【发布时间】:2020-11-26 08:47:04
【问题描述】:
我有一个 docker-compose 可以启动一个 Mercure 容器
码头工人撰写
version: '3.8'
services:
...
mercure:
image: dunglas/mercure
ports:
- '8003:443'
- '8004:80'
environment:
- JWT_KEY='so_secret'
- DEMO=1
- DEBUG=1
- ALLOW_ANONYMOUS=1
- CORS_ALLOWED_ORIGINS=*
- PUBLISH_ALLOWED_ORIGINS=*
networks:
default:
但是当我发布到 POST http://mercure/.well-known/mercure 时,我从我的 Mercure 容器中得到了这个:
(美化)
Log #1
{
"level":"info",
"ts":1606379852.84174,
"logger":"http.handlers.mercure",
"msg":"Topic selectors not matched or not provided",
"remote_addr":"192.168.192.3:37534",
"error":"unable to parse JWT: signature is invalid"
}
Log #2
{
"level":"error",
"ts":1606379852.8418272,
"logger":"http.log.access",
"msg":"handled request",
"request":{
"remote_addr":"192.168.192.3:37534",
"proto":"HTTP/1.1",
"method":"POST",
"host":"mercure",
"uri":"/.well-known/mercure",
"headers":{
"Authorization":[
"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXJjdXJlIjp7InB1Ymxpc2giOltdfX0.VuGJakeE0mowuQj0ErJjtEE-U4iYey2_XCbESaaGvtU"
],
"User-Agent":[
"Symfony HttpClient/Curl"
],
"Accept-Encoding":[
"gzip"
],
"Content-Length":[
"1339"
],
"Content-Type":[
"application/x-www-form-urlencoded"
],
"Accept":[
"*/*"
]
}
},
"common_log":"192.168.192.3 - - [26/Nov/2020:08:37:32 +0000] \"POST /.well-known/mercure HTTP/1.1\" 401 13",
"duration":0.001635684,
"size":13,
"status":401,
"resp_headers":{
"X-Content-Type-Options":[
"nosniff"
],
"X-Xss-Protection":[
"1; mode=block"
],
"Content-Security-Policy":[
"default-src 'self' mercure.rocks cdn.jsdelivr.net"
],
"Content-Type":[
"text/plain; charset=utf-8"
],
"Server":[
"Caddy"
],
"X-Frame-Options":[
"DENY"
]
}
}
当https://jwt.io/ 说它已验证时,为什么它说签名无效?来自 docker-compose 的 JWT_KEY 会被忽略吗?
// 编辑
sudo docker-compose exec mercure env 显示 JWT_KEY=so_secret,我还能检查什么?
【问题讨论】:
标签: docker docker-compose jwt mercure