0

I want to log the issed and encoded JWT token into the database. I am using my JWTlogger, which is initiated by the event JWTcreated. It works fine, I just do not know how to get the encoded jwt string. I know storing it in the DB is not a great idea, but this is a test task. The method $this->tokenStorage->getToken() returns UsernamePasswordToken(user="admin@admin.com", roles="ROLE_USER") I want the whole encoded token.

<?php
namespace App\Security;

use App\Entity\Token;
use App\Entity\User;
use Doctrine\Persistence\ManagerRegistry;
use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTCreatedEvent;
use Lexik\Bundle\JWTAuthenticationBundle\Security\Authenticator\JWTAuthenticator;
use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTManager;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;

class JWTLogger extends JWTAuthenticator
{

private $doctrine;
private $tokenStorage;

public function __construct(ManagerRegistry $doctrine, TokenStorageInterface $tokenStorage)
{        
    $this->doctrine = $doctrine;      
    $this->tokenStorage = $tokenStorage;
}

/**
 * @param JWTCreatedEvent $event
 *
 * @return void
 */
public function onJWTCreated(JWTCreatedEvent $event)
{
    $this->logJWTToken($event->getUser());
}

private function logJWTToken(User $user): void
{        
    $entityManager = $this->doctrine->getManager();
    $dbtoken = new Token();
    // insert encoded token here
    $dbtoken->setToken($this->tokenStorage->getToken());
    $dbtoken->setUserId($user);
    $entityManager->persist($dbtoken);
    $entityManager->flush();
}
}
Casso
  • 139
  • 6

1 Answers1

0

One approach is to implement your own authenticator for JWT token creation. Here you can find the link for

how to create custom authenticator

We implemented our own token issuer using lexik JWT bundle methods. First we got email and password from request and used symfony passport to validate the user, after validation we issued the token in onAuthenticationSuccess method by using JWTTokenManagerInterface method createFromPayload with custom information, you can decode your already issued token to check current payload so you can set the payload accordingly or with extra information but beware as it is decodable by base64. At the time when you issue the token you can save it in the database immediately.

Or you can grab the token in api authenticator from header either using TokenExtractor or $request->headers->get('Authorization') and save it in the database.

For further event list you can find all the events here: JWT events by using you can get the token I think.

wui
  • 400
  • 3
  • 11
  • I believe the TokenExtractor can get the Authorization token from the INCOMING request. But I want to save the token only once, when it is created. At that point it is not yet in the incoming request. I want to grab the encoded token in the outgoing response, once, right after it was created. If there is an option to do that, I would prefer it to a custom authenticator. – Casso Feb 03 '23 at 10:57
  • Then you can use a custom authenticator and after validating login and password, you can create the token programmatically and save it then, it will be saved once. For other requests afterwards you can create apitoken authenticator. – wui Feb 06 '23 at 07:25