8000 [Security Config] Error when setting the configuration value `firewalls.[firewalls name].simple_form.post_only` to false · Issue #26916 · symfony/symfony · GitHub
[go: up one dir, main page]

Skip to content
[Security Config] Error when setting the configuration value firewalls.[firewalls name].simple_form.post_only to false  #26916
Closed
@CedrickOka

Description

@CedrickOka
Q A
Bug report? yes
Feature request? no
BC Break report? no
RFC? no
Symfony version 3.4.4

@fabpot
Exemple:

# app/config/security.yml

firewalls:
        main:
            pattern: '^/'
            methods: POST
            anonymous: true
            entry_point: app.security.authentication.form_entry_point
            provider: webservice_user_provider
            logout_on_user_change: true
            simple_form:
                post_only: false

When we try to login here is what we get

Type error: Argument 1 passed to Symfony\Component\Security\Http\ParameterBagUtils::getParameterBagValue() must be an instance of Symfony\Component\HttpFoundation\ParameterBag, instance of Symfony\Component\HttpFoundation\Request given, called in /var/www/drive-app/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SimpleFormAuthenticationListener.php on line 103

The error is caused by the fact that an instance of the class Symfony\Component\HttpFoundation\Request is provided instead of Symfony\Component\HttpFoundation\ParameterBag to the method Symfony\Component\Security\Http\ParameterBagUtils::getParameterBagValue()

// vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SimpleFormAuthenticationListener.php line 103

    protected function attemptAuthentication(Request $request)
    {
        if (null !== $this->csrfTokenManager) {
            $csrfToken = ParameterBagUtils::getRequestParameterValue($request, $this->options['csrf_parameter']);
            if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['csrf_token_id'], $csrfToken))) {
                throw new InvalidCsrfTokenException('Invalid CSRF token.');
            }
        }
        $requestBag = $this->options['post_only'] ? $request->request : $request;
        $username = ParameterBagUtils::getParameterBagValue($requestBag, $this->options['username_parameter']);
        $password = ParameterBagUtils::getParameterBagValue($requestBag, $this->options['password_parameter']);
        if (!\is_string($username) || (\is_object($username) && !\method_exists($username, '__toString'))) {
            throw new BadRequestHttpException(sprintf('The key "%s" must be a string, "%s" given.', $this->options['username_parameter'], \gettype($username)));
        }
        $username = trim($username);
        if (\strlen($username) > Security::MAX_USERNAME_LENGTH) {
            throw new BadCredentialsException('Invalid username.');
        }
        $request->getSession()->set(Security::LAST_USERNAME, $username);
        $token = $this->simpleAuthenticator->createToken($request, $username, $password, $this->providerKey);
        return $this->authenticationManager->authenticate($token);
    }
// ParameterBagUtils.php::getParameterBagValue() declaration
public static function getParameterBagValue(ParameterBag $parameters, $path)

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      0