Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v2.1.3] Unable to connect to Redis Resource in Azure #425

Closed
javiermadueno opened this issue May 18, 2018 · 17 comments
Closed

[v2.1.3] Unable to connect to Redis Resource in Azure #425

javiermadueno opened this issue May 18, 2018 · 17 comments
Labels
bug Not working as intended

Comments

@javiermadueno
Copy link

Hello,

Yesterday I updated the Bundle in my Azure webapp and it seems there is a problem with the last version changes. It's unable to connect to the Redis Resource in Azure showing this message:

predis SELECT failed: NOAUTH Authentication required.

The REDIS_URL is well defined and installing the version 2.1.2 it works properly.

Kind regards.
@monsieurchico
Copy link

I got the same probleme here !

@curry684
Copy link
Collaborator

Must stem from #413.

@B-Galati any clue?

@curry684
Copy link
Collaborator

Btw it was actually broken before as they were evaluated at the wrong time in the wrong way. So you may have inadvertently been using this feature 'wrong' but accidentally made it work that way. If either of you can provide a bit more insight on how you configured things we can nail this down quickly hopefully.

@B-Galati
Copy link
Collaborator

I tried to look into it without success.

I will definitely need more information from @javiermadueno and/or @monsieurchico (stack trace, config, etc.).

@curry684 curry684 added the needs-clarification Issue is not clear to maintainers label May 22, 2018
@javiermadueno
Copy link
Author

Hello @B-Galati, this is the Exceptiontion trace: (I've replaced the redis URL for URL-HIDDEN-FOR-SECURITY

Predis\Connection\ConnectionException:
`SELECT` failed: NOAUTH Authentication required. [redis://URL-HIDDEN-FOR-SECURITY:6379]

  at vendor\predis\predis\src\Connection\AbstractConnection.php:155
  at Predis\Connection\AbstractConnection->onConnectionError('`SELECT` failed: NOAUTH Authentication required.', 0)
     (vendor\predis\predis\src\Connection\StreamConnection.php:263)
  at Predis\Connection\StreamConnection->connect()
     (vendor\predis\predis\src\Connection\AbstractConnection.php:180)
  at Predis\Connection\AbstractConnection->getResource()
     (vendor\predis\predis\src\Connection\StreamConnection.php:288)
  at Predis\Connection\StreamConnection->write('*6
$3
SET
$46
schengen_23c125a2e48cb927378d38b79f9deaef.lock
$13
5b03f3552f6e6
$2
PX
$6
300001
$2
NX
')
     (vendor\predis\predis\src\Connection\StreamConnection.php:394)
  at Predis\Connection\StreamConnection->writeRequest(object(StringSet))
     (vendor\predis\predis\src\Connection\AbstractConnection.php:110)
  at Predis\Connection\AbstractConnection->executeCommand(object(StringSet))
     (vendor\snc\redis-bundle\Client\Predis\Connection\ConnectionWrapper.php:176)
  at Snc\RedisBundle\Client\Predis\Connection\ConnectionWrapper->executeCommand(object(StringSet))
     (vendor\predis\predis\src\Client.php:331)
  at Predis\Client->executeCommand(object(StringSet))
     (vendor\predis\predis\src\Client.php:314)
  at Predis\Client->__call('set', array('schengen_23c125a2e48cb927378d38b79f9deaef.lock', '5b03f3552f6e6', 'PX', 300001, 'NX'))
     (vendor\snc\redis-bundle\Session\Storage\Handler\RedisSessionHandler.php:138)
  at Snc\RedisBundle\Session\Storage\Handler\RedisSessionHandler->Snc\RedisBundle\Session\Storage\Handler\{closure}(object(Client), 'schengen_23c125a2e48cb927378d38b79f9deaef.lock', '5b03f3552f6e6', 300001)
     (vendor\snc\redis-bundle\Session\Storage\Handler\RedisSessionHandler.php:146)
  at Snc\RedisBundle\Session\Storage\Handler\RedisSessionHandler->lockSession('23c125a2e48cb927378d38b79f9deaef')
     (vendor\snc\redis-bundle\Session\Storage\Handler\RedisSessionHandler.php:204)
  at Snc\RedisBundle\Session\Storage\Handler\RedisSessionHandler->read('23c125a2e48cb927378d38b79f9deaef')
  at session_start()
     (vendor\symfony\http-foundation\Session\Storage\NativeSessionStorage.php:142)
  at Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage->start()
     (vendor\symfony\http-foundation\Session\Session.php:57)
  at Symfony\Component\HttpFoundation\Session\Session->start()
     (vendor\symfony\security-csrf\TokenStorage\SessionTokenStorage.php:78)
  at Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage->hasToken('https-get_quote')
     (vendor\symfony\security-csrf\CsrfTokenManager.php:72)
  at Symfony\Component\Security\Csrf\CsrfTokenManager->getToken('get_quote')
     (vendor\symfony\form\Extension\Csrf\Type\FormTypeCsrfExtension.php:83)
  at Symfony\Component\Form\Extension\Csrf\Type\FormTypeCsrfExtension->finishView(object(FormView), object(Form), array('block_name' => null, 'disabled' => false, 'label' => null, 'label_format' => null, 'translation_domain' => null, 'auto_initialize' => true, 'trim' => true, 'required' => true, 'property_path' => null, 'mapped' => true, 'by_reference' => true, 'inherit_data' => false, 'compound' => true, 'method' => 'POST', 'action' => '', 'post_max_size_message' => 'The uploaded file was too large. Please try to upload a smaller file.', 'error_mapping' => array(), 'invalid_message' => 'This value is not valid.', 'invalid_message_parameters' => array(), 'allow_extra_fields' => false, 'extra_fields_message' => 'This form should not contain extra fields.', 'csrf_protection' => true, 'csrf_field_name' => '_token', 'csrf_message' => 'The CSRF token is invalid. Please try to resubmit the form.', 'csrf_token_manager' => object(CsrfTokenManager), 'csrf_token_id' => null, 'attr' => array(), 'data_class' => 'Schengen\\Application\\Product\\GetQuoteRequest', 'empty_data' => object(Closure), 'error_bubbling' => true, 'label_attr' => array(), 'upload_max_size_message' => object(Closure), 'validation_groups' => null, 'constraints' => array(), 'data' => object(GetQuoteRequest)))
     (vendor\symfony\form\ResolvedFormType.php:174)
  at Symfony\Component\Form\ResolvedFormType->finishView(object(FormView), object(Form), array('block_name' => null, 'disabled' => false, 'label' => null, 'label_format' => null, 'translation_domain' => null, 'auto_initialize' => true, 'trim' => true, 'required' => true, 'property_path' => null, 'mapped' => true, 'by_reference' => true, 'inherit_data' => false, 'compound' => true, 'method' => 'POST', 'action' => '', 'post_max_size_message' => 'The uploaded file was too large. Please try to upload a smaller file.', 'error_mapping' => array(), 'invalid_message' => 'This value is not valid.', 'invalid_message_parameters' => array(), 'allow_extra_fields' => false, 'extra_fields_message' => 'This form should not contain extra fields.', 'csrf_protection' => true, 'csrf_field_name' => '_token', 'csrf_message' => 'The CSRF token is invalid. Please try to resubmit the form.', 'csrf_token_manager' => object(CsrfTokenManager), 'csrf_token_id' => null, 'attr' => array(), 'data_class' => 'Schengen\\Application\\Product\\GetQuoteRequest', 'empty_data' => object(Closure), 'error_bubbling' => true, 'label_attr' => array(), 'upload_max_size_message' => object(Closure), 'validation_groups' => null, 'constraints' => array(), 'data' => object(GetQuoteRequest)))
