[Security] Wrong example for oidc.discovery.cache option

Question

[Security] Wrong example for oidc.discovery.cache option

Closed this issue a month ago · 3 comments

Tilogorn commented a month ago

This example here is wrong:

See https://symfony.com/doc/current/security/access_token.html#2-configure-the-oidctokenhandler

There is another id key below cache. config:dump-reference is already correct.

Additionally, I would improve the wording here:

To use another claim, specify it on the configuration with the claim option.

This was not clear to me since the claim option was already part of other examples and the name is quite "universal". user_identifier_claim would be more meaningful, but I understand that this is the wrong repo for such suggestions.

Answer 1 · 2025-10-02T09:02:10.000Z

Have you tried using cache: cache.app in your app and failed? BEcause many Symfony options provide a shortcut ... so maybe here you can use both the long id: ... config as shown in the config:dump-reference command and the short config jus tproviding the value without the id. Thanks.

Answer 2 · 2025-10-02T09:05:27.000Z

Yes, thats how I noticed it doesn't work like in the docs. Specifiying cache: cache.app leads to a 500 saying Invalid type for path "security.firewalls.main.access_token.token_handler.oidc.discovery.cache". Expected "array", but got "string".

Answer 3 · 2025-10-02T14:25:41.000Z

Thanks a lot for double-checking this 🙌 We're trying to fix this in #21458.