Symfony2 LexikJWTAuthenticationBundle在login_check之后无法正常工作

Question

I am trying to set up LexikJWTAuthenticationBundle (Symfony 3) for the first time.

Everything worked smoothly until I tried to make a GET request to an url that was restricted by ROLE_USER.

I can make a POST request to the login_check url, which returns the token, and after that I am trying to make the GET request to the url mentioned above.

I am adding the token on the request headers (Authorization: Bearer ...) and I can see the header being sent on the Google chrome's network tab. However the response always comes back as "401 Unauthorized". I am not sure what I missed here and have been trying to figure this out for days now and searched every forum possible.

Here is my security.yml

security:

user-providers
    providers:
        db_provider:
            entity:
                class: ApiBundle:ApiUser
                property: email

encoders:
    ApiBundle\Entity\ApiUser:
        algorithm: bcrypt

firewalls:

    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false

    login:
        pattern:  ^/login_check
        provider: db_provider
        stateless: true
        anonymous: true
        form_login:
            check_path:               api_login_check
            username_parameter:       email
            password_parameter:       password
            success_handler:          lexik_jwt_authentication.handler.authentication_success
            failure_handler:          lexik_jwt_authentication.handler.authentication_failure
            require_previous_session: false

    api:
        pattern:   ^/
        stateless: true
        lexik_jwt:
            authorization_header:
                enabled: true
                prefix:  Bearer
            query_parameter:
                enabled: false
                name:    bearer

access_control:
    - { path: ^/testpage,    roles: ROLE_USER }
    - { path: ^/register,    roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/,            roles: IS_AUTHENTICATED_ANONYMOUSLY }

Here are the headers being sent And on My ApiUser.php UserModel I have the getRoles() method implemented like this (for testing):

public function getRoles()
{
    return ['ROLE_USER'];
}

Have I missed anything?

Answer 1

经过两天的审查，Bundle的代码后，我发现问题在于该捆绑包无法读取公钥，更改文件的权限解决了该问题。