Feature: configure root app for usage of JWT access token for wopi

This commit is contained in:
Julien Fastré 2023-01-09 20:50:11 +01:00
parent e55562c4cd
commit dc19006738
Signed by: julienfastre
GPG Key ID: BDE2190974723FCB
3 changed files with 18 additions and 2 deletions

View File

@ -2,3 +2,11 @@ lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%' secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%' public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%' pass_phrase: '%env(JWT_PASSPHRASE)%'
# required for wopi - recommended duration
token_ttl: 36000
token_extractors:
query_parameter:
enabled: true
name: access_token

View File

@ -29,6 +29,14 @@ security:
pattern: ^/(_(profiler|wdt)|css|images|js)/ pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false security: false
wopi:
pattern: ^/wopi
provider: chain_provider
stateless: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
default: default:
anonymous: ~ anonymous: ~
provider: chain_provider provider: chain_provider
@ -54,7 +62,7 @@ security:
- { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/wopi, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/wopi, roles: IS_AUTHENTICATED_FULLY }
# access for homepage, the homepage redirect admin to admin section # access for homepage, the homepage redirect admin to admin section
- { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] } - { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
- { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] } - { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }

View File

@ -1,3 +1,3 @@
chill_wopi_bundle: chill_wopi_bundle:
resource: '@ChillWopiBundle/Resources/config/routes/routes.php' resource: '@ChillWopiBundle/Resources/config/routes/routes.php'
prefix: /wopi prefix: /chill/wopi