Lexikjwtauthenticationbundle: Unable to create a signed JWT from the given configuration.

Created on 30 Jul 2018  路  11Comments  路  Source: lexik/LexikJWTAuthenticationBundle

Hello, I have a problem with Lexik and easy admin....

I have this message: " An exception has been thrown during the rendering of a template ("Unable to create a signed JWT from the given configuration."). "

this is my paramettre.yml

parameters:
    database_host: 127.0.0.1
    database_port: null
    database_name: symfony
    database_user: root
    database_password: null
    mailer_transport: smtp
    mailer_host: 127.0.0.1
    mailer_user: [email protected]
    mailer_password: 12399201
    secret: MySecretStoryIsSoAwesome
    jwt_private_key_path: '%kernel.root_dir%/../jwt/private.pem'
    jwt_public_key_path: '%kernel.root_dir%/../jwt/public.pem'
    jwt_key_pass_phrase: SecretForAPI
    jwt_token_ttl: 3600


security.yml

# To get started with security, check out the documentation:
# https://symfony.com/doc/current/security.html
security:

    encoders:
        NAO\UserBundle\Entity\User: sha512

    role_hierarchy:
        ROLE_USER: ROLE_USER
        ROLE_NATURALISTE: [ROLE_ADMIN, ROLE_USER]
        ROLE_ADMIN: ROLE_ADMIN
        ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        fosFournisseur:
            id: fos_user.user_provider.username

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        login:
            pattern:  ^/API/login
            stateless: true
            anonymous: true
            form_login:
                check_path: /API/login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure

        post_observation:
           methods: [POST]
           pattern: ^/API/observation/search
           security: false

        post_taxref:
            methods: [POST]
            pattern: ^/API/taxref/search
            security: false

        api:
            pattern:    ^/API
            stateless: true
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator


        main:
            pattern: ^/
            anonymous: true
            provider: fosFournisseur
            form_login:
                csrf_token_generator: security.csrf.token_manager
                login_path: fos_user_security_login
                check_path: fos_user_security_check
                default_target_path: /
            logout:
                path: fos_user_security_logout
                target: fos_user_security_login
            logout_on_user_change: true
            remember_me:
                secret: "%secret%"

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/contact, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/profile, role: ROLE_USER }
        - { path: ^/observation, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_ADMIN}
        - { path: ^/API, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/API/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }

So When i have not connect on the site no problem i can read a page and token, but when i'm connected with easy admin bundle i have an errore ...

Most helpful comment

symfony 4: make sure that value of JWT_PASSPHRASE from .env file is the same you enter in terminal while generating the keys with openssl

All 11 comments

I got the same issue, but as stated in this comment in issue #532, try to regenerate the certificates.

Regenerating the certificates (jwt/public.pem and jwt/private.pem) helps in my case.

Why? I don't know.

Lol a tutorial? because I run under windows 10 ...
And I can not launch the command

$ mkdir -p config/jwt # For Symfony3+, no need of the -p option $ openssl genrsa -out config/jwt/private.pem -aes256 4096 $ openssl rsa -pubout -in config/jwt/private.pem -out config/jwt/public.pem

So passed with Linux for generate key and it's ok

Closing as resolved

symfony 4: make sure that value of JWT_PASSPHRASE from .env file is the same you enter in terminal while generating the keys with openssl

symfony 4: make sure that value of JWT_PASSPHRASE from .env file is the same you enter in terminal while generating the keys with openssl

Thakns it's works

Just for the record, does installing this bundle with Symfony Flex generate the key pair too?

@Albert221 nope, you have to generate them. Either use the generated JWT_PASSPHRASE for creating them, or update the JWT_PASSPHRASE in your .env afterwards.

I had the same error.
In my case the passphrase was good.
It was a problem with symlink. To have it work I delete symlink to the keys and regenerate the keys.

for linux it s work fine :

$ openssl genrsa -out config/jwt/private.pem -aes256 4096
$ openssl rsa -pubout -in config/jwt/private.pem -out config/jwt/public.pem

Was this page helpful?
0 / 5 - 0 ratings