symfonyjwtnelmioapidocbundle

Symfony 6 - lexik JWT - Authenticator does not support the request


I'm having some problems with lexik JWT bundle and Symfony 6.0, for swagger I use NelmioApiDocBundle.

The thing is, that every in swagger works before I decide to apply my Authorization Token (Bearer token), which is generated from lexik JWT. But once I get my token generated through /api/sign/in endpoint, and put it into the field, suddenly all endpoints stop working. Like the swagger has this loading animation, but no request comes (tested with xDebug, but also symfony profiler).

Funny thing is when I use Postman and apply the token there, I immediately get a correct response. So I'm not sure where or what's the problem, but when calling from Swagger, I can see docker debug messages saying: PHP message: [debug] Authenticator does not support the request.

I will put my configuration below. Thanks in advance.

lexik_jwt_authentication.yaml:

lexik_jwt_authentication:
    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
    pass_phrase: '%env(JWT_PASSPHRASE)%'
    token_ttl: 8640000
    user_id_claim: id
    user_identity_field: email

security.yaml

security:
    enable_authenticator_manager: true

    password_hashers:
        App\Entity\User:
            algorithm: bcrypt
            cost: 10

    providers:
        app_user_provider:
            entity:
                class: App\Entity\User
                property: email

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern: ^/api/sign
            stateless: true
            provider: app_user_provider
            json_login:
                check_path: /api/sign/in
                username_path: email
                password_path: password
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure

        api:
            provider: app_user_provider
            pattern: ^/api
            stateless: true
            jwt: ~


    access_control:
        - { path: ^/api/sign/, roles: PUBLIC_ACCESS }
        - { path: ^/api/(doc|doc.json), roles: PUBLIC_ACCESS }
        - { path: ^/api, roles: IS_AUTHENTICATED_FULLY }

nelmio_api_doc.yaml

nelmio_api_doc:
    documentation:
        servers:
            - url: http://bp.project

        info:
            title: BP PROJECT
            description: This is an awesome app!
            version: 1.0.0
        components:
            securitySchemes:
                Bearer:
                    type: http
                    scheme: bearer
                    bearerFormat: JWT
        security:
            Bearer: [ ]
    areas: # to filter documented areas
        path_patterns: # an array of regexps
            - ^/api(?!/(doc|doc.json|docs.{_format}|{index}.{_format}|contexts/{shortName}.{_format})$) # Accepts routes under /api except ...

    models: { use_jms: false }

Solution

  • Found out api_platform swagger and nelmio are both interacting somehow, since I added this into api_platform.yaml and the header was available in nelmio too, which now works.

    swagger:
        versions: [3]
        api_keys:
            apiKey:
                name: Authorization
                type: header