deploy: update version of chill-bundles

.drone.yml

@@ -33,6 +33,8 @@ steps:
       commands:
           - composer install --no-scripts --no-interaction
           - composer update --with-all-dependencies --no-interaction chill-project/chill-bundles
+      depends_on:
+          - build-base-image
 
     - name: build-assets
       image: node:14
@@ -40,6 +42,8 @@ steps:
       commands:
           - yarn install
           - yarn run encore production
+      depends_on:
+          - composer-install
 
     - name: build-image-php
       image: plugins/docker
@@ -56,6 +60,9 @@ steps:
           cache_from:
               - h3m6q87t.gra7.container-registry.ovh.net/chillbasics/php-base:latest
               - chill/base-image:latest
+      depends_on:
+          - build-assets
+          - composer-install
 
     - name: build-image-nginx
       image: plugins/docker
@@ -70,3 +77,5 @@ steps:
           tag:
             - ${DRONE_TAG}
           Dockerfile: docker/nginx/Dockerfile
+      depends_on:
+          - build-assets

.env

@@ -0,0 +1,89 @@
+##
+##  Manually dump .env files in .env.local.php with
+## `$ composer symfony:dump-env prod`
+##
+
+## Locale
+LOCALE=fr
+
+###> symfony/framework-bundle ###
+# this should be set in docker-compose.yml file
+APP_ENV=prod
+APP_SECRET=ChangeItf2b58287ef7f9976409d3f6c72529e99ChangeIt
+TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
+TRUSTED_HOSTS='^(localhost|example\.com|nginx)$'
+###< symfony/framework-bundle ###
+
+## Wopi server for editing documents online
+WOPI_SERVER=http://collabora:9980
+
+# must be manually set in .env.local
+# ADMIN_PASSWORD=
+
+## Symfony/swiftmailer
+## Mailer
+###> symfony/mailer ###
+# MAILER_DSN=smtp://localhost
+MAILER_DSN=
+###< symfony/mailer ###
+
+## Notifications
+NOTIFICATION_HOST=localhost:8001
+NOTIFICATION_FROM_EMAIL=admin@chill.social
+NOTIFICATION_FROM_NAME="Chill <admin@chill.social>"
+
+## Pgadmin credential
+PGADMIN_DEFAULT_EMAIL=
+PGADMIN_DEFAULT_PASSWORD=
+
+## OVH OpenStack Storage Container
+ASYNC_UPLOAD_TEMP_URL_KEY=
+ASYNC_UPLOAD_TEMP_URL_BASE_PATH=
+ASYNC_UPLOAD_TEMP_URL_CONTAINER=
+
+## Redis Cache
+REDIS_HOST=redis
+REDIS_PORT=6379
+REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
+
+## Twilio
+TWILIO_SID=~
+TWILIO_SECRET=~
+DEFAULT_CARRIER_CODE=BE
+
+ADD_ADDRESS_DEFAULT_COUNTRY=BE
+
+ADD_ADDRESS_MAP_CENTER_X=50.8443
+ADD_ADDRESS_MAP_CENTER_Y=4.3523
+ADD_ADDRESS_MAP_CENTER_Z=15
+
+SHORT_MESSAGE_DSN=null://null
+
+## DOCKER IMAGES REGISTRY
+#IMAGE_PHP=
+#IMAGE_NGINX=
+
+## DOCKER IMAGES TAG
+#VERSION=test
+#VERSION=prod
+
+###> symfony/messenger ###
+# Choose one of the transports below
+# MESSENGER_TRANSPORT_DSN=doctrine://default
+# MESSENGER_TRANSPORT_DSN=amqp://guest:guest@localhost:5672/%2f/messages
+# MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages
+MESSENGER_TRANSPORT_DSN=sync://
+###< symfony/messenger ###
+
+###> doctrine/doctrine-bundle ###
+# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
+# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
+#
+DATABASE_URL="postgresql://postgres:postgres@db:5432/postgres?serverVersion=14&charset=utf8"
+###< doctrine/doctrine-bundle ###
+
+###> lexik/jwt-authentication-bundle ###
+JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
+JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
+JWT_PASSPHRASE=2a30f6ba26521a2613821da35f28386e
+###< lexik/jwt-authentication-bundle ###

.env.dev

@@ -0,0 +1,13 @@
+
+###> symfony/mailer ###
+# MAILER_DSN=smtp://localhost
+MAILER_DSN=smtp://smtp:1025
+###< symfony/mailer ###
+
+DATABASE_URL=postgresql://postgres:postgres@db:5432/postgres?serverVersion=12&charset=utf8
+MAILER_URL=smtp://smtp:1025
+
+## Pgadmin credential
+PGADMIN_DEFAULT_EMAIL=admin@chill.social
+PGADMIN_DEFAULT_PASSWORD=password
+

.env.prod

@@ -0,0 +1,4 @@
+
+## Gelf
+GELF_HOST=gelf
+GELF_PORT=12201

.env.test

@@ -0,0 +1,4 @@
+# define your env variables for the test env here
+KERNEL_CLASS='App\Kernel'
+APP_SECRET='$ecretf0rt3st'
+ADMIN_PASSWORD=password

.gitignore

@@ -8,8 +8,7 @@ bin/*
 config/secrets/
 
 ## env files
-.env*
+.env.local
-!.env.dist
 
 .composer/*
 composer.phar
@@ -75,4 +74,8 @@ yarn-error.log
 ###< symfony/webpack-encore-bundle ###
 
 docker-compose.override.yml
-docker-compose.override.yaml
+docker-compose.override.yaml
+
+###> lexik/jwt-authentication-bundle ###
+/config/jwt/*.pem
+###< lexik/jwt-authentication-bundle ###

Makefile

@@ -3,9 +3,9 @@ PWD:=$(shell echo ${PWD})
 UID:=$(shell id -u)
 GID:=$(shell id -g)
 BASE_TAG=chill_base_php
-DOCKERNODE_CMD=docker run --rm --user ${UID}:${GID} -v ${PWD}:/app --workdir /app -e YARN_CACHE_FOLDER=/app/.yarncache node:14
+DOCKERNODE_CMD=docker run --rm --user ${UID}:${GID} -v ${PWD}:/app --workdir /app -e YARN_CACHE_FOLDER=/app/.yarncache node:16
 DOCKER_COMPOSE_PHP_EXEC_CMD=docker-compose run --rm --user $(UID):$(GID) -e CLEAR_CACHE=false -e COMPOSER_HOME=/var/www/app/.composer --entrypoint /usr/bin/env php
-DOCKER_PHP_EXEC_CMD_BASE=docker run --rm --user $(UID):$(GID) -v ${PWD}:/var/www/app -e CLEAR_CACHE=false -e COMPOSER_HOME=/var/www/app/.composer --entrypoint /usr/bin/env --net=host $(BASE_TAG)
+DOCKER_PHP_EXEC_CMD_BASE=docker run --rm --user $(UID):$(GID) -v ${PWD}:/var/www/app -e CLEAR_CACHE=false -e COMPOSER_HOME=/var/www/app/.composer --entrypoint /usr/bin/env $(BASE_TAG)
 PHP_BASE_IMAGE=php:7.4-fpm-buster
 PHP_BASE_IMAGE_CHILL=chill_base_php
 NGINX_BASE_IMAGE=nginx

composer.json

@@ -15,7 +15,7 @@
     },
     "require": {
         "ext-redis": "*",
-        "chill-project/chill-bundles": "dev-master#5f6c11bde9ac1006c5b187c29f4c33ce0a44021b",
+        "chill-project/chill-bundles": "dev-master#239a978adb382d0c5dcc4ad6ae0f8f66a813a5dc",
         "symfony/flex": "^1.9",
         "symfony/http-client": "^4.4 || ^5",
         "nelmio/alice": "^3.8",
@@ -23,7 +23,8 @@
         "phpstan/phpstan": "^1.0",
         "spomky-labs/base64url": "^2.0",
         "twig/string-extra": "^3.3",
-        "symfony/mailer": "^5.4"
+        "symfony/mailer": "^5.4",
+        "symfony/dependency-injection": "5.4.16"
     },
     "require-dev": {
         "fakerphp/faker": "^1.13",
@@ -58,7 +59,9 @@
         },
         "preferred-install": {
           "chill-project/chill-bundles": "source",
-          "champs-libres/async-uploader-bundle": "source"
+          "champs-libres/async-uploader-bundle": "source",
+          "champs-libres/wopi-bundle": "source",
+          "champs-libres/wopi-lib": "source"
         }
     }
 }

config/bundles.php

@@ -33,6 +33,8 @@ return [
     Chill\WopiBundle\ChillWopiBundle::class => ['all' => true],
     loophp\PsrHttpMessageBridgeBundle\PsrHttpMessageBridgeBundle::class => ['all' => true],
     ChampsLibres\WopiBundle\WopiBundle::class => ['all' => true],
-    \Misd\PhoneNumberBundle\MisdPhoneNumberBundle::class => ['all' => true],
+    Misd\PhoneNumberBundle\MisdPhoneNumberBundle::class => ['all' => true],
-    App\App::class => [ 'all' => true ],
+    App\App::class => ['all' => true],
+    KnpU\OAuth2ClientBundle\KnpUOAuth2ClientBundle::class => ['all' => true],
+    Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true],
 ];

config/packages/chill.yaml

@@ -12,12 +12,20 @@ chill_main:
         twilio_sid: '%env(resolve:TWILIO_SID)%'
         twilio_secret: '%env(resolve:TWILIO_SECRET)%'
         default_carrier_code: '%env(resolve:DEFAULT_CARRIER_CODE)%'
+    short_messages:
+        dsn: '%env(string:SHORT_MESSAGE_DSN)%'
     acl:
-        form_show_scopes: false
+        form_show_scopes: true
-        form_show_centers: false
+        form_show_centers: true
     access_global_history: false
     access_user_change_password: true
     access_permissions_group_list: true
+    add_address:
+        default_country: '%env(string:ADD_ADDRESS_DEFAULT_COUNTRY)%'
+        map_center:
+            x: '%env(float:ADD_ADDRESS_MAP_CENTER_X)%'
+            y: '%env(float:ADD_ADDRESS_MAP_CENTER_Y)%'
+            z: '%env(float:ADD_ADDRESS_MAP_CENTER_Z)%'
 
 chill_custom_fields:
     show_empty_values_in_views: false
@@ -40,7 +48,7 @@ chill_person:
         civility: visible
         deathdate: visible
     validation:
-        center_required: false
+        center_required: true
 
 chill_activity:
     form:

config/packages/chill_calendar.yaml

@@ -0,0 +1,3 @@
+chill_calendar:
+    remote_calendars_sync:
+        enabled: false

config/packages/doctrine.yaml

@@ -1,3 +1,10 @@
+framework:
+    cache:
+        pools:
+            doctrine.system_cache_pool:
+                adapter: cache.adapter.redis
+
+
 doctrine:
     dbal:
         url: '%env(resolve:DATABASE_URL)%'
@@ -5,7 +12,7 @@ doctrine:
             geometry: string
         # IMPORTANT: You MUST configure your server version,
         # either here or in the DATABASE_URL env var (see .env file)
-        #server_version: '5.7'
+        #server_version: '14'
     orm:
         auto_generate_proxy_classes: true
         naming_strategy: doctrine.orm.naming_strategy.default

config/packages/knpu_oauth2_client.yaml

@@ -0,0 +1,3 @@
+knpu_oauth2_client:
+    clients:
+        # configure your clients as described here: https://github.com/knpuniversity/oauth2-client-bundle#configuration

config/packages/lexik_jwt_authentication.yaml

@@ -0,0 +1,12 @@
+lexik_jwt_authentication:
+    secret_key: '%env(resolve:JWT_SECRET_KEY)%'
+    public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
+    pass_phrase: '%env(JWT_PASSPHRASE)%'
+
+    # required for wopi - recommended duration
+    token_ttl: 36000
+
+    token_extractors:
+        query_parameter:
+            enabled: true
+            name: access_token

config/packages/messenger.yaml

@@ -0,0 +1,24 @@
+framework:
+    messenger:
+        # reset services after consuming messages
+        # reset_on_message: true
+
+        # Uncomment this (and the failed transport below) to send failed messages to this transport for later handling.
+        failure_transport: failed
+
+        transports:
+            # https://symfony.com/doc/current/messenger.html#transport-configuration
+            async: '%env(MESSENGER_TRANSPORT_DSN)%'
+            failed: 'doctrine://default?queue_name=failed'
+            # sync: 'sync://'
+
+        routing:
+            # Route your messages to the transports
+            # 'App\Message\YourMessage': async
+            'Chill\CalendarBundle\Messenger\Message\CalendarRangeMessage': async
+            'Chill\CalendarBundle\Messenger\Message\CalendarRangeRemovedMessage': async
+            'Chill\CalendarBundle\Messenger\Message\CalendarRemovedMessage': async
+            'Chill\CalendarBundle\Messenger\Message\CalendarMessage': async
+            'Chill\CalendarBundle\Messenger\Message\InviteUpdateMessage': async
+            'Chill\CalendarBundle\Messenger\Message\MSGraphChangeNotificationMessage': async
+            'Chill\MainBundle\Service\ShortMessage\ShortMessage': async

config/packages/prod/doctrine.yaml

@@ -1,9 +1,6 @@
 doctrine:
     orm:
         auto_generate_proxy_classes: false
-        metadata_cache_driver:
-            type: pool
-            pool: doctrine.system_cache_pool
         query_cache_driver:
             type: pool
             pool: doctrine.system_cache_pool

config/packages/prod/lexik_jwt_authentication.yaml

@@ -0,0 +1,9 @@
+lexik_jwt_authentication:
+    # in production, the secret must be located in an environment variable
+    # for converting the file to a raw variable, use this command:
+    #
+    # cat path/to/private_or_public.pem | base64 -w0
+    #
+    # then copy past the printed string into the dedicated environment variable
+    secret_key: '%env(base64:resolve:JWT_SECRET_KEY)%'
+    public_key: '%env(base64:resolve:JWT_PUBLIC_KEY)%'

config/packages/security.yaml

@@ -29,6 +29,14 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
 
+        wopi:
+            pattern: ^/wopi
+            provider: chain_provider
+            stateless: true
+            guard:
+                authenticators:
+                    - lexik_jwt_authentication.jwt_token_authenticator
+
         default:
             anonymous: ~
             provider: chain_provider
@@ -38,7 +46,7 @@ security:
                 #csrf_provider: security.csrf.token_manager
             logout_on_user_change: true
             logout:
-                path: /saml/logout
+                path: /logout
 
             # uncomment to enable impersonate mode in Chill
             # https://symfony.com/doc/current/security/impersonating_user.html
@@ -54,7 +62,7 @@ security:
         - { path: ^/saml/metadata, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/(login|logout), roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/public, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/wopi, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/wopi, roles: IS_AUTHENTICATED_FULLY }
         # access for homepage, the homepage redirect admin to admin section
         - { path: ^/$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }
         - { path: ^/homepage$, roles: [ IS_AUTHENTICATED_REMEMBERED ] }

config/packages/test/doctrine.yaml

@@ -0,0 +1,4 @@
+doctrine:
+    dbal:
+        # "TEST_TOKEN" is typically set by ParaTest
+        dbname: 'main_test%env(default::TEST_TOKEN)%'

config/packages/wopi.yaml

@@ -1,3 +1,2 @@
 wopi:
   server: "%env(resolve:WOPI_SERVER)%"
-  access_token_ttl: 0

config/preload.php

@@ -0,0 +1,9 @@
+<?php
+
+if (file_exists(dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php')) {
+    require dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php';
+}
+
+if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
+    require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
+}

config/routes/chill_wopi.yaml

@@ -1,3 +1,3 @@
 chill_wopi_bundle:
   resource: '@ChillWopiBundle/Resources/config/routes/routes.php'
-  prefix: /wopi
+  prefix: /chill/wopi

config/services.yaml

@@ -19,7 +19,6 @@ services:
             - '../src/DependencyInjection/'
             - '../src/Entity/'
             - '../src/Kernel.php'
-            - '../src/Tests/'
 
     # controllers are imported separately to make sure services can be injected
     # as action arguments even if you don't extend any base controller class
@@ -36,15 +35,7 @@ services:
         resource: '../src/Service/'
 
 
-    Chill\WopiBundle\Service\Wopi\ChillWopi:
-        decorates: ChampsLibres\WopiLib\Contract\Service\WopiInterface
-        arguments:
-            $cache: '@cache.user_data'
-
     ChampsLibres\WopiLib\Service\DocumentLockManager:
         arguments:
             $cache: '@cache.user_data'
 
-    App\Service\Wopi\NullProofValidator:
-        decorates: ChampsLibres\WopiLib\Contract\Service\ProofValidatorInterface
-

docker-compose.override.dev.template.yml

@@ -18,6 +18,8 @@ services:
       - PHP_FPM_USER=1000
       - PHP_FPM_GROUP=100
       - COMPOSER_HOME=/var/www/app/.composer
+      # this is required to run tests with database from vendor/chill-project/chill-bundles directory
+      - DATABASE_URL=postgresql://postgres:postgres@db:5432/postgres?serverVersion=14&charset=utf8
     links:
       - smtp
 
@@ -26,9 +28,11 @@ services:
       - .:/var/www/app
 
   db:
-    image: postgis/postgis:12-3.1-alpine
     volumes:
       - ./docker/db/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
+        # if you prefer to store the data somewhere into your user path, instead of the docker's path
+        # this is useful not to loose data when you run `docker container prune` or `docker volume prune`
+      - /path/to/your/db/data:/var/lib/postgresql
     ports:
       - "127.0.0.1:5432:5432"
     environment:

docker-compose.yml

@@ -34,7 +34,7 @@ services:
     ports:
       - "8001:80"
   db:
-    image: postgis/postgis:12-3.1-alpine
+    image: postgis/postgis:14-3.3-alpine
     volumes:
       - ./docker/db/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
     ports:

docker-node.sh

@@ -18,4 +18,4 @@ docker run \
     --volume ${PWD}:/app \
     --workdir /app \
     --env YARN_CACHE_FOLDER=/app/.yarncache \
-    node:14 ${cmd}
+    node:16 ${cmd}

entrypoint.sh

@@ -6,13 +6,13 @@ set -e
 # waiting for the database to be ready
 if [ -z "${DATABASE_HOST}" ]; then
   while ! timeout 1 bash -c "cat < /dev/null > /dev/tcp/${DATABASE_HOST}/${DATABASE_PORT}"
-  do  
+  do
-    echo "$(date) : waiting one second for database"; 
+    echo "$(date) : waiting one second for database";
-    sleep 1; 
+    sleep 1;
   done
 
   echo "$(date) : the database is ready";
-else 
+else
   echo "we assume the database is ready";
 fi
 
@@ -36,8 +36,13 @@ fi
 if [ "${APP_ENV}" = "prod" ]; then
   composer dump-env "${APP_ENV}"
   chmod +r /var/www/app/.env.local.php
-fi
 
+  if [ "${PREVENT_MIGRATIONS}" != "true" ]; then
+    php /var/www/app/bin/console doctrine:migrations:status
+    php /var/www/app/bin/console doctrine:migrations:migrate -n
+    php /var/www/app/bin/console messenger:setup-transports
+  fi
+fi
 
