未找到 Lexik JWT 令牌
Lexik JWT Token not found
我见过类似的问题,但仍然无法正常工作。
我是 Symfony 的新手,我正在使用 Lexik JWT 捆绑包和 symfony3 进行 API 身份验证,并使用登录表单进行 Web 身份验证。
我得到了令牌,但是当我尝试使用它时,我得到了 401 - 身份验证错误。
我读过它可能是一个 apache 问题,所以我正在尝试使用 PHP 的 built-in 网络服务器,但仍然没有成功。
这是我的 security.yml 文件:
security:
encoders:
AppBundle\Entity\User:
algorithm: bcrypt
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
our_db_provider:
entity:
class: AppBundle:User
property: username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
provider: our_db_provider
api:
pattern: ^/api
stateless: true
provider: our_db_provider
lexik_jwt:
authorization_header: # check token in Authorization Header
enabled: true
prefix: Bearer
throw_exceptions: true # When an authentication failure occurs, return a 401 response immediately
create_entry_point: true # When no authentication details are provided, create a default entry point that returns a 401 response
main:
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
provider: our_db_provider
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: [ROLE_ADMIN, ROLE_USER] }
如果我在 api 防火墙中将 create_entry_point 设置为 false,我会收到 500 错误:在 TokenStorage 中找不到令牌。
也许我传递令牌的方式有误?我尝试了几种方法,因为我不确定哪一种是正确的。这是我的 headers:
POST /api/notifications HTTP/1.1
Host: localhost:8000
Authorization: bearer {"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0NTUwMDk1ODAsInVzZXJuYW1lIjoiYXNvcmlhIiwiaWF0IjoiMTQ1NDkyMzE4MCJ9.rwgAkLBesTYOZn3B96Jlsf9_3Qy-rjrRt2l5UxdXD8ZadJ2YbK-9m7qNqUd9-bhaA_MFL1lssPZ-0AzmQCZx8bL8XD_l2_df0wfVm6Le6pEJEJk0arbyxlEOZ-9LrRdOa6EjnzDcZT6Wn76QNOsCSjME7rjk0w0lLs4eXAaXGAYL6lqU4YoiM1xnifzHgGtJKc7RBBivY8yHjfs51S6GwEKzPGrYMUTZWmjhxFPlKZCqEJlaJ6NT82A3PuoISCMUvt7AuxhHdgeuS-TMjdTY-WhqaL7f7Z2FP0_FstKVORHDzC1vf7VlylF76SnF0Sh2tMTuvf70zYnD_gF0k7b9zoOp54e0mJt0XaLTyCtomPSeDhfJV1wJY6EZsrvdUrrHXXtXhA6K70FIM_nQJPVo4Raht-hQWmOnWb3Ib0SvvytQHP96klXVgKHyIaicEjvWhmonzgSRndme4HGXlPWmbKH6tVJpvWatOeaWD4jjS-ZLD_5oBr_o3vNPw81oZj0huI6OgzYvXDpLPw3P7Ma4LmBdQOLwpUEPG3LnuKIdU27umFTrN3T-Cfrb6kITU1BTaTL-AIOM-F6FDlcgJfYxOs6GEFOlFtjJ5KSAEiY8DWiubbrS-VH9uaMlc9YapTlNVsUI7whzO7QmXzC-V8idrNoWBWVftyMDlA9YR_D7N9E"}
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
或者
POST /api/notifications HTTP/1.1
Host: localhost:8000
Authorization: bearer {"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0NTUwMDk1ODAsInVzZXJuYW1lIjoiYXNvcmlhIiwiaWF0IjoiMTQ1NDkyMzE4MCJ9.rwgAkLBesTYOZn3B96Jlsf9_3Qy-rjrRt2l5UxdXD8ZadJ2YbK-9m7qNqUd9-bhaA_MFL1lssPZ-0AzmQCZx8bL8XD_l2_df0wfVm6Le6pEJEJk0arbyxlEOZ-9LrRdOa6EjnzDcZT6Wn76QNOsCSjME7rjk0w0lLs4eXAaXGAYL6lqU4YoiM1xnifzHgGtJKc7RBBivY8yHjfs51S6GwEKzPGrYMUTZWmjhxFPlKZCqEJlaJ6NT82A3PuoISCMUvt7AuxhHdgeuS-TMjdTY-WhqaL7f7Z2FP0_FstKVORHDzC1vf7VlylF76SnF0Sh2tMTuvf70zYnD_gF0k7b9zoOp54e0mJt0XaLTyCtomPSeDhfJV1wJY6EZsrvdUrrHXXtXhA6K70FIM_nQJPVo4Raht-hQWmOnWb3Ib0SvvytQHP96klXVgKHyIaicEjvWhmonzgSRndme4HGXlPWmbKH6tVJpvWatOeaWD4jjS-ZLD_5oBr_o3vNPw81oZj0huI6OgzYvXDpLPw3P7Ma4LmBdQOLwpUEPG3LnuKIdU27umFTrN3T-Cfrb6kITU1BTaTL-AIOM-F6FDlcgJfYxOs6GEFOlFtjJ5KSAEiY8DWiubbrS-VH9uaMlc9YapTlNVsUI7whzO7QmXzC-V8idrNoWBWVftyMDlA9YR_D7N9E"}
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
有什么想法吗?
提前致谢!
权限header应该是
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9....9YR_D7N9E
第一个解决方案可以解决“401 - 身份验证错误”错误。
但是对于出现错误“401 - JWT Token not found”的 Apache 用户,解决方案是重写 HTTP 授权 header 的请求,通过在您的虚拟主机上放置以下说明:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
您可以在 documentation, on this post and this one.
上找到有关此问题的更多阅读材料
如果有人仍然遇到这个问题,尤其是在完成上述所有操作之后,您可以尝试类似的方法。除了使用 HTTP_AUTHORIZATION,您还可以使用自定义 http header,例如 Php-Auth-Digest。使用 HTTP_AUTHORIZATION 可能会很棘手,并且由于各种不同的服务器设置(尤其是使用共享服务器环境、cPanel 等)可能会从请求中删除
LexikJWT Bundle 中接受自定义 http header 的配置是这样的,
lexik_jwt_authentication:
# token extraction settings
token_extractors:
# look for a token as Authorization Header
authorization_header:
enabled: true
prefix: Bearer
name: Php-Auth-Digest
要了解有关此内容的更多信息,请访问此 link - https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/1-configuration-reference.md
从您的 api 应用程序发送 header 看起来像这样(这是 Angular 6 中的示例)
request = request.clone({
setHeaders: {
"Php-Auth-Digest": `Bearer ${currentUser.token}`,
}
});
我希望这对某人有所帮助。干杯。
我见过类似的问题,但仍然无法正常工作。
我是 Symfony 的新手,我正在使用 Lexik JWT 捆绑包和 symfony3 进行 API 身份验证,并使用登录表单进行 Web 身份验证。
我得到了令牌,但是当我尝试使用它时,我得到了 401 - 身份验证错误。 我读过它可能是一个 apache 问题,所以我正在尝试使用 PHP 的 built-in 网络服务器,但仍然没有成功。
这是我的 security.yml 文件:
security:
encoders:
AppBundle\Entity\User:
algorithm: bcrypt
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
our_db_provider:
entity:
class: AppBundle:User
property: username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
form_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
provider: our_db_provider
api:
pattern: ^/api
stateless: true
provider: our_db_provider
lexik_jwt:
authorization_header: # check token in Authorization Header
enabled: true
prefix: Bearer
throw_exceptions: true # When an authentication failure occurs, return a 401 response immediately
create_entry_point: true # When no authentication details are provided, create a default entry point that returns a 401 response
main:
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
provider: our_db_provider
access_control:
- { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_FULLY }
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: [ROLE_ADMIN, ROLE_USER] }
如果我在 api 防火墙中将 create_entry_point 设置为 false,我会收到 500 错误:在 TokenStorage 中找不到令牌。
也许我传递令牌的方式有误?我尝试了几种方法,因为我不确定哪一种是正确的。这是我的 headers:
POST /api/notifications HTTP/1.1
Host: localhost:8000
