8000 [Security] Method "GuardAuthenticationListener::setSessionAuthenticationStrategy()" does not exist · Issue #27577 · symfony/symfony · GitHub
[go: up one dir, main page]

Skip to content

[Security] Method "GuardAuthenticationListener::setSessionAuthenticationStrategy()" does not exist #27577

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
derrabus opened this issue Jun 11, 2018 · 7 comments

Comments

@derrabus
Copy link
Member
derrabus commented Jun 11, 2018

Symfony version(s) affected: 2.8.42-dev, 3.4.12-dev

Description
Applications configuring a guard authenticator exit with an exception after upgrading to the HEAD of the 2.8/3.4 branch.

In AbstractRecursivePass.php line 162:

  [Symfony\Component\DependencyInjection\Exception\RuntimeException]
  Invalid service "security.authentication.listener.guard.main": method "Symfony\Component\Securit
  y\Guard\Firewall\GuardAuthenticationListener::setSessionAuthenticationStrategy()" does not exist
  .

How to reproduce
Just configure any guard authenticator on a new Symfony project.

Additional context
bildschirmfoto 2018-06-11 um 18 44 04

bildschirmfoto 2018-06-11 um 19 53 58

If you downgrade symfony/symfony to 2.8.41/3.4.11, everything's fine again.

@derrabus
Copy link
Member Author

Could this be related to #27452? /cc @weaverryan

@weaverryan
Copy link
Member

My fault for sure - I'm working on it :)

@weaverryan
Copy link
Member

See: #27581

@chalasr
Copy link
Member
chalasr commented Jun 11, 2018

Thanks for testing dev branches @derrabus :)

chalasr pushed a commit that referenced this issue Jun 12, 2018
…gration (weaverryan)

This PR was squashed before being merged into the 2.8 branch (closes #27581).

Discussion
----------

Fix bad method call with guard authentication + session migration

| Q             | A
| ------------- | ---
| Branch?       | 2.8
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no (but there needs to be on master)
| Tests pass?   | yes
| Fixed tickets | #27577
| License       | MIT
| Doc PR        | n/a

I messed up #27452 :/. Guard is the one class where the session migration is not on the listener, it's on the handler. The tricky part is that there is only ONE handler (unlike listeners where there is 1 listener per firewall). That means that implementing a session migration strategy that avoids stateless firewalls was a bit more tricky: I could only think to inject a map into `GuardAuthenticationHandler`. On the bright side, this also fixes session migration (not happening) when people call the `authenticateUserAndHandleSuccess()` method directly.

On master, we'll need to add a deprecation to make the 3rd argument of `authenticateWithToken()` required - it's optional now for BC. We may also need to re-order the constructor args.

I DID test this in a real 2.8 project, to make sure that things were properly wired up. Apologies for not doing that for the other PR.

Cheers!

Commits
-------

2c0ac93 Fix bad method call with guard authentication + session migration
@chalasr chalasr closed this as completed Jun 12, 2018
@derrabus
Copy link
Member Author

@weaverryan I can confirm that the issue is gone on the 2.8 branch. However, I can still reproduce it on 3.4 although #27581 must have been merged there as well by now. Can you have a look, please?

@chalasr
Copy link
Member
chalasr commented Jun 18, 2018

@derrabus fixed in 13e983a, thanks!

@derrabus
Copy link
Member Author

Wow, that was fast, @chalasr! 3.4 seems to be working now as well. Thanks a lot!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants
0