Skip to content
Advertisement

jwt token not found when i pass in username and password in curl

I want to use jwt token in my symfony project. But i have a problem because when i use: curl.exe -X POST -H "Content-Type: application/json" http://localhost:81/api/login_check -d '{"username": "f.djawid@outlook.com","password":"000000"}'

I get : {"code":401,"message":"JWT Token not found"}

This is my security.yml:

#/config/packages/security.yml

security:
    encoders:
        AppEntityUser:
            algorithm: auto




    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        # used to reload user from session & other features (e.g. switch_user)
        app_user_provider:
            entity:
                class: AppEntityUser
                property: email
        # used to reload user from session & other features (e.g. switch_user)
        # used to reload user from session & other features (e.g. switch_user)
        # used to reload user from session & other features (e.g. switch_user)
    firewalls:  
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        api:
            pattern: ^/api
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
        login:
            pattern: ^/api/login
            stateless: true
            anonymous: true
            json_login:
                check_path: /api/login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure            
            
        main:
            anonymous: true
                

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        - { path: ^/api/docs, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/login,       roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api,       roles: IS_AUTHENTICATED_FULLY }


As you can see i use the lexikJWTAthenticationBundle. I made a private key and public key with ssl.

I use docker to run the apache server where my localhost is running. This is my vhost config:

#/.docker/config/sf4.conf

<VirtualHost *:80>

        Define server_name sf4.local
        Define basedocroot  /home/wwwroot/sf4
        Define docrootweb   ${basedocroot}/public
        Define logdir   /var/log/apache2/

        <FilesMatch .php$>
         SetHandler "proxy:fcgi://sf4_php:9000"
        </FilesMatch>

        ServerName ${server_name}
        DocumentRoot ${docrootweb}
        ErrorLog ${logdir}/error.log
        CustomLog ${logdir}/access.log Combined

        RewriteEngine On
        RewriteCond %%{HTTP:Authorization} ^(.*)
        RewriteRule .* - [e=HTTP_AUTHORIZATION:%%1]

        <Directory ${docrootweb}>
            AllowOverride All
            Require all granted
        </Directory>

        <Directory ${basedocroot}/var>
            <IfModule mod_authz_core.c>
                Require all denied
            </IfModule>
            <IfModule !mod_authz_core.c>
                Order deny,allow
                Deny from all
            </IfModule>
        </Directory>

        <Directory ${docrootweb}>
            DirectoryIndex ${docrootweb}/index.php
            <IfModule mod_negotiation.c>
                Options -MultiViews
            </IfModule>

            <IfModule mod_rewrite.c>
                RewriteEngine On
                RewriteCond %%{REQUEST_URI}::$1 ^(/.+)/(.*)::2$
                RewriteRule ^(.*) - [E=BASE:%%1]

                RewriteCond %%{HTTP:Authorization} .
                RewriteRule ^ - [E=HTTP_AUTHORIZATION:%%{HTTP:Authorization}]

                RewriteCond %%{ENV:REDIRECT_STATUS} ^$
                RewriteRule ^index.php(?:/(.*)|$) %%{ENV:BASE}/$1 [R=301,L]

                RewriteCond %%{REQUEST_FILENAME} -f
                RewriteRule ^ - [L]

                RewriteRule ^ %%{ENV:BASE}/index.php [L]
            </IfModule>

            <IfModule !mod_rewrite.c>
                <IfModule mod_alias.c>
                    RedirectMatch 302 ^/$ /index.php/
                </IfModule>
            </IfModule>
        </Directory>

        Undefine server_name
        Undefine basedocroot
        Undefine docrootweb
        Undefine logdir
</VirtualHost>



I found on another post that the solution might be that i have to add the Rewrite for Autherization if i use Apache but its already added there and its still not posting the jwt token when used curl like i did above.

I also made user entity with make:user and i added the username, roles and password values in the table user. In the curl you can see that i use 000000 as the password. In the database this password is hashed with argon2i.

I really don’t know why i can’t see the jwt token. I have looked everywhere in the internet, but nothing seems to work for me.

EDIT

I also have this in the lexik_jwt_authentication.yml:

#/config/packages/lexik_jwt_authentication.yml

lexik_jwt_authentication:
    secret_key: '%%env(resolve:JWT_SECRET_KEY)%%'
    public_key: '%%env(resolve:JWT_PUBLIC_KEY)%%'
    pass_phrase: '%%env(JWT_PASSPHRASE)%%'


And this is what i defined in my .env file:

# /.env
JWT_SECRET_KEY=%%kernel.project_dir%%/config/jwt/private.pem
JWT_PUBLIC_KEY=%%kernel.project_dir%%/config/jwt/public.pem
JWT_PASSPHRASE=accountingmodule

Also when in the security.yml when i swap the login and api headers i get this error:

