additional_public_keys as strings?

[nuryagdym]

I see that additional_public_keys can only be files:

LexikJWTAuthenticationBundle/Services/KeyLoader/AbstractKeyLoader.php

Lines 50 to 52 in 6a56ddb

	if (!$key || !is_file($key) || !is_readable($key)) {
	throw new \RuntimeException(sprintf('Additional public key "%s" does not exist or is not readable. Did you correctly set the "lexik_jwt_authentication.additional_public_keys" configuration key?', $key));
	}

For public_keys are on the hand we can use string values.

I work on a project where using files for secrets are not supported, so I have to use plain texts for secrets.

Can we add support for plain strings for additional keys? I can work on the PR if you think the change is meaningful.

Sure, I can also override key loader, but still maybe someone will have the same issue.

[nuryagdym]

seems like there is an old open PR #1008 .

Overriding key loader is not a clean solution because I also needed override service lexik_jwt_authentication.jws_provider.lcobucci, which means lexik jwt configs will be in 2 different places.

Here is how I did it:

1. created App\Security\RawKeyLoader class that extends Lexik\Bundle\JWTAuthenticationBundle\Services\KeyLoader\RawKeyLoader

    custom_jwt_key_loader:
        class: App\Security\RawKeyLoader
        parent: lexik_jwt_authentication.key_loader.raw

    custom_jws_provider:
        class: Lexik\Bundle\JWTAuthenticationBundle\Services\JWSProvider\LcobucciJWSProvider
        arguments:
            $keyLoader: '@custom_jwt_key_loader'
            $signatureAlgorithm: 'RS256'
            $ttl: '%env(ACCESS_TOKEN_TTL)%'
            $clockSkew: 0

    lexik_jwt_authentication.jws_provider.lcobucci:
        alias: "custom_jws_provider"