-
-
Save matheusolivesilva/77e55ccedd84e70a6acb66dc8c94e127 to your computer and use it in GitHub Desktop.
Sending JWT Token in Guzzle POST with LexikJWTAuthenticationBundle
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace AppBundle\Controller; | |
| class DefaultController extends Controller | |
| { | |
| /** | |
| * @Route("/gettoken") | |
| */ | |
| public function getToken() | |
| { | |
| $request = $this->getRequest(); | |
| $user = $this->getDoctrine() | |
| ->getRepository('AppBundle:User') | |
| ->findOneBy(['username' => $request->getUser()]); | |
| if (!$user) { | |
| throw $this->createNotFoundException(); | |
| } | |
| $isValid = $this->get('security.password_encoder') | |
| ->isPasswordValid($user, $request->getPassword()); | |
| if (!$isValid) { | |
| throw new BadCredentialsException(); | |
| } | |
| $token = $this->get('lexik_jwt_authentication.jwt_manager')->create($user); | |
| return new JsonResponse(['token' => $token]); | |
| } | |
| /** | |
| * @Route("/client", name="rewotec_customer.jwt_client") | |
| */ | |
| public function apiClient() | |
| { | |
| $client = new Client(); | |
| $response = $client->post('http://dev.microservice1.com/gettoken', [ | |
| 'auth' => ['admin', 'test1234'] | |
| ]); | |
| $body = json_decode($response->getBody(), true); | |
| $token = $body['token']; | |
| $decrypt = $this->get('lexik_jwt_authentication.encoder')->decode($token); // Success! | |
| $response2 = $client->post('http://dev.microservice1.com/api/secure', [ | |
| 'headers' => [ | |
| 'Authorization' => 'Bearer '.$token | |
| ] | |
| ]); | |
| return new Response($response2->getBody()); | |
| } | |
| /** | |
| * @Route("/api/secure") | |
| */ | |
| public function secure() | |
| { | |
| return new Response('Logged in'); | |
| } | |
| } | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| security: | |
| encoders: | |
| FOS\UserBundle\Model\UserInterface: { id: security.encoder.legacy } | |
| role_hierarchy: | |
| ROLE_ADMIN: | |
| - ROLE_USER | |
| - ROLE_CUSTOMER | |
| ROLE_SUPER_ADMIN: ROLE_ADMIN | |
| ROLE_API: [ROLE_USER] | |
| providers: | |
| fos_userbundle: | |
| id: fos_user.user_provider.username | |
| firewalls: | |
| login: | |
| pattern: ^/api/login | |
| stateless: true | |
| anonymous: true | |
| provider: fos_userbundle | |
| form_login: | |
| check_path: /api/login_check | |
| require_previous_session: false | |
| success_handler: lexik_jwt_authentication.handler.authentication_success | |
| failure_handler: lexik_jwt_authentication.handler.authentication_failure | |
| api: | |
| pattern: ^/api | |
| stateless: true | |
| anonymous: false | |
| provider: fos_userbundle | |
| guard: | |
| authenticators: | |
| - lexik_jwt_authentication.jwt_token_authenticator | |
| lexik_jwt: | |
| authorization_header: # check token in Authorization Header | |
| enabled: true | |
| prefix: Bearer | |
| query_parameter: # check token in query string parameter | |
| enabled: false | |
| dev: | |
| pattern: ^/(_(profiler|wdt)|css|images|js)/ | |
| security: false | |
| access_control: | |
| - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/client, roles: [IS_AUTHENTICATED_ANONYMOUSLY] } | |
| - { path: ^/gettoken, roles: [IS_AUTHENTICATED_ANONYMOUSLY] } | |
| - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
| - { path: ^/api, roles: [IS_AUTHENTICATED_FULLY] } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment