-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
firewall requires a user provider but none was defined #191
Comments
Are you using client-credentials for authentication? I've had a similar issue due to changes that have been made in oauth2-server. Before oauth2-server version 9.0.0 the subject field in the JWT token was empty when using client credentials. This commit add a change that will fill the client id in the subject field. When the subject field is empty in the JWT this code will return a NullUser object and not call the user provider, but because this field is not empty anymore after version 9.0.0 the user provider is now being called and throws an error. |
Also experiencing the issue with client credentials that @bartholdbos is describing. Our tests started failing when updating to 0.9.0 because the UserInterface::createFromPayload was called, and no payload was passed with the JWT array and only the Client ID as the UserName. This breaking change was not documented in the Release notes and there is no documentation on what should be done to resolve this issue. Any help would be appreciated. For now will stay it at 0.8.0 until there is a resolution |
It seems that previously Hence, it looks like a fix for |
In my opinion, since we already have user identifier, it would be better if league library used some |
Same problem here, @bartholdbos perfectly explained it. I can't understand how the issue went unnoticed since the change is so breaking.
And then use Would be nice if this was not needed! |
/cc @ajgarlag |
@maciekstary, I'm just wondering if it won't create the confusion that |
@rela589n Good point. What I can only say is that in previous implementation authenticator used |
Sorry, but I'm pretty busy these days. Can anyone provide a reproducer? I'd need a minimal Symfony app working with |
Hi, I've tried to prepare a reproducer (based on https://github.com/dwgebler/OAuth2ServerDemo), available here https://github.com/krkabol/OAuth_reproducer. Includes a test client, but sorry as new in Symfony, from some weird reason the /authorize route does not works :) - hopefully you are able to fix it easily yourself. I have a similar non-public and when upgrade to 0.9, it falls.. EDIT: SSH key included for instant usage, it is not an unwanted leak |
@krkabol thanks. I'll try it ASAP. |
The reproducer provided by @krkabol was not using client-credentials. It did not fail with the The problem with that repository was reported in #200. I've opened #201 to fix documentation. I still need a reproducer for the original error reported in this issue. |
Bundle setup docs https://github.com/thephpleague/oauth2-server-bundle/blob/58d4b11a5f75dd049d613871e6a3a3a367cbd976/docs/basic-setup.md does not say anything about setting a user provider for a firewall. I get exception
Uncaught PHP Exception Symfony\Component\Config\Definition\Exception\InvalidConfigurationException: ""api" firewall requires a user provider but none was defined." at MissingUserProvider.php line 31
My security.yaml (same as in docs):
The text was updated successfully, but these errors were encountered: