You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After a fresh install on Windows and having generated the required jwt/config/private.pem and jwt/config/public.pem files, starting the server symfony server:start -d and accessing the admin login page, both files should be correctly read from disk so the authorization server can be instantiated by the container and the whole page can function.
Actual behaviour
You get an exception:
{code: "0",status: "500",title: "Internal Server Error",detail: "User Notice: Key file "file://C:\projects\personal\project/config/jwt/public.pem" permissions are not correct, recommend changing to 600 or 660 instead of 666",meta: {// ...}}
On a Windows 11 machine, with PHP v8.1.13, Symfony CLI v5.4.20 and Docker v20.10.21 installed, run the following commands, from this repository's README.md:
Edit the ,env file at the root to set APP_ENV=dev and finally, visit localhost:8000/admin. You should be greeted with the previously mentioned error.
Further Context
This happens because League\OAuth2\Server\CryptKey::__construct by default checks for file permissions. While that is a perfectly valid idea in Linux, in Windows files don't follow a similar permission system as as such, when requested, PHP always returns 666. This can be a pain for Windows developers and packages such as laravel/passport have decided to disable it by default, by passing the false as the third parameter of the constructor. It seems to be the maintainers "recommendation" as per thephpleague/oauth2-server#779.
Now I'm really new to Shopware (this really was my first attempt at installing it), but it seems to me that simply editing shopware\core\Framework\DependencyInjection\api.xml definitions to pass false as the last argument should work. For testing purposes, I replaced old definitions in my vendor folder with the ones below, and it worked™.
Perhaps not always disabling it, but only on Windows? I think this could be done with <argument type="expression">PHP_OS_FAMILY !== 'Windows'</argument>, but I haven't tested it.
Either way, I would be happy to work on a PR to solve this issue if you could point me in the right direction.
The text was updated successfully, but these errors were encountered:
Another approach could be to do an CompilerPass. Feel free to make a PR, but we officially don't support Windows. So I assume there are a lot of other problems
PHP Version
8.1.13
Shopware Version
6.4.18.0
Expected behaviour
After a fresh install on Windows and having generated the required
jwt/config/private.pem
andjwt/config/public.pem
files, starting the serversymfony server:start -d
and accessing the admin login page, both files should be correctly read from disk so the authorization server can be instantiated by the container and the whole page can function.Actual behaviour
You get an exception:
Full API Response
How to reproduce
On a Windows 11 machine, with PHP v8.1.13, Symfony CLI v5.4.20 and Docker v20.10.21 installed, run the following commands, from this repository's
README.md
:Then, generate your secret files and remember to set the password to
shopware
:Edit the
,env
file at the root to setAPP_ENV=dev
and finally, visitlocalhost:8000/admin
. You should be greeted with the previously mentioned error.Further Context
This happens because
League\OAuth2\Server\CryptKey::__construct
by default checks for file permissions. While that is a perfectly valid idea in Linux, in Windows files don't follow a similar permission system as as such, when requested, PHP always returns666
. This can be a pain for Windows developers and packages such aslaravel/passport
have decided to disable it by default, by passing thefalse
as the third parameter of the constructor. It seems to be the maintainers "recommendation" as per thephpleague/oauth2-server#779.Now I'm really new to Shopware (this really was my first attempt at installing it), but it seems to me that simply editing
shopware\core\Framework\DependencyInjection\api.xml
definitions to passfalse
as the last argument should work. For testing purposes, I replaced old definitions in myvendor
folder with the ones below, and it worked™.Perhaps not always disabling it, but only on Windows? I think this could be done with
<argument type="expression">PHP_OS_FAMILY !== 'Windows'</argument>
, but I haven't tested it.Either way, I would be happy to work on a PR to solve this issue if you could point me in the right direction.
The text was updated successfully, but these errors were encountered: