Jeroen de Boer
Jeroen de Boer
This happens because in the latest release the authenticator only reports support for requests where the refresh token is present. A fix has been merged (just now) but has not...
@vandal-kherson @disstudio @badr-ou The issue you mention (ie. 404 if the `controller: gesdinet.jwtrefreshtoken::refresh` is removed from `routes.yaml`) only occurs on "empty" GET requests without a `refresh_token` in the request. The...
@BernardA the initial problem was that the `refresh_jwt` authenticator would only support requests where the `refresh_token` was available. If it was not available in the request, the authenticator would not...
Oh yeah, I'm actually getting the same deprecation notice. In my case it seems to be API Platform's `ReflectionClassRecursiveIterator` which is including all PHP files in given directories (which probably...
@BernardA @Khatib-Abbas So it's like I explained above, this happens because API Platform's [`ReflectionClassRecursiveIterator`](https://github.com/api-platform/core/blob/v2.6.8/src/Util/ReflectionClassRecursiveIterator.php#L49) includes *all* files inside some given `$directories`, which ends up loading this deprecated class, even if...
Can you expand on what you mean regarding the unix_time format? `DateTime` objects should support comparison with the `>=` type operators.
@dmorfav I suspect you're generating a unix timestamp and saving it as an integer in `$this->valid`, while that should be a `DateTime` object. You can use `DateTime::setTimestamp()` and `DateTime::getTimestamp()` to...
Hi, I've got some issues I can't figure out using version `1.0.0-beta3` and `dev-master` on Symfony 5.3: Following the docs for 5.3+, I configured as follows: security.yaml: ```yaml security: enable_authenticator_manager:...
Thanks for the suggestion @mbabker, but without the controller in the route definition I get the following error: ``` Unable to find the controller for path "/api/token/refresh". The route is...
The second entry in `access_control` is `^/api/token` - I figured it would match both `/api/token/auth` and `/api/token/refresh`, which should both be accessible anonymously. Splitting it to one entry for `^/api/token/auth`...