Comments (9)
Hi Felix,
This is indeed an issue with the package. The reason your seeing this behaviour is because the firebase provider, which does the heavy lifting of encoding and decoding the tokens, was throwing an UnexpectedValueException
(because the token had expired) which was being caught before a TokenExpiredException
could be thrown. As a result a TokenInvalidException
is actually thrown with the message "Expired Token", (as you experienced).
I believe this is now fixed and I have released version 0.3.9 to address this. Please let me know if this fixes your issue.
Thanks!
from jwt-auth.
Hi,
I've updated and now getting an error that $payload
isn't defined when using an expired token.
Looking at the firebase provider its correctly skipping the general JWTException
but there's then no $payload
defined. I tried just repeating the $payload = (array) Firebase::decode()
from the 'try' after the if
statement but got an unexpected value error so not sure what to do to fix that.
from jwt-auth.
I've The same issue, I've tried to bypass the $payload but I get the exception from the toUser() method, it seems that the Expire Exception not fired,
my code
$user = \JWTAuth::parseToken()->toUser();
the error report
file: "/home/migaber/public_html/dandin-system/api-laravel/vendor/tymon/jwt-auth/src/Tymon/JWTAuth/Providers/AbstractProvider.php"
line: 105
message: "A token is required"
type: "Tymon\JWTAuth\Exceptions\JWTException"
my Edit on decode method
public function decode($token){
$this->createToken($token);
try {
$payload = (array) Firebase::decode($this->token, $this->secret);
} catch (Exception $e) {
// ignore firebase's expired exception because we will throw our own later
if ($e->getMessage() !== 'Expired Token') {
throw new JWTException('Could not decode token: ' . $e->getMessage());
} else {
return false;
}
}
return $this->createPayload($payload);
}
from jwt-auth.
Sorry about that guys.. should be fixed now. (0.3.10
)
The firebase provider obviously doesn't return the payload if an expired exception is thrown, and that's where it went wrong. doh!
I will try and come up with a better solution to this, as I complete the refactor over on develop
from jwt-auth.
Hi,
That (almost) works for me. The correct exception is thrown but I had to add a use
statement for theTokenExpiredException
exception in FirebaseProvider.php
(well my IDE told me to at any rate),
i.e.
use Tymon\JWTAuth\Exceptions\TokenExpiredException;
As an aside i'm told these two references aren't needed:
use Tymon\JWTAuth\Providers\AbstractProvider;
use Tymon\JWTAuth\Providers\ProviderInterface;
from jwt-auth.
yes, you are right, don't know what was going on in my head this weekend! 😣
I think I'll be using php storm from now on!
0.3.11 tagged
from jwt-auth.
Solved from my side too,
but I think you missed the Event Listener Event::listen('tymon.jwt.expired') ??
from jwt-auth.
@migaber good point, i'll edit the release a little later for that.
Tbh I'm not overly fond of having those two places that handle token expiry.. I will have a think on a better solution for this
from jwt-auth.
0.3.11 works for me (I don't use the events so I didn't think about that).
from jwt-auth.
Related Issues (20)
- Performance consideration when only user id is needed
- Upgrade to v2.0 with lcobucci/jwt 4.3.0 crash with package:discover HOT 3
- JWTAuth::attempt return random token if input is null
- Default persistent claims should be configurable
- The GET method is not supported for route api/login. Supported methods: POST.
- post request by axios to laravel giving 500 error HOT 1
- How do we customise the claims? HOT 2
- Get All active tokens
- Method factory on JWTGuard not found
- setSecret method for custom JWT key is not working HOT 1
- Troubleshooting Issues with Laravel Tests and JWT Authentication HOT 2
- Examples for unmentioned routes (like Email Verification) HOT 1
- Followed the Laravel installation and quick start, getting error: "Tymon\\JWTAuth\\JWTGuard::login(): Argument #1 ($user) must be of type Tymon\\JWTAuth\\Contracts\\JWTSubject
- is possible use sap hana obdc with tymondesigns / jwt-auth ?
- Using a string instead of a file path for the `private` property in `jwt.php`.
- Clarification on Refresh Token Behaviour HOT 5
- attempt() never returns null, but returns blank booleans HOT 1
- Laravel 11 requires an update.
- Laravel 11 Compatibility needs nesbot/carbon ^3.0 HOT 1
- Random @deprecated docs
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt-auth.