Chapters
37 Chapters
|
3:43:31
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2",
"ext-ctype": "*",
"ext-iconv": "*",
"api-platform/core": "^3.0", // v3.1.2
"doctrine/annotations": "^2.0", // 2.0.1
"doctrine/doctrine-bundle": "^2.8", // 2.8.3
"doctrine/doctrine-migrations-bundle": "^3.2", // 3.2.2
"doctrine/orm": "^2.14", // 2.14.1
"nelmio/cors-bundle": "^2.2", // 2.2.0
"nesbot/carbon": "^2.64", // 2.66.0
"phpdocumentor/reflection-docblock": "^5.3", // 5.3.0
"phpstan/phpdoc-parser": "^1.15", // 1.16.1
"symfony/asset": "6.2.*", // v6.2.5
"symfony/console": "6.2.*", // v6.2.5
"symfony/dotenv": "6.2.*", // v6.2.5
"symfony/expression-language": "6.2.*", // v6.2.5
"symfony/flex": "^2", // v2.2.4
"symfony/framework-bundle": "6.2.*", // v6.2.5
"symfony/property-access": "6.2.*", // v6.2.5
"symfony/property-info": "6.2.*", // v6.2.5
"symfony/runtime": "6.2.*", // v6.2.5
"symfony/security-bundle": "6.2.*", // v6.2.6
"symfony/serializer": "6.2.*", // v6.2.5
"symfony/twig-bundle": "6.2.*", // v6.2.5
"symfony/ux-react": "^2.6", // v2.7.1
"symfony/ux-vue": "^2.7", // v2.7.1
"symfony/validator": "6.2.*", // v6.2.5
"symfony/webpack-encore-bundle": "^1.16", // v1.16.1
"symfony/yaml": "6.2.*" // v6.2.5
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.4", // 3.4.2
"mtdowling/jmespath.php": "^2.6", // 2.6.1
"phpunit/phpunit": "^9.5", // 9.6.3
"symfony/browser-kit": "6.2.*", // v6.2.5
"symfony/css-selector": "6.2.*", // v6.2.5
"symfony/debug-bundle": "6.2.*", // v6.2.5
"symfony/maker-bundle": "^1.48", // v1.48.0
"symfony/monolog-bundle": "^3.0", // v3.8.0
"symfony/phpunit-bridge": "^6.2", // v6.2.5
"symfony/stopwatch": "6.2.*", // v6.2.5
"symfony/web-profiler-bundle": "6.2.*", // v6.2.5
"zenstruck/browser": "^1.2", // v1.2.0
"zenstruck/foundry": "^1.26" // v1.28.0
}
}
13 Comments
Hi guys, I follow all code but after I decorate the api_platform with the decorator, I paste a token on swagger and when I try a simple GET I receive '
do i need to specify the stateless parameter in security.yaml? I'm with symfony 7.2 and in the video i didn't see the stateless pass, i was wondering if it should be done or not. thanks
If I add
stateless: truesolved I paste below my yaml config:Hi,
Yeah but in this case you will loose session login and you will need to pass token in each request. There is a little tip on this page https://symfonycasts.com/screencast/api-platform-security/login-response#thanks-session about stateless ApiPlatform default configuration change. Maybe it will be helpful
Cheers!
Hi SymfonyCast,
I have some issues with Authenticating using the Swagger UI.
I have had this problem a couple of days now,
I have modified the lexik_jwt_authentication.yaml file,
to extract a token from the authorization header with the name "X-Authorization" instead of "Authentication"
because I was previously having problems with the frontend application interacting with the backend through Caddy.
So changing the authorization header key to "X-Authorization" helpt avoid the issue between the backend and frontend authentication.
But now on swagger ui, I cant authenticate with the token because Swagger UI still tries making a Curl request with the "Authorization" key
I have read several forum and articles and tried the following configuraitons (see nelmio_api_doc.yaml below) to chang the curl request made by Swagger UI, but unfortunaly it does not accept the changes I am trying to make:
I also tried intercepting every request with a eventSubscriber and check every request "kernel.request" for a authorization key.
and modify it. I thought this was the way to go but it seems to ignore/ not work at all, so I gave up on this idea.
Unfortunaley I am stuck, else I just have to keep switching between "X-Authorization" and "Authorization" if I just want to check something on swagger ui.
I would like to know what I am doin wrong or if I just dont understand what ApiKeyAuth is supposed to be used for
and is it achievable what I am trying to do?
nelmio_api_doc.yaml
Lexik_jwt_authentication.yaml
swagger ui curl request
.
Guys, I got the following error:
I did print
bin/console config:dump api_platformpossible config options, but there is nofactoryparameter.The Symfony version is 6.2.6.
@weaverryan @MolloKhan
I got it. Instead of
api_platform.open_api.factoryshould beapi_platform.openapi.factory.But I still don't realize where the
factoryoption is coming from, it doesn't exists in the config.Hey Jared,
Yep, seems like you made a typo, the correct service name is
api_platform.openapi.factory.The
api_platform.openapi.factoryis a service name, not a config path, i.e. this is a standalone service ID@api_platform.openapi.factorythat is injected inOpenApiFactoryDecorator. You probably mislead it with a config path.Cheers!
Thank you! I got it :)
Maybe something has been changed in API Platform with updates, since this video was recorded. I've tried, and
securitySchemeshasn't been overridden.After some workaround I've stopped on this solution:
Hey @Oleh-K!
Sorry for the slow reply! Hmm. I wonder: did you add the
access_tokenconfig toapi_platform.yaml? I actually think your solution is superior. My guess (I could be wrong) is that you don't have this config. And so, this line:is using the
new \ArrayObjectpart. But in my code, because I have the config, the$openApi->getComponents()->getSecuritySchemes()is returning anArrayObject. The difference is that, in my case, I'm them "mutating" this existing object. But in your case, your "mutation" thenew \ArrayObject(), which is then never actually set into theOpenApiobject. Basically, my code was short-sighted and would ONLY work in the case where$openApi->getComponents()->getSecuritySchemes()DOES return anArrayObject.Am I correct? Does
$openApi->getComponents()->getSecuritySchemes()return anArrayObjector is itnull? Anyway, your solution is superior, I believe, as it will work in call cases.Cheers!
I've noticed that modifying the existing objects in place doesn't seem to alter the openApi object returned. The 'withXxxx' methods seem to suggest they are immutable as well (otherwise there would be getters and setters, you often see 'withers' if the original object is inmutable).
For other openApi-doc-tweaks I've had to use the 'with' calls to change the openApi object returend, and I ran into the same here. I really had the exact same lines in api_platform.yaml, and the Swagger docs were showing the previous 'auth' method where you had to paste in 'Bearer' yourself.
If I look at
$openApi->getSecurity()instead ofgetComponents()->getSecuritySchemes(), I DO see the 'access_token' keyname in there, but it contains an empty array.After doing it the way in this tutorial, the word 'bearer' just does not occur in the openapi json file... at all. Which can't be right :).
I've went with something similar as @Oleh-K above, but more of a nod to the tutorial code:
Hello @weaverryan , I had a similar issue, but in my case, the code is failing at:
Cannot access offset string on string. the code is just like yours. what could be the cause?
Hey @iclaborda!
Sorry for the super slow reply - busy season in the Symfony world :).
Hmm. That specific line looks fine and I can't see how you're accessing an array offset on that line specifically. Perhaps the stacktrace showed you a bit more info - like the error was happening deeper somewhere? If you're still on this issue and have a stracktrace, let me know :).
Cheers!
"Houston: no signs of life"
Start the conversation!