8000 Unable to resolve env() in (Security) configuration · Issue #26747 · symfony/symfony · GitHub
[go: up one dir, main page]

Skip to content
Unable to resolve env() in (Security) configuration #26747
Closed
@sstok

Description

@sstok
Q A
Bug report? yes
Feature request? no
BC Break report? no
RFC? no
Symfony version 4.1-dev

Since (I suspect) #23888 using env() in a firewall configuration no longer works.

The path "security.firewalls.main.remember_me.secret" cannot contain an empty value, but got "".

In VariableNode.php line 85:

  [Symfony\Component\Config\Definition\Exception\InvalidConfigurationException]
  The path "security.firewalls.main.remember_me.secret" cannot contain an empty value, but got "".


Exception trace:
 Symfony\Component\Config\Definition\VariableNode->finalizeValue() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/BaseNode.php:413
 Symfony\Component\Config\Definition\BaseNode->finalize() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/BaseNode.php:402
 Symfony\Component\Config\Definition\BaseNode->finalize() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/ArrayNode.php:248
 Symfony\Component\Config\Definition\ArrayNode->finalizeValue() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/BaseNode.php:413
 Symfony\Component\Config\Definition\BaseNode->finalize() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/ArrayNode.php:248
 Symfony\Component\Config\Definition\ArrayNode->finalizeValue() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/BaseNode.php:413
 Symfony\Component\Config\Definition\BaseNode->finalize() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/PrototypedArrayNode.php:195
 Symfony\Component\Config\Definition\PrototypedArrayNode->finalizeValue() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/BaseNode.php:413
 Symfony\Component\Config\Definition\BaseNode->finalize() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/ArrayNode.php:248
 Symfony\Component\Config\Definition\ArrayNode->finalizeValue() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/BaseNode.php:413
 Symfony\Component\Config\Definition\BaseNode->finalize() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/Processor.php:39
 Symfony\Component\Config\Definition\Processor->process() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/config/Definition/Processor.php:52
 Symfony\Component\Config\Definition\Processor->processConfiguration() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/dependency-injection/Compiler/ValidateEnvPlaceholdersPass.php:80
 Symfony\Component\DependencyInjection\Compiler\ValidateEnvPlaceholdersPass->process() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/dependency-injection/Compiler/Compiler.php:95
 Symfony\Component\DependencyInjection\Compiler\Compiler->compile() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/dependency-injection/ContainerBuilder.php:717
 Symfony\Component\DependencyInjection\ContainerBuilder->compile() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/http-kernel/Kernel.php:513
 Symfony\Component\HttpKernel\Kernel->initializeContainer() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/http-kernel/Kernel.php:125
 Symfony\Component\HttpKernel\Kernel->boot() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/framework-bundle/Console/Application.php:65
 Symfony\Bundle\FrameworkBundle\Console\Application->doRun() at /Users/sebastiaanstok/Sites/symfony-41/my_project/vendor/symfony/console/Application.php:145
 Symfony\Component\Console\Application->run() at /Users/sebastiaanstok/Sites/symfony-41/my_project/bin/console:39

To reproduce:

composer create-project symfony/website-skeleton my_project 
composer config minimum-stability dev
composer remove symfony/lts
composer update

Now update config/packages/security.yaml with:

security:
    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        in_memory: { memory: ~ }
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        main:
            anonymous: true

            # activate different ways to authenticate

            # http_basic: true
            # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate

            form_login: true
            # https://symfony.com/doc/current/security/form_login_setup.html
            
            remember_me:
                secret:               '%env(APP_SECRET)%' # This used to work
                token_provider:       ~
                catch_exceptions:     true
                name:                 MAIN_REMEMBERME
                lifetime:             604800 # one week

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        # - { path: ^/admin, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }

And run bin/console cache:clear.

I tried debugging the system, but somewhere along execution the Configuration Resolver looses the value. All env variables are present, there are placeholders, and framework.secret works without any issues but the firewall remember_me fails for some unknown reason 🤔

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      0