You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
👋
The documentation for the configuration of mercure seems quite wrong: it has a big "caution" block stating that the `MERCURE_JWT_SECRET` should contain an _actual JWT_ ... instead of a secret, which is weird (and definitely not how it works).
I propose to remove these (maybe out of date?) parts to prevent further confusion (_I spent a full day examining the actual source to understand what was really needed in the env var_).
Also, added a tip on how setting the cookies twice would not work.
PS: I created this PR against the 5.3 (current) branch since the 4.4 branch does not have the same paragraphs. Hope it's good.
Copy file name to clipboardExpand all lines: mercure.rst
+9-32Lines changed: 9 additions & 32 deletions
Original file line number
Diff line number
Diff line change
@@ -111,38 +111,7 @@ the publicly available URL (e.g. ``https://example.com/.well-known/mercure``).
111
111
The clients must also bear a `JSON Web Token`_ (JWT)
112
112
to the Mercure Hub to be authorized to publish updates and, sometimes, to subscribe.
113
113
114
-
This JWT should be stored in the ``MERCURE_JWT_SECRET`` environment variable.
115
-
116
-
The JWT must be signed with the same secret key as the one used by
117
-
the Hub to verify the JWT (``!ChangeMe!`` in you use the Local Web Server or
118
-
Symfony Docker).
119
-
Its payload must contain at least the following structure to be allowed to
120
-
publish:
121
-
122
-
.. code-block:: json
123
-
124
-
{
125
-
"mercure": {
126
-
"publish": []
127
-
}
128
-
}
129
-
130
-
Because the array is empty, the Symfony app will only be authorized to publish
131
-
public updates (see the authorization_ section for further information).
132
-
133
-
.. tip::
134
-
135
-
The jwt.io website is a convenient way to create and sign JWTs.
136
-
Checkout this `example JWT`_, that grants publishing rights for all *topics*
137
-
(notice the star in the array).
138
-
Don't forget to set your secret key properly in the bottom of the right panel of the form!
139
-
140
-
.. caution::
141
-
142
-
Don't put the secret key in ``MERCURE_JWT_SECRET``, it will not work!
143
-
This environment variable must contain a JWT, signed with the secret key.
144
-
145
-
Also, be sure to keep both the secret key and the JWTs... secrets!
114
+
This token must be signed with the same secret key as the one used by the Hub to verify the JWT (``!ChangeMe!`` in you use the Local Web Server or Symfony Docker), which should be stored in the ``MERCURE_JWT_SECRET`` environment variable.
146
115
147
116
If you don't want to use the provided environment variables,
148
117
use the following configuration:
@@ -482,6 +451,14 @@ And here is the controller::
482
451
}
483
452
}
484
453
454
+
455
+
.. tip::
456
+
457
+
You cannot use the ``mercure()`` helper and the ``setCookie()``
458
+
method at the same time (it would set the cookie twice on a single request). Choose
459
+
either one method or the other.
460
+
461
+
485
462
Programmatically Generating The JWT Used to Publish
0 commit comments