Feature: configure root app for usage of JWT access token for wopi

2023-01-09 20:50:11 +01:00
parent e55562c4cd
commit dc19006738
3 changed files with 18 additions and 2 deletions
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -29,6 +29,14 @@ security:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

+        wopi:
+            pattern: ^/wopi
+            provider: chain_provider
+            stateless: true
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
        default:
            anonymous: ~
            provider: chain_provider
@@ -54,7 +62,7 @@ security:
        - { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/wopi, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/wopi, roles: IS_AUTHENTICATED_FULLY }
        # access for homepage, the homepage redirect admin to admin section
        - { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
        - { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }