8000 AuthenticationUtils::getLastUsername(): Return value must be of type string, null returned · Issue #53503 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

AuthenticationUtils::getLastUsername(): Return value must be of type string, null returned #53503

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
r3dge opened this issue Jan 11, 2024 · 3 comments
Closed

AuthenticationUtils::getLastUsername(): Return value must be of type string, null returned #53503

r3dge opened this issue Jan 11, 2024 · 3 comments
Labels
Bug Security Status: Needs Review

Comments

@r3dge
Copy link
r3dge commented Jan 11, 2024
edited
Loading

Symfony version(s) affected

6.4.1

Description

In production environment i get regularly this exception in logs :

Uncaught PHP Exception TypeError: "Symfony\Component\Security\Http\Authentication\AuthenticationUtils::getLastUsername(): Return value must be of type string, null returned" at AuthenticationUtils.php

How to reproduce

I don't know exactly what trigger this exception

Possible Solution

Changing the return type of the method :

public function getLastUsername(): ?string
{
$request = $this->getRequest();

    if ($request->attributes->has(SecurityRequestAttributes::LAST_USERNAME)) {
        return $request->attributes->get(SecurityRequestAttributes::LAST_USERNAME, '');
    }

    return $request->hasSession() ? $request->getSession()->get(SecurityRequestAttributes::LAST_USERNAME, '') : '';
}

Additional Context

No response
@r3dge r3dge added the Bug label Jan 11, 2024
@xabbuh
Copy link
Member
xabbuh commented Jan 11, 2024

Looks like you need to investigate why null ends up as the value for the last username in the attributes bag or in the session.

Can you create a small example application that allows to reproduce your issue?

@alexandre-daubois alexandre-daubois mentioned this issue Jan 11, 2024
Merged
@r3dge
Copy link
Author
r3dge commented Jan 11, 2024

This anomaly occurs randomly. I find it regularly in the production logs but I don't know how to reproduce it.

@r3dge
Copy link
Author
r3dge commented Jan 15, 2024
edited
Loading

I don't know why sometimes the return of the getlastUsername is null (return $request->hasSession() ? $request->getSession()->get(SecurityRequestAttributes::LAST_USERNAME, '') : '';)

I am trying to implement a workaround in my login controller like that :

if(($request->hasSession() ? $request->getSession()->get(SecurityRequestAttributes::LAST_USERNAME, '') : '') != null) { $lastUsername = $authenticationUtils->getLastUsername(); }

chalasr added a commit that referenced this issue Jan 18, 2024
@chalasr
bug #53509 [Security] Fix AuthenticationUtils::getLastUsername() re…
4460eb4 
…turning null (alexandre-daubois)

This PR was merged into the 5.4 branch.

Discussion
----------

[Security] Fix `AuthenticationUtils::getLastUsername()` returning null

| Q             | A
| ------------- | ---
| Branch?       | 5.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Issues        | Fix #53503
| License       | MIT

This can happen when the attribute is actually set with `null`.

Covered the class while at it.

Commits
-------

2e52b06 [Security] Fix `AuthenticationUtils::getLastUsername()` returning null
@chalasr chalasr closed this as completed Jan 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Security Status: Needs Review
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@xabbuh @chalasr @r3dge @carsonbot
0