{"type":"https://tools.ietf.org/html/rfc2616#section-10","title":"An error occurred","status":400,"detail":"Invalid JSON.","class":"Symfony\Component\HttpKernel\Exception\BadRequestHttpException","trace":[{"namespace":"","short_class":"","class":"","type":"","function":"","file":"/home/wwwroot/sf4/vendor/symfony/security-http/Firewall/UsernamePasswordJsonAuthenticationListener.php","line":108,"args":[]},{"namespace":"Symfony\Component\Security\Http\Firewall","short_class":"UsernamePasswordJsonAuthenticationListener","class":"Symfony\Component\Security\Http\Firewall\UsernamePasswordJsonAuthenticationListener","type":"->","function":"authenticate","file":"/home/wwwroot/sf4/vendor/symfony/security-bundle/Debug/WrappedLazyListener.php","line":49,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Bundle\SecurityBundle\Debug","short_class":"WrappedLazyListener","class":"Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener","type":"->","function":"authenticate","file":"/home/wwwroot/sf4/vendor/symfony/security-http/Firewall/AbstractListener.php","line":27,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Component\Security\Http\Firewall","short_class":"AbstractListener","class":"Symfony\Component\Security\Http\Firewall\AbstractListener","type":"->","function":"__invoke","file":"/home/wwwroot/sf4/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php","line":62,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Bundle\SecurityBundle\Debug","short_class":"TraceableFirewallListener","class":"Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener","type":"->","function":"callListeners","file":"/home/wwwroot/sf4/vendor/symfony/security-http/Firewall.php","line":98,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["object","Generator"]]},{"namespace":"Symfony\Component\Security\Http","short_class":"Firewall","class":"Symfony\Component\Security\Http\Firewall","type":"->","function":"onKernelRequest","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/Debug/WrappedListener.php","line":126,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher"]]},{"namespace":"Symfony\Component\EventDispatcher\Debug","short_class":"WrappedListener","class":"Symfony\Component\EventDispatcher\Debug\WrappedListener","type":"->","function":"__invoke","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/EventDispatcher.php","line":264,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher"]]},{"namespace":"Symfony\Component\EventDispatcher","short_class":"EventDispatcher","class":"Symfony\Component\EventDispatcher\EventDispatcher","type":"->","function":"doDispatch","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/EventDispatcher.php","line":239,"args":[["array",[["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"]]],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Component\EventDispatcher","short_class":"EventDispatcher","class":"Symfony\Component\EventDispatcher\EventDispatcher","type":"->","function":"callListeners","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/EventDispatcher.php","line":73,"args":[["array",[["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"],["object","Symfony\Component\EventDispatcher\Debug\WrappedListener"]]],["string","kernel.request"],["object","Symfony\Component\HttpKernel\Event\RequestEvent"]]},{"namespace":"Symfony\Component\EventDispatcher","short_class":"EventDispatcher","class":"Symfony\Component\EventDispatcher\EventDispatcher","type":"->","function":"dispatch","file":"/home/wwwroot/sf4/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php","line":168,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"]]},{"namespace":"Symfony\Component\EventDispatcher\Debug","short_class":"TraceableEventDispatcher","class":"Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher","type":"->","function":"dispatch","file":"/home/wwwroot/sf4/vendor/symfony/http-kernel/HttpKernel.php","line":134,"args":[["object","Symfony\Component\HttpKernel\Event\RequestEvent"],["string","kernel.request"]]},{"namespace":"Symfony\Component\HttpKernel","short_class":"HttpKernel","class":"Symfony\Component\HttpKernel\HttpKernel","type":"->","function":"handleRaw","file":"/home/wwwroot/sf4/vendor/symfony/http-kernel/HttpKernel.php","line":80,"args":[["object","Symfony\Component\HttpFoundation\Request"],["integer",1]]},{"namespace":"Symfony\Component\HttpKernel","short_class":"HttpKernel","class":"Symfony\Component\HttpKernel\HttpKernel","type":"->","function":"handle","file":"/home/wwwroot/sf4/vendor/symfony/http-kernel/Kernel.php","line":201,"args":[["object","Symfony\Component\HttpFoundation\Request"],["integer",1],["boolean",true]]},{"namespace":"Symfony\Component\HttpKernel","short_class":"Kernel","class":"Symfony\Component\HttpKernel\Kernel","type":"->","function":"handle","file":"/home/wwwroot/sf4/public/index.php","line":25,"args":[["object","Symfony\Component\HttpFoundation\Request"]]}]}

Advertisement

Answer

So i just solved the problem. The problem was that i had to switch the position of login header and api header in security.yml. This time i used postman to test if it works and i get a token back. The reason why it’s still not working in my local server is because for some reason the symfony kernel isn’t giving any response, but that is entirly another problem.

User contributions licensed under: CC BY-SA
9 People found this is helpful
Advertisement