Skip to content

[CakePHP 5] MissingRouteException on Social Account Validation due to multiple routing typos (:action vs {action} and mismatched method names) #1175

Open
Open
[CakePHP 5] MissingRouteException on Social Account Validation due to multiple routing typos (:action vs {action} and mismatched method names)#1175
@egonher

Description

@egonher
egonher
opened on Mar 10, 2026

Description
When using social login (Oauth2) with validateSocialAccount => true, the plugin throws a MissingRouteException when attempting to send the validation email.

This happens because the route for SocialAccountsController::validateAccount cannot be generated properly. Upon further inspection, there seem to be two distinct routing bugs related to social account validation in the 16.next-cake5 (CakePHP 5) branch.

Steps to Reproduce

  1. Install the plugin in a CakePHP 5 application.
  2. Configure a social provider (e.g., Google or Facebook).
  3. Ensure validateSocialAccount is set to true in users.php configuration.
  4. Perform a social login for the first time with an existing or new account.
  5. The application throws a MissingRouteException triggered by UsersMailer::socialAccountValidation.

Error Stack Trace (Excerpt)

[Cake\Routing\Exception\MissingRouteException] A route matching `array (
  'prefix' => false,
  'plugin' => 'CakeDC/Users',
  'controller' => 'SocialAccounts',
  'action' => 'validateAccount',
  0 => 'google',
  // ... parameters
)` could not be found.

Root Causes Detailed

  1. Incorrect Action Name in Static Route:
    In config/routes.php, there is a route pointing to a non-existent method:
$routes->connect('/accounts/validate/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
    'action' => 'validate'  // <--- This method does not exist in SocialAccountsController.
]);

The actual method inside [SocialAccountsController] is named validateAccount($provider, $reference, $token). Additionally, UsersMailer.php correctly requests the route for validateAccount. It seems this static route should be pointing to 'action' => 'validateAccount'.

  1. Outdated CakePHP 4 syntax (:action) for fallback routes:
    In [config/routes.php] the fallback route for SocialAccounts (lines 48-51) uses the deprecated CakePHP 4 colon syntax instead of the CakePHP 5 bracket syntax, making it completely ignored by the new Router:
// Current code (CakePHP 4 syntax)
$routes->connect('/social-accounts/:action/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
]);

// Should be (CakePHP 5 syntax)
$routes->connect('/social-accounts/{action}/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
]);

Notice that just below this line, the UsersUrl::actionRouteParams(null) call uses the correct /{action}/* format. Only the SocialAccounts fallback route was missed during the CakePHP 5 upgrade.

Workaround / Proposed Fix
Until this is patched, users can fix the issue by mapping the correct route in their main [config/routes.php]

$routes->connect('/social-accounts/{action}/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
]);

Please update the [config/routes.php] inside the plugin to reflect CakePHP 5 curly bracket syntax and fix the mismatched method name in the /accounts/validate/* route.

Environment details

  • CakePHP Version: 5.x
  • CakeDC/Users Version: 16.next-cake5
  • PHP Version: 8.3

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions