Nelmioapidocbundle: [3.0] Authenticated request configuration

Created on 31 Oct 2017  路  5Comments  路  Source: nelmio/NelmioApiDocBundle

Hi,
I'm trying work with the new 3.0.0-BETA4 version but the Authentication feature fails all the time.

If I try to access an action behind my firewall, without authorization I get the usual 403 error, but once I authorize with a valid token and then try again to access to the same action, the Javascript seems to load infinitely and I've got this error in my console.
image

Any idea of what's happening?

Here is my firewall configuration :
``` firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
auth:
pattern: ^/api/?$|^/api/(auth|doc)
security: true
anonymous: true
provider: isba_user
isba_wsse:
pattern: ^/
stateless: true
wsse: true

and my nelmio config : 
securityDefinitions:
  api_key:
    type: apiKey
    description: The token you got on login action.
    name: Authorization
    in: header
security:
  api_key: []

```

Most helpful comment

Adding the Polyfill foreach function makes all work.

if (!Object.prototype.forEach) {
    Object.defineProperties(Object.prototype, {
        'forEach': {
            value: function (callback) {
                if (this == null) {
                    throw new TypeError('Not an object');
                }
                var obj = this;
                for (var key in obj) {
                    if (obj.hasOwnProperty(key)) {
                        callback.call(obj, obj[key], key, obj);
                    }
                }
            },
            writable: true
        }
    });
}

All 5 comments

Adding the Polyfill foreach function makes all work.

if (!Object.prototype.forEach) {
    Object.defineProperties(Object.prototype, {
        'forEach': {
            value: function (callback) {
                if (this == null) {
                    throw new TypeError('Not an object');
                }
                var obj = this;
                for (var key in obj) {
                    if (obj.hasOwnProperty(key)) {
                        callback.call(obj, obj[key], key, obj);
                    }
                }
            },
            writable: true
        }
    });
}

@timotheemoulin is that something that should be added in the bundle ?

Hi @GuilhemN
Yeah I guess that would be great. This seems to be a quite popular way to handle it and it worked great for me.

Ok, I'll look into it soon then :)

@timotheemoulin Just had the same problem as you and found another solution. Security should be an array, so in your nelmio config you should have a dash for each security parameter (in your case api_key):

    securityDefinitions:
      api_key:
        type: apiKey
        description: The token you got on login action.
        name: Authorization
        in: header
    security:
      - api_key: []
Was this page helpful?
0 / 5 - 0 ratings