Authorization does not seems to be working with LcobucciFactory
zspine opened this issue ยท 4 comments
Everything works fine with anonymous mode enabled, with private mode I am getting a strange authorization error from mercure hub. ' cannot unmarshal number 1689617856.599472 into Go struct field claims.exp of type int64 '
# config/packages/mercure.yaml
mercure:
enable_profiler: '%kernel.debug%'
hubs:
default:
url: '%env(MERCURE_URL)%'
public_url: '%env(MERCURE_PUBLIC_URL)%'
jwt:
secret: '%env(MERCURE_JWT_SECRET)%'
<?php
namespace App\Controller;
use App\Mercure\Authorization;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Mercure\Discovery;
use Symfony\Component\Routing\Annotation\Route;
class DiscoverController extends AbstractController
{
/**
* @Route("/discover/publish")
*/
public function publish(Request $request, Discovery $discovery, Authorization $authorization): Response
{
$discovery->addLink($request);
$response = new JsonResponse([
'@id' => '/greetings/6',
'availability' => 'https://schema.org/InStock'
]);
$response->headers->setCookie(
$authorization->createCookie($request, ["https://localhost/greetings/6"])
);
return $response;
}
}
Caddy config
mercure {
transport_url {$MERCURE_TRANSPORT_URL:bolt:///data/mercure.db}
publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
subscriptions
{$MERCURE_EXTRA_DIRECTIVES}
}
Caddy log (api platform docker)
{
"level": "info",
"ts": 1626545861.1293569,
"logger": "http.handlers.mercure",
"msg": "Subscriber unauthorized",
"subscriber": {
"id": "urn:uuid:a4b84639-dac8-4f0f-9970-cdfa93d8affb",
"last_event_id": "",
"remote_addr": "172.20.0.1:36244"
},
"error": "unable to parse JWT: json: cannot unmarshal number 1689617856.599472 into Go struct field claims.exp of type int64"
}
Are you using the latest version of the Mercure hub? It should fix the problem.
Thank you very much for the quick response :) . It seems I am running the v11 and I just tried to upgrade with docker and I am getting the following error:
FROM caddy:${CADDY_VERSION}-builder-alpine AS api_platform_caddy_builder
RUN xcaddy build \
--with github.com/dunglas/mercure/caddy \
--with github.com/dunglas/vulcain/caddy
FROM caddy:${CADDY_VERSION} AS api_platform_caddy
WORKDIR /srv/api
COPY --from=dunglas/mercure:v0.12 /srv/public /srv/mercure-assets/
COPY --from=api_platform_caddy_builder /usr/bin/caddy /usr/bin/caddy
COPY --from=api_platform_php /srv/api/public public/
COPY docker/caddy/Caddyfile /etc/caddy/Caddyfile
ERROR: Service 'caddy' failed to build: COPY failed: stat srv/public: file does not exist
also tried the following:
FROM caddy:${CADDY_VERSION}-builder-alpine AS api_platform_caddy_builder
RUN xcaddy build \
--with github.com/dunglas/mercure \
--with github.com/dunglas/mercure/caddy \
--with github.com/dunglas/vulcain \
--with github.com/dunglas/vulcain/caddy
FROM caddy:${CADDY_VERSION} AS api_platform_caddy
WORKDIR /srv/api
COPY --from=dunglas/mercure:v0.12 /srv/public /srv/mercure-assets/
COPY --from=api_platform_caddy_builder /usr/bin/caddy /usr/bin/caddy
COPY --from=api_platform_php /srv/api/public public/
COPY docker/caddy/Caddyfile /etc/caddy/Caddyfile
go: downloading github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7
go: downloading github.com/alecthomas/repr v0.0.0-20180818092828-117648cd9897
go: downloading github.com/jmespath/go-jmespath v0.3.0
2021/07/17 20:25:33 [INFO] exec (timeout=0s): /usr/local/go/bin/go build -o /usr/bin/caddy -ldflags -w -s -trimpath
/go/pkg/mod/github.com/dunglas/mercure@v0.12.0/demo.go:4:2: package embed is not in GOROOT (/usr/local/go/src/embed)
/go/pkg/mod/github.com/dunglas/mercure@v0.12.0/handler.go:7:2: package io/fs is not in GOROOT (/usr/local/go/src/io/fs)
2021/07/17 20:25:38 [INFO] Skipping cleanup as requested; leaving folder intact: /tmp/buildenv_2021-07-17-2023.870195854
2021/07/17 20:25:38 [FATAL] exit status 1
ERROR: Service 'caddy' failed to build: The command '/bin/sh -c xcaddy build --with github.com/dunglas/mercure --with github.com/dunglas/mercure/caddy --with github.com/dunglas/vulcain/caddy' returned a non-zero code: 1
I need to upgrade the Dockerfile of API Platform.
The line COPY --from=api_platform_php /srv/api/public public/
is now useless and must be deleted.
Thank you very much for the quick update.... it seems to be working now, no more 'cannot unmarshal number' error! I am still getting the 'Unauthorized' error but it must be something to do with my configuration.
Cheers