From dc19006738288b908efc5cd5afc4943efd481c17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Fastr=C3=A9?= Date: Mon, 9 Jan 2023 20:50:11 +0100 Subject: [PATCH] Feature: configure root app for usage of JWT access token for wopi --- config/packages/lexik_jwt_authentication.yaml | 8 ++++++++ config/packages/security.yaml | 10 +++++++++- config/routes/chill_wopi.yaml | 2 +- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/config/packages/lexik_jwt_authentication.yaml b/config/packages/lexik_jwt_authentication.yaml index edfb69d..93041d0 100644 --- a/config/packages/lexik_jwt_authentication.yaml +++ b/config/packages/lexik_jwt_authentication.yaml @@ -2,3 +2,11 @@ lexik_jwt_authentication: secret_key: '%env(resolve:JWT_SECRET_KEY)%' public_key: '%env(resolve:JWT_PUBLIC_KEY)%' pass_phrase: '%env(JWT_PASSPHRASE)%' + + # required for wopi - recommended duration + token_ttl: 36000 + + token_extractors: + query_parameter: + enabled: true + name: access_token diff --git a/config/packages/security.yaml b/config/packages/security.yaml index b49a05b..65b3f2f 100644 --- a/config/packages/security.yaml +++ b/config/packages/security.yaml @@ -29,6 +29,14 @@ security: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false + wopi: + pattern: ^/wopi + provider: chain_provider + stateless: true + guard: + authenticators: + - lexik_jwt_authentication.jwt_token_authenticator + default: anonymous: ~ provider: chain_provider @@ -54,7 +62,7 @@ security: - { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY } - - { path: ^/wopi, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: ^/wopi, roles: IS_AUTHENTICATED_FULLY } # access for homepage, the homepage redirect admin to admin section - { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] } - { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] } diff --git a/config/routes/chill_wopi.yaml b/config/routes/chill_wopi.yaml index 337f020..b94e5d6 100644 --- a/config/routes/chill_wopi.yaml +++ b/config/routes/chill_wopi.yaml @@ -1,3 +1,3 @@ chill_wopi_bundle: resource: '@ChillWopiBundle/Resources/config/routes/routes.php' - prefix: /wopi + prefix: /chill/wopi