Not compatible with woocommerce 3.3.x API and above

[revendo]

Since Version 3.3.x this plugin makes it impossible, to use the iOS App of Woocommerce. There seems to be an incompatibility with the core api of Woocommerce. Could you have a look at this issue?

[jrsarath]

Details please.. what kind of compatibilities are you looking for

[revendo]

Not able to sign in to the iOS App of Woocommerce with jwt-auth enabled. Woocommerce iOS Dev team had a look into it and they just said, it's because of the jwt plugin and they don't want to investigate more details. So I just disabled JWT and everything works. But we'd like to use JWT instead of the woocommerce built in auth method.

[jrsarath]

Im using woocommerce rest api along with JWT.. for both platform android and IOS.. seems to be working perfectly

[revendo]

Strange. Would you like to see what I mean? I tested again. Same issue. I could provide login credentials to a test site.

[jrsarath]

let me know what you are actually trying to do, what is your goal..

[revendo]

My goal is to use woocommerce iOS App while having enabled jwt-auth.

[jrsarath]

woo-commerce backend app ?? https://woocommerce.com/ios/ this one ?

[revendo]

Exactly

[jrsarath]

No idea mate then.. Good luck ahed.. I thought you are building a custom Frontend application for IOS

[revendo]

Thanks. I tested again. Can't believe that I'm the only one who is experiencing this issue. I even tried it on a different setup. There is no way to get the woocommerce iOS app working when having enabled JWT.

[jrsarath]

give me a workaround... any idea how that IOS App works/communicate with woo-commerce ? that might help to find out a way

[revendo]

I don't know! I only know, that it uses the woocommerce built in API.

[jrsarath]

why you want to use jwt ?

[revendo]

We're not only using the API woocommerce but also for Wordpress. So in order to have one api for booth, its the best way to have jwt :)

[jrsarath]

well time for a tst drive if available .. do you have any problem to give me an admin access

[revendo]

I send you a login by e-mail. Thanks so far for the support!

[jrsarath]

Im out of the town my friend.. will get back to you as soon as i can

[revendo]

Allright

[woohsian]

I have faced this issue as well and I found a quick solution.

For me the reason why Woocommerce API stops working is because this plugin intercepts ALL authorization headers. This means it intercepts Basic Auth and expects to find a Bearer token Auth.

To get around this I modified the function validate_token by checking the $_SERVER['HTTP_AUTHORIZATION'] and returning out of the function if the string "Bearer" does not exist.

It's a bit quick and dirty but solves the problem for me for now. Waiting for the official solution.

$auth = isset($_SERVER['HTTP_AUTHORIZATION']) ?  $_SERVER['HTTP_AUTHORIZATION'] : false;
// Do not intercept if NOT bearer type token
if ($auth && substr($auth, 0, 6) != "Bearer") {
       return;
}

[jrsarath]

https://github.com/Tmeister/wp-api-jwt-auth/pull/72 this might help to achive what @woohsian tried to do.. even i implemented it too.. Sorry mate @revendo i'm still out of town.. so was not able to visit the test env

[revendo]

@woohsian thanks. Where do I need to put this code snippet?

[woohsian]

@revendo Put it in /public/class-jwt-auth-public.php line 230

[revendo]

Thanks so much. Works perfectly now.

[labgua]

Hi, I had the same problem and the solution of @woohsian works perfectly. So it is temporany, because if tomorrow there is another plugin that send a bearer token for own purposes there will be the same error!

I not very expert of wordpress, but I think it would be more efficient to control the endpoint path rather than if there is a bearer in the header. For example this plugin use the endpoint wp-json/jwt-auth/ that is certly unique in the paths of wordpress.

[estebanpanelli]

Exactly the same problem. When installing jwt WC API broke because of jwt interception. Workarounded this way: File: includes/class-jwt-auth.php Lines: 134 y 135 commented.

    private function define_public_hooks()
    {
        $plugin_public = new Jwt_Auth_Public($this->get_plugin_name(), $this->get_version());
        $this->loader->add_action('rest_api_init', $plugin_public, 'add_api_routes');
        $this->loader->add_filter('rest_api_init', $plugin_public, 'add_cors_support');
    -->//$this->loader->add_filter('determine_current_user', $plugin_public, 'determine_current_user', 10);
    -->//$this->loader->add_filter( 'rest_pre_dispatch', $plugin_public, 'rest_pre_dispatch', 10, 2 );
    }

Don't know if this is is a better way or if this can have side effects. Looking forward for a better solution.

[revendo]

I have faced this issue as well and I found a quick solution.

For me the reason why Woocommerce API stops working is because this plugin intercepts ALL authorization headers. This means it intercepts Basic Auth and expects to find a Bearer token Auth.

To get around this I modified the function validate_token by checking the $_SERVER['HTTP_AUTHORIZATION'] and returning out of the function if the string "Bearer" does not exist.

It's a bit quick and dirty but solves the problem for me for now. Waiting for the official solution.

$auth = isset($_SERVER['HTTP_AUTHORIZATION']) ?  $_SERVER['HTTP_AUTHORIZATION'] : false;
// Do not intercept if NOT bearer type token
if ($auth && substr($auth, 0, 6) != "Bearer") {
       return;
}

The new update unfortunately doesn't include a fix for this issue. Any reason?

[revendo]

Unfortunately, this issue hasn't been solved in the last release.