You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
API Platform version(s) affected: 4.0.13 Description
I've come across an issue where the JSON login endpoint and refresh token endpoint stopped working after an error occurred in the API. The error message stated "no username and password" or "no refresh token provided". After digging into the problem, I found the root cause:
When a request is made to an API resource, the ContentNegotiationProvider adds the formats from the config/operation into the Symfony Request object. This works fine for successful responses (2xx), but when an error occurs, the request format keeps its overridden value as application/problem+json. For subsequent requests handled by API-Platform, this is not an issue since the ContentNegotiationProvider is invoked for every request, resetting the formats. However, for any routes outside API-Platform (e.g., refresh token or JWT login endpoints), the ContentNegotiationProvider is not triggered. As a result, the static $formats variable retains the overwritten format application/problem+json, causing application/json to no longer be recognized.
I had this issue before in a PHPUnit WebTestCase and back then managed to get rid of it, but since moving to FrankenPHP worker mode, the problem has returned. It seems this problem only occurs when running in worker mode, which makes sense because the static $formats inside the Symfony Request object is kept in memory.
I've created a reproducer that represents the issue in combination with FrankenPHP in worker mode:
What i've noticed: Scenario 1: When 406 Not Acceptable is thrown, the json format is being overwritten to:
"json" => [ "application/problem+json" ]
Scenario 2: 500 Internal Server Error is thrown, the jsonld format is being overwritten to:
Navigate to http://localhost/ to see the scenario's, click the buttons in order to see.
Possible Solution
I think the solution should be created inside Symfony itself, because the kernel should reset the static::$formats in my opinion for subsequent requests. But I am not sure of it.
The text was updated successfully, but these errors were encountered:
API Platform version(s) affected: 4.0.13
Description
I've come across an issue where the JSON login endpoint and refresh token endpoint stopped working after an error occurred in the API. The error message stated
"no username and password"
or"no refresh token provided"
. After digging into the problem, I found the root cause:When a request is made to an API resource, the ContentNegotiationProvider adds the formats from the config/operation into the Symfony Request object. This works fine for successful responses (2xx), but when an error occurs, the request format keeps its overridden value as
application/problem+json
. For subsequent requests handled by API-Platform, this is not an issue since the ContentNegotiationProvider is invoked for every request, resetting the formats. However, for any routes outside API-Platform (e.g., refresh token or JWT login endpoints), the ContentNegotiationProvider is not triggered. As a result, thestatic $formats
variable retains the overwritten formatapplication/problem+json
, causingapplication/json
to no longer be recognized.I had this issue before in a PHPUnit WebTestCase and back then managed to get rid of it, but since moving to FrankenPHP worker mode, the problem has returned. It seems this problem only occurs when running in worker mode, which makes sense because the
static $formats
inside the Symfony Request object is kept in memory.I've created a reproducer that represents the issue in combination with FrankenPHP in worker mode:
What i've noticed:
Scenario 1: When 406 Not Acceptable is thrown, the
json
format is being overwritten to:Scenario 2: 500 Internal Server Error is thrown, the
jsonld
format is being overwritten to:How to reproduce
https://github.com/SherinBloemendaal/api-platform-6885
git clone https://github.com/SherinBloemendaal/api-platform-6885
docker compose build
docker compose exec php composer install
docker compose up -d
http://localhost/
to see the scenario's, click the buttons in order to see.Possible Solution
I think the solution should be created inside Symfony itself, because the kernel should reset the
static::$formats
in my opinion for subsequent requests. But I am not sure of it.The text was updated successfully, but these errors were encountered: