Fosuserbundle: missing dependency, non-existent service "security.csrf.token_manager".

Created on 9 Jan 2018 · 6Comments · Source: FriendsOfSymfony/FOSUserBundle

I've installed

composer info | egrep -i "fos|symfony/framework-bundle"
    symfony/framework-bundle            v4.0.3             Symfony FrameworkBundle
    friendsofsymfony/user-bundle        dev-master 587c9bb Symfony FOSUserBundle

I'm working on getting Symfony4 + FOSUserBundle setup.

Following the FOSUser docs, (https://symfony.com/doc/master/bundles/FOSUserBundle/index.html) on exec of:

    bin/console doctrine:schema:update --force

returns:

The service "security.authentication.listener.form.main" has a dependency on a non-existent service "security.csrf.token_manager".

I've searched online docs for that security.csrf.token_manager but am finding nothing about it. The only thing I'm coming up with is on stackoverflow to "Replace csrf_provider with csrf_token_generator", which is already done.

Source

ahenry2

Most helpful comment

Do you have this in your framework.yaml file?

framework:
    csrf_protection: ~

Tomsgu on 10 Jan 2018

👍9

All 6 comments

Do you have this in your framework.yaml file?

framework:
    csrf_protection: ~

Tomsgu on 10 Jan 2018

👍9

Nope. There was no mention of it on

    https://symfony.com/doc/master/bundles/FOSUserBundle/index.html

So guessing that I should change

    ./config/packages/framework.yaml
        framework:
            secret: '%env(APP_SECRET)%'
            #default_locale: en
-           #csrf_protection: ~
+           csrf_protection: ~
            #http_method_override: true
            #trusted_hosts: ~
        ...

now

    bin/console doctrine:schema:update --force

returns NO ERROR.

Is that all that needs changing? If yes, then maybe a reminder on the doc page?

ahenry2 on 10 Jan 2018

The documentation is still for the stable 2.0.x version which is not symfony 4 compatible. But in the new one there is probably no need to add it, because the flex recipe should do it automatically.

Tomsgu on 10 Jan 2018

There's a flex recipe already?

Checking at

[RFC] Compatibility with Symfony Flex #2562
_https://github.com/FriendsOfSymfony/FOSUserBundle/issues/2562_

looks still open/unfinished, and there's no mention there of any needed change to

_/config/packages/framework.yaml_

Or are you just saying that it NEEDS to be added?

ahenry2 on 10 Jan 2018

Well to be clear. The csrf_protection enabling will be fixed in https://github.com/symfony/symfony/pull/25508 so we should not worry about it here.

And to have info about a recipe you can see https://github.com/FriendsOfSymfony/FOSUserBundle/issues/2704 .

Tomsgu on 10 Jan 2018

Ok, sounds like all I need for now is the manual change. The rest looks like it's all in the queue.

Thanks for the links.

ahenry2 on 10 Jan 2018

Was this page helpful?

0 / 5 - 0 ratings

Related issues

'Duplicate definition of column 'username' on entity' overriding model in 2.0.*

philrennie · 4Comments

how to overriding fosuserbundle change password form style ?

suhasini1212 · 5Comments

The path "fos_user.from_email.address" cannot contain an empty value, but got null.

flik · 4Comments

Api-platform & FOSUser : service "fos_user.profile.form.factory" non-existent service "form.factory".

antoinemineau · 5Comments

Unknown column 't0.username_canonical' in 'where clause'

mehdimays · 6Comments