JWT key for mercure

Question

I try generate JWT key for Mercure settings

I use this manual

https://medium.com/@stefan.poeltl/instant-realtime-notifications-with-symfony-and-mercure-e45270f7c8a5

for pass myJWTKey JWT is

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6W10sInB1Ymxpc2giOlsiKiJdfX0.iTVjHoLv9bB-O5RNnTtzOFxIW-YECk2JXZeMekZ4GwA

I found a token builder ( Signed JSON Web Token )

http://jwtbuilder.jamiekurtz.com/

but I find no setting that generates a correct JWT. How do I do it? What I miss?

I tried generate token for env settings

MERCURE_PUBLISH_URL=http://mercure.dev:3000/.well-known/mercure
# The default token is signed with the secret key: !ChangeMe!
MERCURE_JWT_TOKEN=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjdXJlIjp7InN1YnNjcmliZSI6W10sInB1Ymxpc2giOlsiKiJdfX0.iTVjHoLv9bB-O5RNnTtzOFxIW-YECk2JXZeMekZ4GwA
###< symfony/mercure-bundle ###

This token is for default password in docker-compose

 mercure:
      image: dunglas/mercure
      environment:
        # You should definitely change all these values in production
        - JWT_KEY=myJWTKey
        - DEMO=1
        - ALLOW_ANONYMOUS=1
        - HEARTBEAT_INTERVAL=30s
        - ADDR=:3000

if I change myJWTKey to mysecure pass - how I can generate token?

Daidon · Answer 1 · 2020-06-23T10:48:28.563

You can use different libraries for doing that, a very simple and fast one would be php-jwt

Then do

composer require firebase/php-jwt

And in the code you can do then:

use \Firebase\JWT\JWT;

$key = "12345678";
$payload = [
    'mercure' => [
        'publish' => ['*'],
    ],
];
$jwt = JWT::encode($payload, $key); // holds valid jwt now

The library will automatically inject the headers that you need (default: alg HS256, typ: jwt) and set the payload for you. Then it encodes it to base64 and signs it also.

Go on and set a cookie with this jwt or use it in authorization header now :-)

If you want to use the JWT for subscriber authentication, don't forget to put the subscribe key in the payload.

$payload = [
    'mercure' => [
        'subscribe' => ['*'], // make this a list of concrete topics, don't use *
    ],
];

Also for that usecase, you can carry around some data in the cookie, by providing a payload key with an object:

$payload = [
    'mercure' => [
        'subscribe' => ['*'],
        'payload' => [
            'userId' => $user->getId()
        ]
    ],
];

Alex Bacart · Accepted Answer · 2021-08-01T19:02:28.787

Just an addition to a great answer by @Daidon. Mercure bundle uses lcobucci/jwt and registers it's factory as a service.

If you want to generate JWT do the following

Pass the factory as an argument with @mercure.hub.default.jwt.factory (here default is for your hub name)
In your service/controller

public function generateJwt(LcobucciFactory $factory): string
{
    return $factory->create(['*']);
}

UPD: even easier way to get a JWT token

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Mercure\Authorization;

public function generateJwt(Request $request, Authorization $authorization): string
{
    return $authorization->createCookie($request, ['*'])->getValue();
}

score 1 · Answer 3 · answered Mar 25 '20 at 20:05

1

Apologize for late answer, you can simply generate new jwt token once using the official page https://jwt.io/.

answered Mar 25 '20 at 20:05

Beniamin

550
1
4
13

The jwt is supposed to be recreated every now and then especially if you want to use authorization. Using jwt.io is not gonna help. – Daidon Jun 23 '20 at 10:35

JWT key for mercure

3 Answers3