Authorization: bearer {"token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0NTUwMDk1ODAsInVzZXJuYW1lIjoiYXNvcmlhIiwiaWF0IjoiMTQ1NDkyMzE4MCJ9.rwgAkLBesTYOZn3B96Jlsf9_3Qy-rjrRt2l5UxdXD8ZadJ2YbK-9m7qNqUd9-bhaA_MFL1lssPZ-0AzmQCZx8bL8XD_l2_df0wfVm6Le6pEJEJk0arbyxlEOZ-9LrRdOa6EjnzDcZT6Wn76QNOsCSjME7rjk0w0lLs4eXAaXGAYL6lqU4YoiM1xnifzHgGtJKc7RBBivY8yHjfs51S6GwEKzPGrYMUTZWmjhxFPlKZCqEJlaJ6NT82A3PuoISCMUvt7AuxhHdgeuS-TMjdTY-WhqaL7f7Z2FP0_FstKVORHDzC1vf7VlylF76SnF0Sh2tMTuvf70zYnD_gF0k7b9zoOp54e0mJt0XaLTyCtomPSeDhfJV1wJY6EZsrvdUrrHXXtXhA6K70FIM_nQJPVo4Raht-hQWmOnWb3Ib0SvvytQHP96klXVgKHyIaicEjvWhmonzgSRndme4HGXlPWmbKH6tVJpvWatOeaWD4jjS-ZLD_5oBr_o3vNPw81oZj0huI6OgzYvXDpLPw3P7Ma4LmBdQOLwpUEPG3LnuKIdU27umFTrN3T-Cfrb6kITU1BTaTL-AIOM-F6FDlcgJfYxOs6GEFOlFtjJ5KSAEiY8DWiubbrS-VH9uaMlc9YapTlNVsUI7whzO7QmXzC-V8idrNoWBWVftyMDlA9YR_D7N9E"}
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
或者
POST /api/notifications HTTP/1.1
Host: localhost:8000
Authorization: bearer {"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJleHAiOjE0NTUwMDk1ODAsInVzZXJuYW1lIjoiYXNvcmlhIiwiaWF0IjoiMTQ1NDkyMzE4MCJ9.rwgAkLBesTYOZn3B96Jlsf9_3Qy-rjrRt2l5UxdXD8ZadJ2YbK-9m7qNqUd9-bhaA_MFL1lssPZ-0AzmQCZx8bL8XD_l2_df0wfVm6Le6pEJEJk0arbyxlEOZ-9LrRdOa6EjnzDcZT6Wn76QNOsCSjME7rjk0w0lLs4eXAaXGAYL6lqU4YoiM1xnifzHgGtJKc7RBBivY8yHjfs51S6GwEKzPGrYMUTZWmjhxFPlKZCqEJlaJ6NT82A3PuoISCMUvt7AuxhHdgeuS-TMjdTY-WhqaL7f7Z2FP0_FstKVORHDzC1vf7VlylF76SnF0Sh2tMTuvf70zYnD_gF0k7b9zoOp54e0mJt0XaLTyCtomPSeDhfJV1wJY6EZsrvdUrrHXXtXhA6K70FIM_nQJPVo4Raht-hQWmOnWb3Ib0SvvytQHP96klXVgKHyIaicEjvWhmonzgSRndme4HGXlPWmbKH6tVJpvWatOeaWD4jjS-ZLD_5oBr_o3vNPw81oZj0huI6OgzYvXDpLPw3P7Ma4LmBdQOLwpUEPG3LnuKIdU27umFTrN3T-Cfrb6kITU1BTaTL-AIOM-F6FDlcgJfYxOs6GEFOlFtjJ5KSAEiY8DWiubbrS-VH9uaMlc9YapTlNVsUI7whzO7QmXzC-V8idrNoWBWVftyMDlA9YR_D7N9E"}
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
有什么想法吗?
提前致谢!
权限header应该是
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9....9YR_D7N9E
第一个解决方案可以解决“401 - 身份验证错误”错误。
但是对于出现错误“401 - JWT Token not found”的 Apache 用户,解决方案是重写 HTTP 授权 header 的请求,通过在您的虚拟主机上放置以下说明:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
您可以在 documentation, on this post and this one.
上找到有关此问题的更多阅读材料如果有人仍然遇到这个问题,尤其是在完成上述所有操作之后,您可以尝试类似的方法。除了使用 HTTP_AUTHORIZATION,您还可以使用自定义 http header,例如 Php-Auth-Digest。使用 HTTP_AUTHORIZATION 可能会很棘手,并且由于各种不同的服务器设置(尤其是使用共享服务器环境、cPanel 等)可能会从请求中删除
LexikJWT Bundle 中接受自定义 http header 的配置是这样的,
lexik_jwt_authentication:
# token extraction settings
token_extractors:
# look for a token as Authorization Header
authorization_header:
enabled: true
prefix: Bearer
name: Php-Auth-Digest
要了解有关此内容的更多信息,请访问此 link - https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Resources/doc/1-configuration-reference.md
从您的 api 应用程序发送 header 看起来像这样(这是 Angular 6 中的示例)
request = request.clone({
setHeaders: {
"Php-Auth-Digest": `Bearer ${currentUser.token}`,
}
});
我希望这对某人有所帮助。干杯。