From 5a8f26579f5d1510fe56a91fef83160e1eb74c24 Mon Sep 17 00:00:00 2001 From: konradoboza Date: Wed, 5 Jun 2024 16:01:30 +0200 Subject: [PATCH 1/2] IBX-8356: Reworked JWT firewall to be in-tact with the new Symfony auth --- ibexa/commerce/5.0/config/packages/security.yaml | 11 ++++++----- ibexa/experience/5.0/config/packages/security.yaml | 11 ++++++----- ibexa/headless/5.0/config/packages/security.yaml | 11 ++++++----- ibexa/oss/5.0/config/packages/security.yaml | 11 ++++++----- 4 files changed, 24 insertions(+), 20 deletions(-) diff --git a/ibexa/commerce/5.0/config/packages/security.yaml b/ibexa/commerce/5.0/config/packages/security.yaml index 60124fb3..eda36208 100644 --- a/ibexa/commerce/5.0/config/packages/security.yaml +++ b/ibexa/commerce/5.0/config/packages/security.yaml @@ -91,12 +91,13 @@ security: #ibexa_jwt_rest: # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker - # anonymous: ~ - # guard: - # authenticators: - # - lexik_jwt_authentication.jwt_token_authenticator - # entry_point: lexik_jwt_authentication.jwt_token_authenticator # stateless: true + # json_login: + # check_path: ibexa.rest.create_token + # username_path: JWTInput.username + # password_path: JWTInput.password + # success_handler: lexik_jwt_authentication.handler.authentication_success + # failure_handler: lexik_jwt_authentication.handler.authentication_failure #ibexa_jwt_graphql: # request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher diff --git a/ibexa/experience/5.0/config/packages/security.yaml b/ibexa/experience/5.0/config/packages/security.yaml index d9b25ede..c58ff181 100644 --- a/ibexa/experience/5.0/config/packages/security.yaml +++ b/ibexa/experience/5.0/config/packages/security.yaml @@ -79,12 +79,13 @@ security: #ibexa_jwt_rest: # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker - # anonymous: ~ - # guard: - # authenticators: - # - lexik_jwt_authentication.jwt_token_authenticator - # entry_point: lexik_jwt_authentication.jwt_token_authenticator # stateless: true + # json_login: + # check_path: ibexa.rest.create_token + # username_path: JWTInput.username + # password_path: JWTInput.password + # success_handler: lexik_jwt_authentication.handler.authentication_success + # failure_handler: lexik_jwt_authentication.handler.authentication_failure #ibexa_jwt_graphql: # request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher diff --git a/ibexa/headless/5.0/config/packages/security.yaml b/ibexa/headless/5.0/config/packages/security.yaml index d9b25ede..c58ff181 100644 --- a/ibexa/headless/5.0/config/packages/security.yaml +++ b/ibexa/headless/5.0/config/packages/security.yaml @@ -79,12 +79,13 @@ security: #ibexa_jwt_rest: # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker - # anonymous: ~ - # guard: - # authenticators: - # - lexik_jwt_authentication.jwt_token_authenticator - # entry_point: lexik_jwt_authentication.jwt_token_authenticator # stateless: true + # json_login: + # check_path: ibexa.rest.create_token + # username_path: JWTInput.username + # password_path: JWTInput.password + # success_handler: lexik_jwt_authentication.handler.authentication_success + # failure_handler: lexik_jwt_authentication.handler.authentication_failure #ibexa_jwt_graphql: # request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher diff --git a/ibexa/oss/5.0/config/packages/security.yaml b/ibexa/oss/5.0/config/packages/security.yaml index 7473ce54..40a4009e 100644 --- a/ibexa/oss/5.0/config/packages/security.yaml +++ b/ibexa/oss/5.0/config/packages/security.yaml @@ -57,12 +57,13 @@ security: #ibexa_jwt_rest: # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker - # anonymous: ~ - # guard: - # authenticators: - # - lexik_jwt_authentication.jwt_token_authenticator - # entry_point: lexik_jwt_authentication.jwt_token_authenticator # stateless: true + # json_login: + # check_path: ibexa.rest.create_token + # username_path: JWTInput.username + # password_path: JWTInput.password + # success_handler: lexik_jwt_authentication.handler.authentication_success + # failure_handler: lexik_jwt_authentication.handler.authentication_failure #ibexa_jwt_graphql: # request_matcher: Ibexa\GraphQL\Security\NonAdminGraphQLRequestMatcher From a4c9ba99f0721bfdc2206f045a1a9a010022c24f Mon Sep 17 00:00:00 2001 From: konradoboza Date: Fri, 7 Jun 2024 16:25:53 +0200 Subject: [PATCH 2/2] moved RequestMatcher out of contracts --- ibexa/commerce/5.0/config/packages/security.yaml | 2 +- ibexa/experience/5.0/config/packages/security.yaml | 2 +- ibexa/headless/5.0/config/packages/security.yaml | 2 +- ibexa/oss/5.0/config/packages/security.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ibexa/commerce/5.0/config/packages/security.yaml b/ibexa/commerce/5.0/config/packages/security.yaml index eda36208..79f2071e 100644 --- a/ibexa/commerce/5.0/config/packages/security.yaml +++ b/ibexa/commerce/5.0/config/packages/security.yaml @@ -89,7 +89,7 @@ security: # Uncomment the rules below to enable JSON Web Token (JWT) authentication for REST and/or GraphQL #ibexa_jwt_rest: - # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher + # request_matcher: Ibexa\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker # stateless: true # json_login: diff --git a/ibexa/experience/5.0/config/packages/security.yaml b/ibexa/experience/5.0/config/packages/security.yaml index c58ff181..cc194187 100644 --- a/ibexa/experience/5.0/config/packages/security.yaml +++ b/ibexa/experience/5.0/config/packages/security.yaml @@ -77,7 +77,7 @@ security: # Uncomment the rules below to enable JSON Web Token (JWT) authentication for REST and/or GraphQL #ibexa_jwt_rest: - # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher + # request_matcher: Ibexa\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker # stateless: true # json_login: diff --git a/ibexa/headless/5.0/config/packages/security.yaml b/ibexa/headless/5.0/config/packages/security.yaml index c58ff181..cc194187 100644 --- a/ibexa/headless/5.0/config/packages/security.yaml +++ b/ibexa/headless/5.0/config/packages/security.yaml @@ -77,7 +77,7 @@ security: # Uncomment the rules below to enable JSON Web Token (JWT) authentication for REST and/or GraphQL #ibexa_jwt_rest: - # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher + # request_matcher: Ibexa\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker # stateless: true # json_login: diff --git a/ibexa/oss/5.0/config/packages/security.yaml b/ibexa/oss/5.0/config/packages/security.yaml index 40a4009e..db8cad76 100644 --- a/ibexa/oss/5.0/config/packages/security.yaml +++ b/ibexa/oss/5.0/config/packages/security.yaml @@ -55,7 +55,7 @@ security: # Uncomment the rules below to enable JSON Web Token (JWT) authentication for REST and/or GraphQL #ibexa_jwt_rest: - # request_matcher: Ibexa\Contracts\Rest\Security\AuthorizationHeaderRESTRequestMatcher + # request_matcher: Ibexa\Rest\Security\AuthorizationHeaderRESTRequestMatcher # user_checker: Ibexa\Core\MVC\Symfony\Security\UserChecker # stateless: true # json_login: