toSession unhandled session token

[decima]

Finally managed to register/login/logout, now I want to make a profile page, and i'm calling the toSession method.

But the toSession requires a X-Session-Token which is not really clear to me. So first I made my own call:

    public function getCurrentAuthenticatedUser(Request $request)
    {
        $client = new Client(["base_uri" => $this->getBrowserUrl()]);
        return $client->get("/sessions/whoami", ["headers" => $request->headers->all()]);
    }

It works but I would like to use the toSession method, so after digging into it, I've discover a set of apiKeys in the Configuration and saw there is a begin of code in the publicApi, but seems like something is missing:

https://github.com/ory/kratos-client-php/blob/60f490f07f3778fc8be7f01b9bc0910ca29a36c4/lib/Api/PublicApi.php#L7441-L7445

Am I doing something wrong? can't find any explanation about this X-Session-Token.

[aeneasr]

Hello, the session token is for native/mobile apps. For browser apps you must use cookies in toSession! I am not sure if the generated client supports that out of the box. Basically, you need to forward the HTTP Cookie header which ends up at your server to Kratos!

[decima]

That's what I did:

    public function getCurrentAuthenticatedUser(Request $request):Session
    {
        $response = $this->client->get(
            "/sessions/whoami",
            [
                "base_uri" => $this->getBrowserUrl(),
                "headers" => ["cookie"=>$request->headers->get("cookie")]
            ]
        );
        return new Session(
            json_decode($response->getBody()->getContents(), true)
        );
    }

[aeneasr]

Ah ok, I see, the problem is that the toSession method does not support the header property?

https://github.com/ory/kratos-client-php/blob/60f490f07f3778fc8be7f01b9bc0910ca29a36c4/lib/Api/PublicApi.php#L7387

Other clients do have this parameter, for example:

https://github.com/ory/kratos-client-go/blob/eb6f01330bbbb62ef6a731f7bb7b931e7a7ad0db/api_v0alpha1.go#L2602

However, I looked a bit into the PHP code base, it looks like you can use this?

https://github.com/ory/kratos-client-php/blob/60f490f07f3778fc8be7f01b9bc0910ca29a36c4/lib/Api/V0alpha1Api.php#L3611

[github-actions[bot]]

Hello contributors!

I am marking this issue as stale as it has not received any engagement from the community or maintainers a year. That does not imply that the issue has no merit! If you feel strongly about this issue

• open a PR referencing and resolving the issue;
• leave a comment on it and discuss ideas how you could contribute towards resolving it;
• leave a comment and describe in detail why this issue is critical for your use case;
• open a new issue with updated details and a plan on resolving the issue.

Throughout its lifetime, Ory has received over 10.000 issues and PRs. To sustain that growth, we need to prioritize and focus on issues that are important to the community. A good indication of importance, and thus priority, is activity on a topic.

Unfortunately, burnout has become a topic of concern amongst open-source projects.

It can lead to severe personal and health issues as well as opening catastrophic attack vectors.

The motivation for this automation is to help prioritize issues in the backlog and not ignore, reject, or belittle anyone.

If this issue was marked as stale erroneous you can exempt it by adding the backlog label, assigning someone, or setting a milestone for it.

Thank you for your understanding and to anyone who participated in the conversation! And as written above, please do participate in the conversation if this topic is important to you!

Thank you 🙏✌️