search

dunglas / mercure

🪽 An open, easy, fast, reliable and battery-efficient solution for real-time communications
https://mercure.rocks
GNU Affero General Public License v3.0
3.98k stars 296 forks source link

401 Unauthorized anonymous? #479

Closed BonBonSlick closed 3 years ago

BonBonSlick commented 3 years ago 
remote.api.com
file_server

log {
   output stdout
   format json
}

route {
  mercure {
        transport_url local://local
        publisher_jwt ABC
        subscriber_jwt DFG
        cors_origins *
        anonymous
        subscriptions
  }

  respond "Not Found" 404
}

addy[60407]: {"level":"error","ts":1615028590.3192472,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_addr":"188.163.53.20:6248","proto":"HTTP/2.0","method":"GET","host":"remote.api.com","uri":"/.well-known/mercure/subscriptions/test","headers":{"Pragma":>...

Whatever we pass to uri it is still 401 always. EG urls are 401

https://remote.api.com/.well-known/mercure/subscriptions
https://remote.api.com/.well-known/mercure/subscriptions/%7Btest%7D
https://remote.api.com/.well-known/mercure/subscriptions/%7Btest%7D%7Bchat%7D

 add(key, url, onMessageCallback, onOpenCallback = undefined) {
        this.delete(key);

        const event = new EventSource(url);

        event.onmessage = onMessageCallback;

        if (typeof onOpenCallback !== "undefined") {
            event.onopen = onOpenCallback;
        }

        this.eventMap.set(key, event);
    }

Stil topics urls works fine, except subcriptions even it is exposed in caddy mercure config and anon allowed.

Why 401?

BonBonSlick commented 3 years ago

Well from the docs we see that JWT requires subscrive['*'] encoded for susbcriber, but the thing is, polyfill suggested by mercure and symfony has empty EventStream tab which makes it impossible to debug. https://mercure.rocks/docs/hub/troubleshooting EventStream tab must work. It is mercure docs and polyfill issue.