Lazy firewall causes provider to not be prepared

[PhilETaylor]

Bundle version: 5.2.0
Symfony version: 5.2.0 (lazy was introduced in 5.1)
PHP version: 8.0.1-dev
Using authenticators (enable_authenticator_manager: true): YES

Description

Every thing works perfect. Until you add lazy: true in your firewall.

To Reproduce

Every thing works perfect. Until you add lazy: true in your firewall.

After you add that, and attempt to login, on providing totp code you get An authentication exception occurred

If you debug that you will get the real reason The two-factor provider "totp" has not been prepared.

If you toggle lazy: false everything works fine

back to lazy: true and login is broken again.

https://symfony.com/doc/current/security.html

New in version 5.1: The lazy: true option was introduced in Symfony 5.1. Prior to version 5.1, it was enabled using anonymous: lazy

The lazy anonymous mode prevents the session from being started if there is no need for authorization (i.e. explicit check for a user privilege). This is important to keep requests cacheable (see HTTP Cache).

[scheb]

Yea, I'm also just looking into the lazy feature, as I've recognized it in the firewall config from #38. There's definitely something odd going on in combination with that feature.

Currently testing on Symfony 5.1.9 and - while 2fa is still working - I see slight behavioral deviations, e.g. it does not automatically redirect to the 2fa form. Haven't checked with Symfony 5.2.0 yet, might even have become worse.

[scheb]

v5.2.1 released to fix issues related to lazy firewalls.

[PhilETaylor]

Thanks for the quick turnaround... Im busy being a dad tonight, but promise to test 5.2.1 in the morning

[scheb]

Tomorrow is totally fine. Enjoy the time with your family ;)