Support » Plugin: JWT Auth - WordPress JSON Web Token Authentication » Whitelisting Endpoints function do not work

  • Resolved careerbuggy

    (@careerbuggy)


    I tried to create Whitelisting Endpoints function as mentioned still I get same error saying JWT authorization is not found error.

Viewing 11 replies - 16 through 26 (of 26 total)
  • Plugin Author Bagus

    (@contactjavas)

    Hi all!
    FYI, wp-json/wp/v2/* is now whitelisted by default in v1.4.0

    I have my rest controller within my custom theme.
    To get filter ‘jwt_auth_whitelist’ work, I needed to put the code in functions.php right to the top (first lines of the file).

    • This reply was modified 10 months, 1 week ago by afatoga.
    nawarcr7

    (@nawarcr7)

    Hi Mr. @contactjavas ,
    I still have the same problem not solved,
    I tried to put the following code:
    add_filter(
    ‘jwt_auth_whitelist’,
    function ($endpoints) {
    return array(
    ‘/wp-json/oembed/1.0/*’,
    ‘/wp-json/wp/v2/*’,
    ‘/wp-json/post-views-counter/*’,
    ‘/wp-json/yoast/v1/*’,
    ‘/wp-json/yoast/v1/myyoast/*’,
    ‘/wp-json/wc/blocks/*’,
    ‘/wp-json/wc/store/*’,
    ‘/wp-json/wc/v1/*’,
    ‘/wp-json/wc/v2/*’,
    ‘/wp-json/wc/v3/*’,
    ‘/wp-json/wccom-site/v1/*’,
    ‘/wp-json/wc-analytics/*’,
    ‘/wp-json/wc-admin/*’,
    );
    }
    );
    as you said once in my function.php and then in my plugin __constructor before rest_api_init action and in add_action(‘plugins_loaded’) and all of them didn’t work.
    Please help me if you could.
    Thanks!

    • This reply was modified 9 months ago by nawarcr7.
    Plugin Author Bagus

    (@contactjavas)

    Hi @nawarcr7 , try to delete your existing whitelisting filter. Put it in functions.php outside of your class. Just put it without wrapping it into a class.

    
    add_filter(
    	'jwt_auth_whitelist',
    	function ( $endpoints ) {
    		$whitelists = array(
    			'/wp-json/oembed/1.0/*',
    			'/wp-json/wp/v2/*',
    			'/wp-json/post-views-counter/*',
    			'/wp-json/yoast/v1/*',
    			'/wp-json/yoast/v1/myyoast/*',
    			'/wp-json/wc/blocks/*',
    			'/wp-json/wc/store/*',
    			'/wp-json/wc/v1/*',
    			'/wp-json/wc/v2/*',
    			'/wp-json/wc/v3/*',
    			'/wp-json/wccom-site/v1/*',
    			'/wp-json/wc-analytics/*',
    			'/wp-json/wc-admin/*',
    		);
    
    		foreach ( $whitelists as $whitelist ) {
    			if ( ! in_array( $whitelist, $endpoints, true ) ) {
    				array_push( $endpoints, $whitelist );
    			}
    		}
    
    		return $endpoints;
    	}
    );
    
    nawarcr7

    (@nawarcr7)

    Thank you @contactjavas for your quick response,
    I’m sorry, but still not working! as below:

    {
    success: false,
    statusCode: 403,
    code: “jwt_auth_no_auth_header”,
    message: “Authorization header not found.”,
    data: [ ],
    }

    Just for being noticed, if I use var_dump() with this $whitelists array in my filter, it is rendered successfully but it didn’t affect any of my routes.

    • This reply was modified 9 months ago by nawarcr7.
    • This reply was modified 9 months ago by nawarcr7.
    Plugin Author Bagus

    (@contactjavas)

    Hi @nawarcr7 , can you give screenshot of your postman testing? You can join our Discord channel for easier troubleshooting.

    Thanks,
    Bagus

    nawarcr7

    (@nawarcr7)

    Hi @contactjavas, I have joined Discord.

    Hello A, I have the same problem, I have read the documentation of your plugin, and when I do it is the same as above.

    code:
    add_filter( ‘jwt_auth_whitelist’, function ( $endpoints ) {
    return array(
    ‘/wp-json/bdpwr/v1/reset-password’,
    ‘/wp-json/bdpwr/v1/set-password’,
    ‘/wp-json/bdpwr/v1/validate-code’,
    );
    } );

    error: {
    “success”: false,
    “statusCode”: 403,
    “code”: “jwt_auth_no_auth_header”,
    “message”: “Authorization header not found.”,
    “data”: []
    }

    hi there, im in the same issue, it’s not working in my function.php
    but i dont understand this phrase: “Maybe create a 1 file plugin which contains the filter”.
    where this filter take place? Where would i need put this function add_filter( 'jwt_auth_whitelist', function ( $endpoints )
    Inside any .php file in my plugin folder?!

    i’m really basic changing code in WP sorry.
    best!
    juanma

    This works for me!

    If you’re adding the filter inside theme and the it doesn’t work, please create a small 1 file plugin and add your filter there.
    It should fix the issue.

    add_filter( 'jwt_auth_default_whitelist', function ( $default_whitelist ) {
    	// Modify the $default_whitelist here.
    	return $default_whitelist;
    } );

    —–

    <?php
    
    /**
     * Plugin Name: -
     * Description: -
     * Version: -
     * Author: -
     * Author -
     * License: -
     *
     * Text Domain: whitelist for Contact Form 7
     * 
     * @package .
     */
    
    if ( ! defined( 'ABSPATH' ) ) {
    	exit; // Exit if accessed directly.
    }
    
    /*----------------------------------------------------------------------------*/
    /**
     * JWT whitelist for Contact Form 7
     */
    add_filter(
    	'jwt_auth_default_whitelist', 
    	function ($whitelist) {
    		$whitelist[] = '/wp-json/contact-form-7/';
    		return $whitelist;
    	}, 
    	10,
    	2
    );

    What does ” create a small 1 file plugin and add your filter there.” mean?

    Where do I create the file?
    What do I name the file?

    Do I put the file in the plugin I want to whitelist or the JWT plugin?

Viewing 11 replies - 16 through 26 (of 26 total)
  • You must be logged in to reply to this topic.