Lexikjwtauthenticationbundle: No encoder has been configured

Created on 3 Oct 2018  路  5Comments  路  Source: lexik/LexikJWTAuthenticationBundle

I'm trying to follow doc about user provider, but I'm getting the following exception:

No encoder has been configured for account "Lexik\Bundle\JWTAuthenticationBundle\Security\User\JWTUser".

here is my security.yaml

security:
    providers:
        jwt:
            lexik_jwt: ~
    firewalls:
        dev:
            pattern: ^/api/_(profiler|wdt)/
            security: false
        login:
            pattern: ^/api/v1/login
            stateless: true
            anonymous: true
            json_login:
                check_path: /api/v1/login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
        api:
            pattern: ^/api/v1
            stateless: true
            provider: jwt
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
    access_control:
        - { path: ^/api/v1/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/v1, roles: IS_AUTHENTICATED_FULLY }

I'm using Symfony 4.1.3. The exception is occurring when i try to call my login_check URL.

Here is a stack trace of exception

at /myproject/vendor/symfony/security/Core/Encoder/EncoderFactory.php:51
at Symfony\Component\Security\Core\Encoder\EncoderFactory->getEncoder(object(JWTUser))
(/myproject/vendor/symfony/security/Core/Authentication/Provider/DaoAuthenticationProvider.php:57)
at Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider->checkAuthentication(object(JWTUser), object(UsernamePasswordToken))
(/myproject/vendor/symfony/security/Core/Authentication/Provider/UserAuthenticationProvider.php:80)
at Symfony\Component\Security\Core\Authentication\Provider\UserAuthenticationProvider->authenticate(object(UsernamePasswordToken))
(/myproject/vendor/symfony/security/Core/Authentication/AuthenticationProviderManager.php:76)
at Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager->authenticate(object(UsernamePasswordToken))
(/myproject/vendor/symfony/security/Http/Firewall/UsernamePasswordJsonAuthenticationListener.php:121)
at Symfony\Component\Security\Http\Firewall\UsernamePasswordJsonAuthenticationListener->handle(object(GetResponseEvent))
(/myproject/vendor/symfony/security-bundle/Debug/WrappedListener.php:46)
at Symfony\Bundle\SecurityBundle\Debug\WrappedListener->handle(object(GetResponseEvent))
(/myproject/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php:35)
at Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener->handleRequest(object(GetResponseEvent), object(RewindableGenerator))
(/myproject/vendor/symfony/security/Http/Firewall.php:61)
at Symfony\Component\Security\Http\Firewall->onKernelRequest(object(GetResponseEvent))
(/myproject/vendor/symfony/security-bundle/EventListener/FirewallListener.php:48)
at Symfony\Bundle\SecurityBundle\EventListener\FirewallListener->onKernelRequest(object(GetResponseEvent), 'kernel.request', object(TraceableEventDispatcher))
(/myproject/vendor/symfony/event-dispatcher/Debug/WrappedListener.php:104)
at Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object(GetResponseEvent), 'kernel.request', object(EventDispatcher))
(/myproject/vendor/symfony/event-dispatcher/EventDispatcher.php:212)
at Symfony\Component\EventDispatcher\EventDispatcher->doDispatch(array(object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener)), 'kernel.request', object(GetResponseEvent))
(/myproject/vendor/symfony/event-dispatcher/EventDispatcher.php:44)
at Symfony\Component\EventDispatcher\EventDispatcher->dispatch('kernel.request', object(GetResponseEvent))
(/myproject/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:141)
at Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch('kernel.request', object(GetResponseEvent))
(/myproject/vendor/symfony/http-kernel/HttpKernel.php:125)
at Symfony\Component\HttpKernel\HttpKernel->handleRaw(object(Request), 1)
(/myproject/vendor/symfony/http-kernel/HttpKernel.php:66)
at Symfony\Component\HttpKernel\HttpKernel->handle(object(Request), 1, true)
(/myproject/vendor/symfony/http-kernel/Kernel.php:188)
at Symfony\Component\HttpKernel\Kernel->handle(object(Request))
(/myproject/public/index.php:28)

Support

Most helpful comment

Hi, I think your missing the encoder

encoders:
       Lexik\Bundle\JWTAuthenticationBundle\Security\User\JWTUser:
           algorithm: bcrypt

entire code will look like

security:
    encoders:
       Lexik\Bundle\JWTAuthenticationBundle\Security\User\JWTUser:
           algorithm: bcrypt
    providers:
        jwt:
            lexik_jwt: ~
    firewalls:
        dev:
            pattern: ^/api/_(profiler|wdt)/
            security: false
        login:
            pattern: ^/api/v1/login
            stateless: true
            anonymous: true
            json_login:
                check_path: /api/v1/login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
        api:
            pattern: ^/api/v1
            stateless: true
            provider: jwt
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
    access_control:
        - { path: ^/api/v1/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/v1, roles: IS_AUTHENTICATED_FULLY }

You will need another provider though, to get users from your database or where ever.

All 5 comments

Here is my configuration, it could be useful:

Current configuration for extension with alias "lexik_jwt_authentication"
=========================================================================

lexik_jwt_authentication:
    secret_key: /var/www/symfony/config/jwt/private.pem
    public_key: /var/www/symfony/config/jwt/public.pem
    pass_phrase: '%env(JWT_PASSPHRASE)%'
    private_key_path: null
    public_key_path: null
    token_ttl: 3600
    clock_skew: 0
    encoder:
        service: lexik_jwt_authentication.encoder.lcobucci
        signature_algorithm: RS256
        crypto_engine: openssl
    user_identity_field: username
    token_extractors:
        authorization_header:
            enabled: true
            prefix: Bearer
            name: Authorization
        cookie:
            enabled: false
            name: BEARER
        query_parameter:
            enabled: false
            name: bearer

I'm getting the same result, have you get an advance?

I'm getting the same result

I think is missing information in the documentation, the login_check endpoint validate user and password, but using JWT only encrypt the user, so debuging there is not password and the fail

Hi, I think your missing the encoder

encoders:
       Lexik\Bundle\JWTAuthenticationBundle\Security\User\JWTUser:
           algorithm: bcrypt

entire code will look like

security:
    encoders:
       Lexik\Bundle\JWTAuthenticationBundle\Security\User\JWTUser:
           algorithm: bcrypt
    providers:
        jwt:
            lexik_jwt: ~
    firewalls:
        dev:
            pattern: ^/api/_(profiler|wdt)/
            security: false
        login:
            pattern: ^/api/v1/login
            stateless: true
            anonymous: true
            json_login:
                check_path: /api/v1/login_check
                success_handler: lexik_jwt_authentication.handler.authentication_success
                failure_handler: lexik_jwt_authentication.handler.authentication_failure
        api:
            pattern: ^/api/v1
            stateless: true
            provider: jwt
            guard:
                authenticators:
                    - lexik_jwt_authentication.jwt_token_authenticator
    access_control:
        - { path: ^/api/v1/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/v1, roles: IS_AUTHENTICATED_FULLY }

You will need another provider though, to get users from your database or where ever.

Was this page helpful?
0 / 5 - 0 ratings