Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT Expiration and Management #1007

Merged
merged 10 commits into from
Sep 8, 2015
Merged

JWT Expiration and Management #1007

merged 10 commits into from
Sep 8, 2015

Conversation

jrjohnson
Copy link
Member

Lots of JWT stuff:

  • Added console commands to create and invalidate tokens.
  • Replaced the entire JWT special namespace with a single symphony pre auth class that handles all the validation and creating of tokens
    • Use a JWTManager to do all token operations

Fixes #885, #886, #954

@jrjohnson jrjohnson mentioned this pull request Sep 4, 2015
Merged
@jrjohnson
Add invalidateTokenIssuedBefore property to Authentication Entity
e9b2801
@jrjohnson
Add Commend to invalidate tokens for a user
32eb170
@jrjohnson
Replace custom JST auth with SimplePreAuthenticatorInterface
d40605f 
Cleans up a lot of code and is much simpler to understand.
@jrjohnson
Remove the AuthenticationHeader listener
d6bee1e 
We’re no longer using this header so its OK if symphony leaves it out
@jrjohnson
Authentication no longer sets up a Token
53e1d4b 
Now authentication just creates a response with the JWT string
@jrjohnson
Add JWT command line generation
3def058
@jrjohnson
Fix AuthenticationTest
b4e5d64
@jrjohnson
Move /auth/refresh to /auth/token
710255b 
I think this is a clearer path to what is essentially a token generator
@jrjohnson
Bring composer log file in line with install file
9688eee 
These got out of sync at some point.
@jrjohnson
Create the repository for a manager entity on demand
27b2cd2 
Registry::getRepository() requires an active database connection.  By
doing this on demand we make it possible to inject the managers into
console commands.  While the manager obviously needs the DB to be setup
all console commands which are registered as services are setup when
any of them are called.
@stopfstedt
Copy link
Member

logging out application leaves application in a broken state.

selection_009

@jrjohnson
Copy link
Member Author

I think this can be merged as is and then the frontend adjusted to accommodate.

thecoolestguy added a commit that referenced this pull request Sep 8, 2015
@thecoolestguy
Merge pull request #1007 from jrjohnson/886-expirejwt
3f219c9 
JWT Expiration and Management
@thecoolestguy thecoolestguy merged commit 3f219c9 into ilios:master Sep 8, 2015
@jrjohnson jrjohnson deleted the 886-expirejwt branch November 10, 2015 17:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@stopfstedt stopfstedt

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jrjohnson @stopfstedt @thecoolestguy