From f948ab29ffebf4673c585d5f41a6eecb8c8d5aeb Mon Sep 17 00:00:00 2001 From: tchap Date: Wed, 24 Nov 2021 09:53:39 +0100 Subject: [PATCH 01/12] Update mercure.rst regarding JWT token secret :wave: The documentation for the configuration of mercure seems quite wrong: it has a big "caution" block stating that the `MERCURE_JWT_SECRET` should contain an _actual JWT_ ... instead of a secret, which is weird (and definitely not how it works). I propose to remove these (maybe out of date?) parts to prevent further confusion (_I spent a full day examining the actual source to understand what was really needed in the env var_). Also, added a tip on how setting the cookies twice would not work. PS: I created this PR against the 5.3 (current) branch since the 4.4 branch does not have the same paragraphs. Hope it's good. --- mercure.rst | 41 +++++++++-------------------------------- 1 file changed, 9 insertions(+), 32 deletions(-) diff --git a/mercure.rst b/mercure.rst index 205b426a922..c2435a826d7 100644 --- a/mercure.rst +++ b/mercure.rst @@ -111,38 +111,7 @@ the publicly available URL (e.g. ``https://example.com/.well-known/mercure``). The clients must also bear a `JSON Web Token`_ (JWT) to the Mercure Hub to be authorized to publish updates and, sometimes, to subscribe. -This JWT should be stored in the ``MERCURE_JWT_SECRET`` environment variable. - -The JWT must be signed with the same secret key as the one used by -the Hub to verify the JWT (``!ChangeMe!`` in you use the Local Web Server or -Symfony Docker). -Its payload must contain at least the following structure to be allowed to -publish: - -.. code-block:: json - - { - "mercure": { - "publish": [] - } - } - -Because the array is empty, the Symfony app will only be authorized to publish -public updates (see the authorization_ section for further information). - -.. tip:: - - The jwt.io website is a convenient way to create and sign JWTs. - Checkout this `example JWT`_, that grants publishing rights for all *topics* - (notice the star in the array). - Don't forget to set your secret key properly in the bottom of the right panel of the form! - -.. caution:: - - Don't put the secret key in ``MERCURE_JWT_SECRET``, it will not work! - This environment variable must contain a JWT, signed with the secret key. - - Also, be sure to keep both the secret key and the JWTs... secrets! +This token must be signed with the same secret key as the one used by the Hub to verify the JWT (``!ChangeMe!`` in you use the Local Web Server or Symfony Docker), which should be stored in the ``MERCURE_JWT_SECRET`` environment variable. If you don't want to use the provided environment variables, use the following configuration: @@ -482,6 +451,14 @@ And here is the controller:: } } + +.. tip:: + + You cannot use the ``mercure()`` helper and the ``setCookie()`` + method at the same time (it would set the cookie twice on a single request). Choose + either one method or the other. + + Programmatically Generating The JWT Used to Publish --------------------------------------------------- From 123ad73a49070838267d884ef37949ad54852ec9 Mon Sep 17 00:00:00 2001 From: tchap Date: Wed, 24 Nov 2021 10:47:51 +0100 Subject: [PATCH 02/12] Remove unneeded JWT reference --- mercure.rst | 1 - 1 file changed, 1 deletion(-) diff --git a/mercure.rst b/mercure.rst index c2435a826d7..874e5d3bb12 100644 --- a/mercure.rst +++ b/mercure.rst @@ -711,7 +711,6 @@ Going further .. _`Symfony Docker`: https://github.com/dunglas/symfony-docker/ .. _`API Platform distribution`: https://api-platform.com/docs/distribution/ .. _`JSON Web Token`: https://tools.ietf.org/html/rfc7519 -.. _`example JWT`: https://jwt.io/#debugger-io?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOlsiKiJdfX0.iHLdpAEjX4BqCsHJEegxRmO-Y6sMxXwNATrQyRNt3GY .. _`IRI`: https://tools.ietf.org/html/rfc3987 .. _`practical UI`: https://twitter.com/ChromeDevTools/status/562324683194785792 .. _`the dedicated API Platform documentation`: https://api-platform.com/docs/core/mercure/ From 142a6f9ac8387f58b5f313ba6a70404851a63024 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 14:12:40 +0100 Subject: [PATCH 03/12] [mercure] Compatibility with the Docker integration and various improvements --- mercure.rst | 161 ++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 111 insertions(+), 50 deletions(-) diff --git a/mercure.rst b/mercure.rst index 874e5d3bb12..e84749d148d 100644 --- a/mercure.rst +++ b/mercure.rst @@ -17,12 +17,12 @@ requiring "push" capabilities. Symfony provides a straightforward component, built on top of `the Mercure protocol`_, specifically designed for this class of use cases. -Mercure is an open protocol designed from the ground to publish updates from +Mercure is an open protocol designed from the ground up to publish updates from server to clients. It is a modern and efficient alternative to timer-based polling and to WebSocket. Because it is built on top `Server-Sent Events (SSE)`_, Mercure is supported -out of the box in most modern browsers (old versions of Edge and IE require +out of the box in modern browsers (old versions of Edge and IE require `a polyfill`_) and has `high-level implementations`_ in many programming languages. @@ -42,49 +42,44 @@ generated using the API Platform client generator. Installation ------------ -Running a Mercure Hub -~~~~~~~~~~~~~~~~~~~~~ +Installing the Symfony Bundle +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Run this command to install the Mercure support: + +.. code-block:: terminal + + $ composer require mercure To manage persistent connections, Mercure relies on a Hub: a dedicated server that handles persistent SSE connections with the clients. The Symfony app publishes the updates to the hub, that will broadcast them to clients. -.. image:: /_images/mercure/schema.png - -An official and open source (AGPL) Hub based on the Caddy web server -can be downloaded as a static binary from `Mercure.rocks`_. -A Docker image, a Helm chart for Kubernetes -and a managed, High Availability Hub are also provided. - -If you use `Symfony Docker`_ or the `API Platform distribution`_, a Mercure Hub -is automatically installed and your Symfony application is automatically -configured to use it. You can jump directly to the next section. +Thanks to :ref:`the Docker integration of Symfony `, +:ref:`Flex ` proposes to install a Mercure hub. +Run ``docker-compose up`` to start the hub if you have chosen this option. If you use the :doc:`Symfony Local Web Server `, -a Mercure hub will be automatically available as a Docker service thanks to its -:ref:`Docker integration . - -Be sure that recent versions of Docker and Docker Compose are properly installed -on your computer and to start the Symfony Local Web Server with the ``--no-tls`` -option: +you must start it with the ``--no-tls`` option. .. code-block:: terminal $ symfony server:start --no-tls -d -Installing the Symfony Bundle -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Run this command to install the Mercure support before using it: +Running a Mercure Hub +~~~~~~~~~~~~~~~~~~~~~ -.. code-block:: terminal +.. image:: /_images/mercure/schema.png - $ composer require mercure +If you use the Docker integration, a hub is already up and running, +and you can go straight to the next section. -:ref:`Symfony Flex ` has automatically installed and configured -MercureBundle. It also created (if needed) and configured a Docker Compose -definition that provides a Mercure service. Run ``docker-compose up`` to start it. +Otherwise, and in production, you have to install a hub by yourself. +An official and open source (AGPL) Hub based on the Caddy web server +can be downloaded as a static binary from `Mercure.rocks`_. +A Docker image, a Helm chart for Kubernetes +and a managed, High Availability Hub are also provided. Configuration ------------- @@ -95,23 +90,26 @@ The preferred way to configure MercureBundle is using When MercureBundle has been installed, the ``.env`` file of your project has been updated by the Flex recipe to include the available env vars. -If you use the Symfony Local Web Server, Symfony Docker or the API Platform -distribution, the Symfony app is automatically configured and you can skip -straight to the next