if (!$token) {
            return;
        }
        return $token;
    }
 
    public function getUser($credentials, UserProviderInterface $userProvider)
    {
 
        $data = $this->jwtEncoder->decode($credentials);
        if ($data === false) {
            throw new CustomUserMessageAuthenticationException('Invalid Token');
        }
        $username = $data['username'];
 
        return $username === "admin";
    }
 
    public function checkCredentials($credentials, UserInterface $user)
    {
        // check credentials - e.g. make sure the password is valid
        // no credential check is needed in this case
        return true;
    }
 
    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
    {
        // on success, let the request continue
        // on success, let the request continue
        return null;
    }
 
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        $data = [
            'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
 
            // or to translate this message
            // $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
        ];
 
        return new JsonResponse($data, "--------");
    }
 
    /**
     * Called when authentication is needed, but it's not sent
     */
    public function start(Request $request, AuthenticationException $authException = null)
    {
        throw new CustomUserMessageAuthenticationException("1111111");
 
 
        $data = [
            // you might translate this message
            'message' => 'Authentication Required'
        ];
 
        return new JsonResponse($data, "999999999999999");
    }
 
    public function supportsRememberMe()
    {
        return false;
    }
}