Search code examples
restapiauthenticationsymfony-3.3

JWTDecodeFailureException - Unable to verify the given JWT through the given configuration

I'm in a bad situation for about 3 days, I'm trying to make a simple auth & register app, but I'm always getting this 500 error when using the token I'm generating :

Unable to verify the given JWT through the given configuration. If the "lexik_jwt_authentication.encoder" encryption options have been changed since your last authentication, please renew the token. If the problem persists, verify that the configured keys/passphrase are valid.

I was wondering what couldn't be good actually, here's my config : In parameters.yml jwt_public_key_path: '%kernel.root_dir%/../var/jwt/public.pem' jwt_private_key_path: '%kernel.root_dir%/../var/jwt/private.pem' jwt_key_pass_phrase: pass jwt_token_ttl: 3600

The config.yml lexik_jwt_authentication: private_key_path: '%jwt_private_key_path%' public_key_path: '%jwt_public_key_path%' pass_phrase: 'pass' token_ttl: '36000' token_extractors: authorization_header: # look for a token as Authorization Header enabled: true prefix: Bearer name: Authorization cookie: # check token in a cookie enabled: false name: BEARER query_parameter: # check token in query string parameter enabled: false name: bearer

The security.yml ``` firewalls: main: pattern: ^/ anonymous: true stateless: true

        logout:       true
        anonymous:    true
        guard:
            authenticators:
                - 'token_authenticator'

    login:
        pattern:  ^/api/login
        stateless: true
        anonymous: true
        form_login:
            check_path:               /api/login_check
            success_handler:          lexik_jwt_authentication.handler.authentication_success
            failure_handler:          lexik_jwt_authentication.handler.authentication_failure
            require_previous_session: false
            username_parameter: username
            password_parameter: password

    api:
        pattern:   ^/api
        stateless: true
        guard:
            authenticators:
                - lexik_jwt_authentication.jwt_token_authenticator

```

I'm on v2.4 /w SF 3.3@dev, and it seems that somewhere between the versions something crashed. Still, even after renewing the keys/regenerating a token, nothing is good for the moment and I've always this error.

I'm currently doing my requests through Postman, the Token is correctly generated and the problem is not coming from the Authorization param in the header, I've tried a lot of stuff on it to see if it was my fault or not, seems not in this case,

Any helps / tips on this is highly appreciated :)

Solution

  • You should regenerate your public and private keys using the following commands:

    openssl genrsa -out config/jwt/private.pem -aes256 4096
openssl rsa -pubout -in config/jwt/private.pem -out config/jwt/public.pem

    And make sure the passphrase is 'pass' for the configuration to work.