 if [ "${CLEAR_CACHE}" != "false" ]; then
   #prepare cache

package.json

@@ -1,63 +1,11 @@
 {
-  "devDependencies": {
+  "workspaces": [
-    "@alexlafroscia/yaml-merge": "^4.0.0",
+    "vendor/chill-project/chill-bundles"
-    "@apidevtools/swagger-cli": "^4.0.4",
-    "@ckeditor/ckeditor5-build-classic": "^25.0.0",
-    "@ckeditor/ckeditor5-dev-utils": "^24.3.0",
-    "@ckeditor/ckeditor5-dev-webpack-plugin": "^24.3.0",
-    "@ckeditor/ckeditor5-markdown-gfm": "^25.0.0",
-    "@ckeditor/ckeditor5-theme-lark": "^25.0.0",
-    "@ckeditor/ckeditor5-vue": "^2.0.1",
-    "@symfony/webpack-encore": "^0.33.0",
-    "@vue/compiler-sfc": "^3.0.11",
-    "bindings": "^1.5.0",
-    "bootstrap": "^5.0.1",
-    "chokidar": "^3.5.1",
-    "fork-awesome": "^1.1.7",
-    "jquery": "^3.6.0",
-    "node-sass": "^4.14.1",
-    "popper.js": "^1.16.1",
-    "postcss-loader": "^3.0.0",
-    "raw-loader": "^3.1.0",
-    "sass-loader": "^9.0.1",
-    "select2": "^4.0.13",
-    "select2-bootstrap-theme": "0.1.0-beta.10",
-    "style-loader": "^1.3.0",
-    "vue-loader": "^16.0.0",
-    "webpack-cli": "^3.3.12"
-  },
-  "dependencies": {
-    "@fullcalendar/core": "^5.8.0",
-    "@fullcalendar/daygrid": "^5.8.0",
-    "@fullcalendar/interaction": "^5.8.0",
-    "@fullcalendar/list": "^5.8.0",
-    "@fullcalendar/timegrid": "^5.8.0",
-    "@fullcalendar/vue3": "^5.8.0",
-    "@popperjs/core": "^2.9.2",
-    "dropzone": "^5.7.6",
-    "es6-promise": "^4.2.8",
-    "leaflet": "^1.7.1",
-    "masonry-layout": "^4.2.2",
-    "mime-types": "^2.1.29",
-    "swagger-ui": "^3.48.0",
-    "vis-network": "^9.1.0",
-    "vue": "^3.0.11",
-    "vue-i18n": "^9.1.6",
-    "vue-multiselect": "3.0.0-alpha.2",
-    "vue-toast-notification": "^2.0",
-    "vuex": "^4.0.0"
-  },
-  "browserslist": [
-    "Firefox ESR"
   ],
+  "private": true,
   "scripts": {
-    "dev-server": "encore dev-server",
-    "dev": "encore dev",
-    "watch": "encore dev --watch",
-    "build": "encore production --progress",
     "specs-build": "yaml-merge vendor/chill-project/chill-bundles/src/Bundle/ChillMainBundle/chill.api.specs.yaml vendor/chill-project/chill-bundles/src/Bundle/ChillPersonBundle/chill.api.specs.yaml vendor/chill-project/chill-bundles/src/Bundle/ChillCalendarBundle/chill.api.specs.yaml vendor/chill-project/chill-bundles/src/Bundle/ChillThirdPartyBundle/chill.api.specs.yaml vendor/chill-project/chill-bundles/src/Bundle/ChillDocStoreBundle/chill.api.specs.yaml> templates/api/specs.yaml",
     "specs-validate": "swagger-cli validate templates/api/specs.yaml",
     "specs": "yarn run specs-build && yarn run specs-validate"
-  },
+  }
-  "private": true
 }

public/index.php

@@ -13,7 +13,7 @@ if ($_SERVER['APP_DEBUG']) {
 }
 
 if ($trustedProxies = $_SERVER['TRUSTED_PROXIES'] ?? false) {
-    Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_ALL ^ Request::HEADER_X_FORWARDED_HOST);
+    Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO);
 }
 
 if ($trustedHosts = $_SERVER['TRUSTED_HOSTS'] ?? false) {

symfony.lock

@@ -51,16 +51,17 @@
         "version": "v0.5.3"
     },
     "doctrine/doctrine-bundle": {
-        "version": "2.0",
+        "version": "2.7",
         "recipe": {
             "repo": "github.com/symfony/recipes",
-            "branch": "master",
+            "branch": "main",
-            "version": "2.0",
+            "version": "2.3",
-            "ref": "a9f2463b9f73efe74482f831f03a204a41328555"
+            "ref": "b8ddff356705ad8e704ea75b6872ce89a15d614d"
         },
         "files": [
             "config/packages/doctrine.yaml",
             "config/packages/prod/doctrine.yaml",
+            "config/packages/test/doctrine.yaml",
             "src/Entity/.gitignore",
             "src/Repository/.gitignore"
         ]
@@ -165,6 +166,18 @@
     "knplabs/knp-time-bundle": {
         "version": "v1.12.0"
     },
+    "knpuniversity/oauth2-client-bundle": {
+        "version": "2.11",
+        "recipe": {
+            "repo": "github.com/symfony/recipes-contrib",
+            "branch": "main",
+            "version": "1.20",
+            "ref": "1ff300d8c030f55c99219cc55050b97a695af3f6"
+        },
+        "files": [
+            "config/packages/knpu_oauth2_client.yaml"
+        ]
+    },
     "laminas/laminas-code": {
         "version": "3.4.1"
     },
@@ -174,6 +187,18 @@
     "league/csv": {
         "version": "9.6.2"
     },
+    "lexik/jwt-authentication-bundle": {
+        "version": "2.16",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "2.5",
+            "ref": "5b2157bcd5778166a5696e42f552ad36529a07a6"
+        },
+        "files": [
+            "config/packages/lexik_jwt_authentication.yaml"
+        ]
+    },
     "loophp/psr-http-message-bridge-bundle": {
         "version": "1.0.0"
     },
@@ -530,15 +555,16 @@
         "version": "4.4",
         "recipe": {
             "repo": "github.com/symfony/recipes",
-            "branch": "master",
+            "branch": "main",
             "version": "4.4",
-            "ref": "af2e2efad553bc959a0c61d9185e33ca9eec5c99"
+            "ref": "24eb45d1355810154890460e6a05c0ca27318fe7"
         },
         "files": [
             "config/bootstrap.php",
             "config/packages/cache.yaml",
             "config/packages/framework.yaml",
             "config/packages/test/framework.yaml",
+            "config/preload.php",
             "config/routes/dev/framework.yaml",
             "config/services.yaml",
             "public/index.php",
@@ -582,6 +608,18 @@
             "ref": "fadbfe33303a76e25cb63401050439aa9b1a9c7f"
         }
     },
+    "symfony/messenger": {
+        "version": "5.4",
+        "recipe": {
+            "repo": "github.com/symfony/recipes",
+            "branch": "main",
+            "version": "5.4",
+            "ref": "dfe610928a5c61619bdfc830cd7fa7f091368023"
+        },
+        "files": [
+            "config/packages/messenger.yaml"
+        ]
+    },
     "symfony/mime": {
         "version": "v5.3.8"
     },

tsconfig.json

@@ -0,0 +1,30 @@
+{
+  "extends": "@tsconfig/node14/tsconfig.json",
+  "compilerOptions": {
+    "lib": [
+      "es2020",
+      "dom"
+    ],
+    "module": "es6",
+    "moduleResolution": "node",
+    "isolatedModules": true,
+    "allowJs": false,
+    "checkJs": false,
+    "importHelpers": true,
+    "allowSyntheticDefaultImports": true,
+    "types": [
+      "node"
+    ],
+    "sourceMap": true
+  },
+  "includes": [
+    "./vendor/chill-project/chill-bundles/src/Bundle/**/*.ts",
+    "./vendor/chill-project/chill-bundles/src/Bundle/**/*.vue",
+    "./src/**/*.ts",
+    "./src/**/*.vue"
+  ],
+  "exclude": [
+    "./vendor/chill-project/chill-bundles/tests/*",
+    "./vendor/chill-project/chill-bundles/docs/*"
+  ]
+}

webpack.config.js

@@ -3,9 +3,9 @@ const { resolve, parse } = require('path');
 const { readdir } = require('fs').promises;
 
 /**
- * get the file names inside given directory recursively, limiting to 
+ * get the file names inside given directory recursively, limiting to
  * a given depth in the recursion
- * 
+ *
  * @param string  dir    the directory
  * @param int     depth  the maximum depth to look into
  */
@@ -28,22 +28,22 @@ async function* getFiles(dir, depth, ignored) {
 /**
  * populate the config of encore in directories inside `'./src'` and
  * `'./vendor'` and letting them to alter the encore config.
- * 
+ *
  * if a file `chill.webpack.config.js` is found, the default function is
- * imported and executed. This function receive two arguments: 
+ * imported and executed. This function receive two arguments:
- * 
+ *
  * - `Encore`, the main encore object
  * - `chillEntries`: the entries which will be appended to the main `chill` module,
  * resulting in a chill.js and chill.css file.
- * 
+ *
  */
 async function populateConfig(Encore, chillEntries) {
     // chill-main contains some bootstrap that must be loaded first.
     // we register them first and, then, store this chill.webpack.config.js file
     // into `toIgnore`, ignoring it when we loop on other folders.
-    let 
+    let
         toIgnore = [];
-        
+
     // loop into chill main
     for await (const f of getFiles('./vendor/chill-project/chill-bundles/src/Bundle/ChillMainBundle/', 1, [])) {
         let filename = parse(f).base;
@@ -53,7 +53,7 @@ async function populateConfig(Encore, chillEntries) {
             toIgnore.push(f);
         }
     }
-    
+
     // loop into other chill bundles
     for await (const f of getFiles('./vendor/chill-project/chill-bundles/src/Bundle', 2, toIgnore)) {
         let filename = parse(f).base;
@@ -62,7 +62,7 @@ async function populateConfig(Encore, chillEntries) {
             configure(Encore, chillEntries);
         }
     }
-    
+
     // loop into other vendors
     for await (const f of getFiles('./vendor/', 3, toIgnore)) {
         let filename = parse(f).base;
@@ -71,7 +71,7 @@ async function populateConfig(Encore, chillEntries) {
             configure(Encore, chillEntries);
         }
     }
-    
+
     // loop into src directory
     for await (const f of getFiles('./src', 3, [])) {
         let filename = parse(f).base;
@@ -84,23 +84,37 @@ async function populateConfig(Encore, chillEntries) {
 
 // export the final configuration
 module.exports = (async () => {
+
+   // Manually configure the runtime environment if not already configured yet by the "encore" command.
+   // It's useful when you use tools that rely on webpack.config.js file.
+   if (!Encore.isRuntimeEnvironmentConfigured()) {
+      Encore.configureRuntimeEnvironment(process.env.NODE_ENV || 'dev');
+   }
     // basic encore configuration
     Encore
         .setOutputPath('public/build/')
         .setPublicPath('/build')
         .enableSassLoader()
-        .enableVueLoader(() => {}, { 
+        .enableVueLoader(() => {}, {
             version: 3
         })
+        .enableTypeScriptLoader(function (tsConfig){
+           tsConfig.appendTsSuffixTo = [/\.vue$/];
+           tsConfig.appendTsxSuffixTo = [/\.vue$/];
+           // temporary fix for https://github.com/vuejs/vue-loader/issues/1915 and https://github.com/vuejs/core/issues/2855
+           tsConfig.compilerOptions = {strict: !Encore.isProduction()};
+           tsConfig.silent = false;
+        })
+        //.enableForkedTypeScriptTypesChecking()
         .autoProvidejQuery()
         .enableSourceMaps(!Encore.isProduction())
         .cleanupOutputBeforeBuild()
         .enableVersioning()
         .enableSingleRuntimeChunk()
         .splitEntryChunks()
-        .addLoader({ test: /\.pdf$/, loader: 'file-loader', options: { name: '[name]_[hash].[ext]', outputPath: 'pdf/' } })
+        //.addLoader({ test: /\.pdf$/, loader: 'file-loader', options: { name: '[name]_[hash].[ext]', outputPath: 'pdf/' } })
     ;
-    
+
     // populate config with chill entries
     let chillEntries = [];
     await populateConfig(Encore, chillEntries);
@@ -109,7 +123,7 @@ module.exports = (async () => {
     if (!Encore.isProduction()) {
         Encore
             .addEntry('swagger', __dirname + '/assets/swagger-ui/index.js')
-            .addLoader({ 
+            .addLoader({
                 test: /\.yaml$/,
                 type: 'json',
                 use: [