Api-platform: Make documentation public but put endpoints behind firewall

Created on 6 Jul 2017  路  3Comments  路  Source: api-platform/api-platform

I might have missed something from the documentation but it looks like if you enable JWT for your API your Swagger documentation becomes unusable as you can't view it in webbrowsers anymore. Is there a configuration that you can set the docs to a different URL that you can open up?

picture sverraest

Most helpful comment

I use this snippet:

    access_control:
        - { path: (?:^/$)|(?:^/docs)|(?:^/contexts/), roles: IS_AUTHENTICATED_ANONYMOUSLY }
picture dunglas on 6 Jul 2017
👍2

All 3 comments

I use this snippet:

    access_control:
        - { path: (?:^/$)|(?:^/docs)|(?:^/contexts/), roles: IS_AUTHENTICATED_ANONYMOUSLY }
dunglas picture dunglas on 6 Jul 2017
👍2

Hi @dunglas, not sure how that would help? Just tried it but I keep getting JWT token not found on the documentation.
That pattern doesn't match the documentation.
It's just baseurl/api, baseurl/api/index.html, baseurl/index.html#!/Brand/postBrandCollection etc..

Firewall is setup with pattern /api.

firewalls:
        api_login:
            pattern:  ^/api/login
            stateless: true
            anonymous: true
            provider:   fos_userbundle
            form_login:
                provider:   fos_userbundle
                check_path:               /api/login_check
                success_handler:          lexik_jwt_authentication.handler.authentication_success
                failure_handler:          lexik_jwt_authentication.handler.authentication_failure
                require_previous_session: false

        api:
            pattern:   ^/api
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
            logout:       true
            anonymous:    true


    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/css, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/js, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/images, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/img, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api,       roles: ROLE_API}
        - { path: ^/, role: ROLE_SUPER_ADMIN }
sverraest picture sverraest on 6 Jul 2017

you need anonymous: true in the api firewall and to adapt the regex like this: (?:^/api/$)|(?:^/api/docs)|(?:^api/contexts/)

dunglas picture dunglas on 6 Jul 2017
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

benbender picture benbender  路  4Comments
Aerendir picture Aerendir  路  4Comments
florent-andre picture florent-andre  路  3Comments
MLKiiwy picture MLKiiwy  路  4Comments
PierreNAPOLETANO picture PierreNAPOLETANO  路  3Comments