I refactored a Symfony 3 project to Symfony 5.4. For some API endpoints to work I need jwt token auth to work which I try with lexik/jwt-authentication-bundle (2.16). My setup is as follows.
..\config\packages\lexik_jwt_authentication.yaml:
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
token_ttl: "%jwt_token_tll%"
..\config\packages\security.yaml:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
provider: app_all_users
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
require_previous_session: false
api:
pattern: ^/api
stateless: true
jwt: ~
provider: app_all_users
main:
lazy: true
provider: app_all_users
custom_authenticator: App\Security\LoginFormAuthenticator
logout:
path: app_logout
target: app_login
switch_user: true
remember_me:
secret: '%kernel.secret%'
lifetime: 90000
login_throttling: true
..\config\routes.yaml:
api_login_check:
path: /api/login_check
I created pem/pub keys with
openssl genrsa -out config/jwt/private.pem -aes256 4096
openssl rsa -pubout -in config/jwt/private.pem -out config/jwt/public.pem
When calling
http://[local_server]/api/login_check
with json content
{
"username": "my_login_name",
"password": "my_pw"
}
I get a 500 error with "JWTEncodeFailureException" and the message:
Unable to create a signed JWT from the given configuration.
Typing "php bin/console lexik:jwt:check-config" to console gives
The configuration seems correct.
Debugging into it shows that in "..\vendor\lexik\jwt-authentication-bundle\Encoder\LcobucciJWTEncoder.php" the exception is thrown because the created token is not signed (!$jws->isSigned()). I have no idea on how to fix this. Any help is much appreciated.