section. +Also, if you are using the Docker integration with the Symfony Local Web Server, +`Symfony Docker`_ or the `API Platform distribution`_, +the proper environment variables have been automatically set. +Skip straight to the next section. Otherwise, set the URL of your hub as the value of the ``MERCURE_URL`` and ``MERCURE_PUBLIC_URL`` env vars. Sometimes a different URL must be called by the Symfony app (usually to publish), and the JavaScript client (usually to subscribe). It's especially common when the Symfony app must use a local URL and the client-side JavaScript code a public one. -In this case, ``MERCURE_URL`` must contain the local URL that will be used by the +In this case, ``MERCURE_URL`` must contain the local URL used by the Symfony app (e.g. ``https://mercure/.well-known/mercure``), and ``MERCURE_PUBLIC_URL`` the publicly available URL (e.g. ``https://example.com/.well-known/mercure``). The clients must also bear a `JSON Web Token`_ (JWT) to the Mercure Hub to be authorized to publish updates and, sometimes, to subscribe. -This token must be signed with the same secret key as the one used by the Hub to verify the JWT (``!ChangeMe!`` in you use the Local Web Server or Symfony Docker), which should be stored in the ``MERCURE_JWT_SECRET`` environment variable. +This token must be signed with the same secret key as the one used by the Hub to verify the JWT (``!ChangeMe!`` in you use the Docker integration). +This secret key must be stored in the ``MERCURE_JWT_SECRET`` environment variable. +MercureBundle will use it to automatically generate and sign the needed JWTs. If you don't want to use the provided environment variables, use the following configuration: @@ -155,6 +153,68 @@ use the following configuration: ], ]); +Alternatively, it's also possible to pass directly the JWT to use: + +.. configuration-block:: + + .. code-block:: yaml + + # config/packages/mercure.yaml + mercure: + hubs: + default: + url: https://mercure-hub.example.com/.well-known/mercure + jwt: + value: 'the.JWT' + + .. code-block:: xml + + + + + + + + + + .. code-block:: php + + // config/packages/mercure.php + $container->loadFromExtension('mercure', [ + 'hubs' => [ + 'default' => [ + 'url' => 'https://mercure-hub.example.com/.well-known/mercure', + 'jwt' => [ + 'value' => 'the.JWT', + ], + ], + ], + ]); + + +The JWT payload must contain at least the following structure to be allowed to +publish: + +.. code-block:: json + + { + "mercure": { + "publish": [] + } + } + +Because the array is empty, the Symfony app will only be authorized to publish +public updates (see the authorization_ section for further information). + +.. tip:: + + The jwt.io website is a convenient way to create and sign JWTs. + Checkout this `example JWT`_, that grants publishing rights for all *topics* + (notice the star in the array). + Don't forget to set your secret key properly in the bottom of the right panel of the form! Basic Usage ----------- @@ -222,8 +282,8 @@ Subscribing to updates in JavaScript from a Twig template is straightforward: } -The ``mercure()`` Twig function will generate the URL of the Mercure hub -according to the configuration. The URL will include the ``topic`` query +The ``mercure()`` Twig function generates the URL of the Mercure hub +according to the configuration. The URL includes the ``topic`` query parameters corresponding to the topics passed as first argument. If you want to access to this URL from an external JavaScript file, generate the @@ -302,9 +362,9 @@ by using the ``AbstractController::addLink`` helper method:: class DiscoverController extends AbstractController { - public function __invoke(Request $request, Discovery $discovery): JsonResponse + public function discover(Request $request, Discovery $discovery): JsonResponse { - // Link: ; rel="mercure" + // Link: ; rel="mercure" $discovery->addLink($request); return $this->json([ @@ -320,7 +380,7 @@ and to subscribe to it: .. code-block:: javascript // Fetch the original resource served by the Symfony web API - fetch('/books/1') // Has Link: ; rel="mercure" + fetch('/books/1') // Has Link: ; rel="mercure" .then(response => { // Extract the hub URL from the Link header const hubUrl = response.headers.get('Link').match(/<([^>]+)>;\s+rel=(?:mercure|"[^"]*mercure[^"]*")/)[1]; @@ -373,9 +433,9 @@ To provide this JWT, the subscriber can use a cookie, or a ``Authorization`` HTTP header. Cookies can be set automatically by Symfony by passing the appropriate options -to the ``mercure()`` Twig function. Cookies set by Symfony will be automatically +to the ``mercure()`` Twig function. Cookies set by Symfony are automatically passed by the browsers to the Mercure hub if the ``withCredentials`` attribute -of the ``EventSource`` class is set to ``true``. Then, the Hub will verify the +of the ``EventSource`` class is set to ``true``. Then, the Hub verifies the validity of the provided JWT, and extract the topic selectors from it. .. code-block:: twig @@ -572,9 +632,9 @@ its Mercure support. Testing -------- -During unit testing there is no need to send updates to Mercure. +During unit testing it's usually not needed to send updates to Mercure. -You can instead make use of the `MockHub`:: +You can instead make use of the `MockHub` class:: // tests/FunctionalTest.php namespace App\Tests\Unit\Controller; @@ -601,10 +661,10 @@ You can instead make use of the `MockHub`:: } } -During functional testing you can instead decorate the Hub:: +During functional testing you can instead create a stub of the Hub:: - // tests/Functional/Fixtures/HubStub.php - namespace App\Tests\Functional\Fixtures; + // tests/Functional/Stub/HubStub.php + namespace App\Tests\Functional\Stub; use Symfony\Component\Mercure\HubInterface; use Symfony\Component\Mercure\Update; @@ -619,14 +679,14 @@ During functional testing you can instead decorate the Hub:: // implement rest of HubInterface methods here } -HubStub decorates the default hub service so no updates are actually -sent. Here is the HubStub implementation: +Use ``HubStub`` to replace the default hub service so no updates are actually +sent: .. code-block:: yaml # config/services_test.yaml - App\Tests\Functional\Fixtures\HubStub: - decorates: mercure.hub.default + mercure.hub.default: + class: App\Tests\Functional\Stub\HubStub .. tip:: @@ -711,6 +771,7 @@ Going further .. _`Symfony Docker`: https://github.com/dunglas/symfony-docker/ .. _`API Platform distribution`: https://api-platform.com/docs/distribution/ .. _`JSON Web Token`: https://tools.ietf.org/html/rfc7519 +.. _`example JWT`: https://jwt.io/#debugger-io?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOlsiKiJdfX0.iHLdpAEjX4BqCsHJEegxRmO-Y6sMxXwNATrQyRNt3GY .. _`IRI`: https://tools.ietf.org/html/rfc3987 .. _`practical UI`: https://twitter.com/ChromeDevTools/status/562324683194785792 .. _`the dedicated API Platform documentation`: https://api-platform.com/docs/core/mercure/ From 74961497f5a672cb8c89606cdc31ec4822480037 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:20:34 +0100 Subject: [PATCH 04/12] review --- mercure.rst | 107 ++++++++++++++++++++++++---------------------------- 1 file changed, 50 insertions(+), 57 deletions(-) diff --git a/mercure.rst b/mercure.rst index e84749d148d..47b4577f5cd 100644 --- a/mercure.rst +++ b/mercure.rst @@ -111,8 +111,16 @@ This token must be signed with the same secret key as the one used by the Hub to This secret key must be stored in the ``MERCURE_JWT_SECRET`` environment variable. MercureBundle will use it to automatically generate and sign the needed JWTs. -If you don't want to use the provided environment variables, -use the following configuration: +In addition to these environment variables, +MercureBundle provides a more advanced configuration configuration: + +* ``secret``: the key to use to sign the JWT +* ``publish``: a list of topics to allow publishing to when generating the JWT +* ``subscribe``: a list of topics to allow subscribing to when generating the JWT +* ``algorithm``: The algorithm to use to sign the JWT +* ``provider``: The ID of a service to call to provide the JWT +* ``factory``: The ID of a service to call to create the JWT +* ``value``: the raw JWT to use (all other options will be ignored) .. configuration-block:: @@ -125,6 +133,12 @@ use the following configuration: url: https://mercure-hub.example.com/.well-known/mercure jwt: secret: '!ChangeMe!' + publish: ['foo', 'https://example.com/foo'] + subscribe: ['bar', 'https://example.com/bar'] + algorithm: 'hmac.sha256' + provider: 'My\Provider' + factory: 'My\Factory' + value: 'my.jwt' .. code-block:: xml @@ -135,7 +149,18 @@ use the following configuration: name="default" url="https://mercure-hub.example.com/.well-known/mercure" > - + + foo + https://example.com/foo + bar + https://example.com/bar + @@ -148,68 +173,32 @@ use the following configuration: 'url' => 'https://mercure-hub.example.com/.well-known/mercure', 'jwt' => [ 'secret' => '!ChangeMe!', + 'publish' => ['foo', 'https://example.com/foo'], + 'subscribe' => ['bar', 'https://example.com/bar'], + 'algorithm' => 'hmac.sha256', + 'provider' => 'My\Provider', + 'factory' => 'My\Factory', + 'value' => 'my.jwt', ], ], ], ]); -Alternatively, it's also possible to pass directly the JWT to use: - -.. configuration-block:: - - .. code-block:: yaml - - # config/packages/mercure.yaml - mercure: - hubs: - default: - url: https://mercure-hub.example.com/.well-known/mercure - jwt: - value: 'the.JWT' - - .. code-block:: xml - - - - - - - - - - .. code-block:: php - - // config/packages/mercure.php - $container->loadFromExtension('mercure', [ - 'hubs' => [ - 'default' => [ - 'url' => 'https://mercure-hub.example.com/.well-known/mercure', - 'jwt' => [ - 'value' => 'the.JWT', - ], - ], - ], - ]); - +.. tip:: -The JWT payload must contain at least the following structure to be allowed to -publish: + The JWT payload must contain at least the following structure to be allowed to + publish: -.. code-block:: json + .. code-block:: json - { - "mercure": { - "publish": [] + { + "mercure": { + "publish": [] + } } - } - -Because the array is empty, the Symfony app will only be authorized to publish -public updates (see the authorization_ section for further information). -.. tip:: + Because the array is empty, the Symfony app will only be authorized to publish + public updates (see the authorization_ section for further information). The jwt.io website is a convenient way to create and sign JWTs. Checkout this `example JWT`_, that grants publishing rights for all *topics* @@ -364,7 +353,7 @@ by using the ``AbstractController::addLink`` helper method:: { public function discover(Request $request, Discovery $discovery): JsonResponse { - // Link: ; rel="mercure" + // Link: ; rel="mercure" $discovery->addLink($request); return $this->json([ @@ -380,7 +369,7 @@ and to subscribe to it: .. code-block:: javascript // Fetch the original resource served by the Symfony web API - fetch('/books/1') // Has Link: ; rel="mercure" + fetch('/books/1') // Has Link: ; rel="mercure" .then(response => { // Extract the hub URL from the Link header const hubUrl = response.headers.get('Link').match(/<([^>]+)>;\s+rel=(?:mercure|"[^"]*mercure[^"]*")/)[1]; @@ -688,6 +677,10 @@ sent: mercure.hub.default: class: App\Tests\Functional\Stub\HubStub +As MercureBundle support multiple hubs, you may have to replace +the other service definitions accordingly. + + .. tip:: Symfony Panther has `a feature to test applications using Mercure`_. From e35f1cc895621aa21a391aae7df9f9f1feb1a780 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:21:32 +0100 Subject: [PATCH 05/12] Update mercure.rst Co-authored-by: Robin Chalas --- mercure.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/mercure.rst b/mercure.rst index 47b4577f5cd..b3ba56900ee 100644 --- a/mercure.rst +++ b/mercure.rst @@ -650,7 +650,7 @@ You can instead make use of the `MockHub` class:: } } -During functional testing you can instead create a stub of the Hub:: +For functional testing, you can instead create a stub of the Hub:: // tests/Functional/Stub/HubStub.php namespace App\Tests\Functional\Stub; @@ -680,7 +680,6 @@ sent: As MercureBundle support multiple hubs, you may have to replace the other service definitions accordingly. - .. tip:: Symfony Panther has `a feature to test applications using Mercure`_. From 81c1387c76deeb8be285f6cbc0372629fdc3ae88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:38:19 +0100 Subject: [PATCH 06/12] Update mercure.rst Co-authored-by: Saif Eddin Gmati <29315886+azjezz@users.noreply.github.com> --- mercure.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mercure.rst b/mercure.rst index b3ba56900ee..e61250c8d47 100644 --- a/mercure.rst +++ b/mercure.rst @@ -119,7 +119,7 @@ MercureBundle provides a more advanced configuration configuration: * ``subscribe``: a list of topics to allow subscribing to when generating the JWT * ``algorithm``: The algorithm to use to sign the JWT * ``provider``: The ID of a service to call to provide the JWT -* ``factory``: The ID of a service to call to create the JWT +* ``factory``: The ID of a service to call to create the JWT (all other options, beside `subscribe`, and `publish` will be ignored) * ``value``: the raw JWT to use (all other options will be ignored) .. configuration-block:: From 3ca1aa14662e08d85fd565b0cb0ee275b89b4e48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:38:25 +0100 Subject: [PATCH 07/12] Update mercure.rst Co-authored-by: Saif Eddin Gmati <29315886+azjezz@users.noreply.github.com> --- mercure.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mercure.rst b/mercure.rst index e61250c8d47..e1b85979550 100644 --- a/mercure.rst +++ b/mercure.rst @@ -117,7 +117,7 @@ MercureBundle provides a more advanced configuration configuration: * ``secret``: the key to use to sign the JWT * ``publish``: a list of topics to allow publishing to when generating the JWT * ``subscribe``: a list of topics to allow subscribing to when generating the JWT -* ``algorithm``: The algorithm to use to sign the JWT +* ``algorithm``: The algorithm to use to sign the JWT (only usable when `secret` is provided ) * ``provider``: The ID of a service to call to provide the JWT * ``factory``: The ID of a service to call to create the JWT (all other options, beside `subscribe`, and `publish` will be ignored) * ``value``: the raw JWT to use (all other options will be ignored) From b4fb9fbe889f9e37bf02ab6e03a4219acd068e4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:38:33 +0100 Subject: [PATCH 08/12] Update mercure.rst Co-authored-by: Saif Eddin Gmati <29315886+azjezz@users.noreply.github.com> --- mercure.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mercure.rst b/mercure.rst index e1b85979550..41d5e51b03b 100644 --- a/mercure.rst +++ b/mercure.rst @@ -116,7 +116,7 @@ MercureBundle provides a more advanced configuration configuration: * ``secret``: the key to use to sign the JWT * ``publish``: a list of topics to allow publishing to when generating the JWT -* ``subscribe``: a list of topics to allow subscribing to when generating the JWT +* ``subscribe``: a list of topics to allow subscribing to when generating the JWT (only usable when `secret`, or `factory` are provided ) * ``algorithm``: The algorithm to use to sign the JWT (only usable when `secret` is provided ) * ``provider``: The ID of a service to call to provide the JWT * ``factory``: The ID of a service to call to create the JWT (all other options, beside `subscribe`, and `publish` will be ignored) From ec8708560d9535b976a4ea3074b01667e8d40f60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:38:52 +0100 Subject: [PATCH 09/12] Update mercure.rst Co-authored-by: Saif Eddin Gmati <29315886+azjezz@users.noreply.github.com> --- mercure.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mercure.rst b/mercure.rst index 41d5e51b03b..92e770f1089 100644 --- a/mercure.rst +++ b/mercure.rst @@ -115,7 +115,7 @@ In addition to these environment variables, MercureBundle provides a more advanced configuration configuration: * ``secret``: the key to use to sign the JWT -* ``publish``: a list of topics to allow publishing to when generating the JWT +* ``publish``: a list of topics to allow publishing to when generating the JWT (only usable when `secret`, or `factory` are provided ) * ``subscribe``: a list of topics to allow subscribing to when generating the JWT (only usable when `secret`, or `factory` are provided ) * ``algorithm``: The algorithm to use to sign the JWT (only usable when `secret` is provided ) * ``provider``: The ID of a service to call to provide the JWT From daaa3f13adaf5bca6ebd5919149afff935ea946d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:39:02 +0100 Subject: [PATCH 10/12] Update mercure.rst Co-authored-by: Saif Eddin Gmati <29315886+azjezz@users.noreply.github.com> --- mercure.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mercure.rst b/mercure.rst index 92e770f1089..58e9dc6dbd0 100644 --- a/mercure.rst +++ b/mercure.rst @@ -118,7 +118,7 @@ MercureBundle provides a more advanced configuration configuration: * ``publish``: a list of topics to allow publishing to when generating the JWT (only usable when `secret`, or `factory` are provided ) * ``subscribe``: a list of topics to allow subscribing to when generating the JWT (only usable when `secret`, or `factory` are provided ) * ``algorithm``: The algorithm to use to sign the JWT (only usable when `secret` is provided ) -* ``provider``: The ID of a service to call to provide the JWT +* ``provider``: The ID of a service to call to provide the JWT (all other options will be ignored) * ``factory``: The ID of a service to call to create the JWT (all other options, beside `subscribe`, and `publish` will be ignored) * ``value``: the raw JWT to use (all other options will be ignored) From adf49ef56839d3aea9c4508d4d432a44595f3197 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:39:11 +0100 Subject: [PATCH 11/12] Update mercure.rst Co-authored-by: Saif Eddin Gmati <29315886+azjezz@users.noreply.github.com> --- mercure.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mercure.rst b/mercure.rst index 58e9dc6dbd0..3a93fb0ec80 100644 --- a/mercure.rst +++ b/mercure.rst @@ -114,7 +114,7 @@ MercureBundle will use it to automatically generate and sign the needed JWTs. In addition to these environment variables, MercureBundle provides a more advanced configuration configuration: -* ``secret``: the key to use to sign the JWT +* ``secret``: the key to use to sign the JWT (all other options, beside `algorithm`, `subscribe`, and `publish` will be ignored) * ``publish``: a list of topics to allow publishing to when generating the JWT (only usable when `secret`, or `factory` are provided ) * ``subscribe``: a list of topics to allow subscribing to when generating the JWT (only usable when `secret`, or `factory` are provided ) * ``algorithm``: The algorithm to use to sign the JWT (only usable when `secret` is provided ) From ad0cbe5c6a2e9949d401a2a32b1cd9ddb04d1141 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Thu, 16 Dec 2021 15:41:09 +0100 Subject: [PATCH 12/12] nitpicking --- mercure.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mercure.rst b/mercure.rst index 3a93fb0ec80..365e3de9391 100644 --- a/mercure.rst +++ b/mercure.rst @@ -115,9 +115,9 @@ In addition to these environment variables, MercureBundle provides a more advanced configuration configuration: * ``secret``: the key to use to sign the JWT (all other options, beside `algorithm`, `subscribe`, and `publish` will be ignored) -* ``publish``: a list of topics to allow publishing to when generating the JWT (only usable when `secret`, or `factory` are provided ) -* ``subscribe``: a list of topics to allow subscribing to when generating the JWT (only usable when `secret`, or `factory` are provided ) -* ``algorithm``: The algorithm to use to sign the JWT (only usable when `secret` is provided ) +* ``publish``: a list of topics to allow publishing to when generating the JWT (only usable when `secret`, or `factory` are provided) +* ``subscribe``: a list of topics to allow subscribing to when generating the JWT (only usable when `secret`, or `factory` are provided) +* ``algorithm``: The algorithm to use to sign the JWT (only usable when `secret` is provided) * ``provider``: The ID of a service to call to provide the JWT (all other options will be ignored) * ``factory``: The ID of a service to call to create the JWT (all other options, beside `subscribe`, and `publish` will be ignored) * ``value``: the raw JWT to use (all other options will be ignored)