     (vendor\symfony\form\Extension\DataCollector\Proxy\ResolvedTypeDataCollectorProxy.php:111)
  at Symfony\Component\Form\Extension\DataCollector\Proxy\ResolvedTypeDataCollectorProxy->finishView(object(FormView), object(Form), array('block_name' => null, 'disabled' => false, 'label' => null, 'label_format' => null, 'translation_domain' => null, 'auto_initialize' => true, 'trim' => true, 'required' => true, 'property_path' => null, 'mapped' => true, 'by_reference' => true, 'inherit_data' => false, 'compound' => true, 'method' => 'POST', 'action' => '', 'post_max_size_message' => 'The uploaded file was too large. Please try to upload a smaller file.', 'error_mapping' => array(), 'invalid_message' => 'This value is not valid.', 'invalid_message_parameters' => array(), 'allow_extra_fields' => false, 'extra_fields_message' => 'This form should not contain extra fields.', 'csrf_protection' => true, 'csrf_field_name' => '_token', 'csrf_message' => 'The CSRF token is invalid. Please try to resubmit the form.', 'csrf_token_manager' => object(CsrfTokenManager), 'csrf_token_id' => null, 'attr' => array(), 'data_class' => 'Schengen\\Application\\Product\\GetQuoteRequest', 'empty_data' => object(Closure), 'error_bubbling' => true, 'label_attr' => array(), 'upload_max_size_message' => object(Closure), 'validation_groups' => null, 'constraints' => array(), 'data' => object(GetQuoteRequest)))
     (vendor\symfony\form\ResolvedFormType.php:167)
  at Symfony\Component\Form\ResolvedFormType->finishView(object(FormView), object(Form), array('block_name' => null, 'disabled' => false, 'label' => null, 'label_format' => null, 'translation_domain' => null, 'auto_initialize' => true, 'trim' => true, 'required' => true, 'property_path' => null, 'mapped' => true, 'by_reference' => true, 'inherit_data' => false, 'compound' => true, 'method' => 'POST', 'action' => '', 'post_max_size_message' => 'The uploaded file was too large. Please try to upload a smaller file.', 'error_mapping' => array(), 'invalid_message' => 'This value is not valid.', 'invalid_message_parameters' => array(), 'allow_extra_fields' => false, 'extra_fields_message' => 'This form should not contain extra fields.', 'csrf_protection' => true, 'csrf_field_name' => '_token', 'csrf_message' => 'The CSRF token is invalid. Please try to resubmit the form.', 'csrf_token_manager' => object(CsrfTokenManager), 'csrf_token_id' => null, 'attr' => array(), 'data_class' => 'Schengen\\Application\\Product\\GetQuoteRequest', 'empty_data' => object(Closure), 'error_bubbling' => true, 'label_attr' => array(), 'upload_max_size_message' => object(Closure), 'validation_groups' => null, 'constraints' => array(), 'data' => object(GetQuoteRequest)))
     (vendor\symfony\form\Extension\DataCollector\Proxy\ResolvedTypeDataCollectorProxy.php:111)
  at Symfony\Component\Form\Extension\DataCollector\Proxy\ResolvedTypeDataCollectorProxy->finishView(object(FormView), object(Form), array('block_name' => null, 'disabled' => false, 'label' => null, 'label_format' => null, 'translation_domain' => null, 'auto_initialize' => true, 'trim' => true, 'required' => true, 'property_path' => null, 'mapped' => true, 'by_reference' => true, 'inherit_data' => false, 'compound' => true, 'method' => 'POST', 'action' => '', 'post_max_size_message' => 'The uploaded file was too large. Please try to upload a smaller file.', 'error_mapping' => array(), 'invalid_message' => 'This value is not valid.', 'invalid_message_parameters' => array(), 'allow_extra_fields' => false, 'extra_fields_message' => 'This form should not contain extra fields.', 'csrf_protection' => true, 'csrf_field_name' => '_token', 'csrf_message' => 'The CSRF token is invalid. Please try to resubmit the form.', 'csrf_token_manager' => object(CsrfTokenManager), 'csrf_token_id' => null, 'attr' => array(), 'data_class' => 'Schengen\\Application\\Product\\GetQuoteRequest', 'empty_data' => object(Closure), 'error_bubbling' => true, 'label_attr' => array(), 'upload_max_size_message' => object(Closure), 'validation_groups' => null, 'constraints' => array(), 'data' => object(GetQuoteRequest)))
     (vendor\symfony\form\Form.php:1021)
  at Symfony\Component\Form\Form->createView()
     (src\Controller\PurchaseFunnelController.php:60)
  at App\Controller\PurchaseFunnelController->step1(object(Request))
     (vendor\symfony\http-kernel\HttpKernel.php:149)
  at Symfony\Component\HttpKernel\HttpKernel->handleRaw(object(Request), 1)
     (vendor\symfony\http-kernel\HttpKernel.php:66)
  at Symfony\Component\HttpKernel\HttpKernel->handle(object(Request), 1, true)
     (vendor\symfony\http-kernel\Kernel.php:190)
  at Symfony\Component\HttpKernel\Kernel->handle(object(Request))
     (public\index.php:37)

@B-Galati
Copy link
Collaborator

@javiermadueno Thank you, could you also give us your config? And how URL-HIDDEN-FOR-SECURITY is formatted, for example : redis://secret@hostname/1.

Without that it's gonna be quite hard to help. thanks again.

@B-Galati
Copy link
Collaborator

@monsieurchico Could you also provide more information please ?

@Kalliser
Copy link

Hello, I have the same problem in v2.1.3, my configuration is the following :

snc_redis:
  clients:
    default:
      type: predis
      alias: default
      dsn: "redis://%env(REDIS_AUTH)%@%env(REDIS_HOST)%:%env(REDIS_PORT)%"
      logging: "%kernel.debug%"
      options:
        connection_persistent: true
    session:
      type: predis
      alias: session
      dsn: "redis://%env(REDIS_AUTH)%@%env(REDIS_HOST)%:%env(REDIS_PORT)%/1"
      logging: false
    monolog:
      type: predis
      alias: monolog
      dsn: "redis://%env(REDIS_AUTH)%@%env(REDIS_HOST)%:%env(REDIS_PORT)%/4"
      logging: false
    stats:
      type: predis
      alias: stats
      dsn: "redis://%env(REDIS_AUTH)%@%env(REDIS_HOST)%:%env(REDIS_PORT)%/5"
      logging: false
  monolog:
    client: monolog
    key: monolog
  session:
    client: session
    ttl: 604800

I got the same error than javierdansmuero and it diseapear if I reverted the package back to v2.1.2
I use predis in v1.1.1

@curry684 curry684 added bug Not working as intended and removed needs-clarification Issue is not clear to maintainers labels May 30, 2018
@curry684 curry684 mentioned this issue May 30, 2018
Closed
@B-Galati
Copy link
Collaborator

I reproduced the issue and it looks like the previous behavior was a bug.

Anyway it's a BC break so I guess we should fix it.

The quick fix I identified is the following: given @Kalliser's example, REDIS_AUTH should be prefixed with : if it only contains a secret. For example REDIS_AUTH=:secret instead of REDIS_AUTH=secret.

@B-Galati
Copy link
Collaborator

B-Galati commented Jun 16, 2018
edited
Loading

My bad.

It looks like a bug on predis/predis which used parsed_url to create parameters -> https://github.com/nrk/predis/blob/111d100ee389d624036b46b35ed0c9ac59c71313/src/Connection/Parameters.php#L92. If the : is missing then the password goes into $parsed->user and as a consequence is not detected here https://github.com/nrk/predis/blob/111d100ee389d624036b46b35ed0c9ac59c71313/src/Connection/Parameters.php#L112.

Predis project looks quite dead these days so I guess we should do a fix on our side no ?

B-Galati added a commit to B-Galati/SncRedisBundle that referenced this issue Jun 17, 2018
@B-Galati
Use RedisDsn to build connection options for env based config
83b5970 
fix snc#425

- Always use PredisParametersFactory to build connection options so that it creates consistency between env/non-env based config
B-Galati added a commit to B-Galati/SncRedisBundle that referenced this issue Jun 17, 2018
@B-Galati
Use RedisDsn to build connection options for env based config
a032f35 
fix snc#425

- Always use PredisParametersFactory to build connection options so that it creates consistency between env/non-env based config
- Use RedisDsn to parse redis DSN instead of \Predis\Connection\Parameters::parse(). It creates consistence between phpredis and predis behavior.
@B-Galati B-Galati mentioned this issue Jun 17, 2018
Merged
B-Galati added a commit to B-Galati/SncRedisBundle that referenced this issue Jun 25, 2018
@B-Galati
Use RedisDsn to build connection options for env based config
187424e 
fix snc#425

- Always use PredisParametersFactory to build connection options so that it creates consistency between env/non-env based config
- Use RedisDsn to parse redis DSN instead of \Predis\Connection\Parameters::parse(). It creates consistence between phpredis and predis behavior.
B-Galati added a commit to B-Galati/SncRedisBundle that referenced this issue Jun 25, 2018
@B-Galati
Use RedisDsn to build connection options for env based config
d1556b7 
fix snc#425

- Always use PredisParametersFactory to build connection options so that it creates consistency between env/non-env based config
- Use RedisDsn to parse redis DSN instead of \Predis\Connection\Parameters::parse(). It creates consistence between phpredis and predis behavior.
curry684 pushed a commit that referenced this issue Jun 25, 2018
@B-Galati @curry684
Use RedisDsn to build connection options for env based config (#439)
3f3c233 
fix #425

- Always use PredisParametersFactory to build connection options so that it creates consistency between env/non-env based config
- Use RedisDsn to parse redis DSN instead of \Predis\Connection\Parameters::parse(). It creates consistence between phpredis and predis behavior.
@curry684
Copy link
Collaborator

This should be fixed in 2.1.4, can you confirm?

@damijank
Copy link

damijank commented Feb 10, 2019
edited
Loading

If anyone should stumble upon this issue... I sure hope this will help someone save time.

I had the same problem today and I was going nuts. Then, I used the secondary key just to be sure I tried everything, and it worked!
It was a freakishly dumb error: the password (key) is run through urldecode() by SncRedis and my primary password has a + sign in it, which is converted to space and Azure Redis said NOAUTH Authentication required. The secondary password has no + sign in it.

object(Snc\RedisBundle\DependencyInjection\Configuration\RedisDsn)[1762]
  protected 'dsn' => string 'rediss://redacted+key=@cache:6380' (length=83)
  protected 'password' => string 'redacted key=' (length=44)
  protected 'host' => string 'cache' (length=5)
  protected 'port' => int 6380
  protected 'socket' => null
  protected 'tls' => boolean true
  protected 'database' => null
  protected 'weight' => null
  protected 'alias' => null

@OskarStark
Copy link

What about adding this to the docs ?

@curry684
Copy link
Collaborator

Has been there since 2016 actually 😉

9ffce08

@damijank
Copy link

Well, yeah... 🤣 Thanks @curry684
Obviously I did not read that part, and honestly I don't know if it crosses anybody's mind to go to the documentation in the case the server says the authentication is invalid. To quote Monk: "I could be wrong now, but I don't think so..." 😉
Maybe it wouldn't be a bad idea to add this info in the error message? Just a thought...

@curry684
Copy link
Collaborator

Yeah I know, it's one of those classic "oh DUH" moments that I'm not sure we can do anything to alleviate. Best thing I could think of indeed was doing the Symfony DX thing and extend the access denied exception with some remarks about this. Theoretically we could even only do it when auth is denied and urldecode($pass) !== $pass.

@OskarStark
Copy link

Theoretically we could even only do it when auth is denied and urldecode($pass) !== $pass.

nice idea 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Not working as intended
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@B-Galati @OskarStark @curry684 @Kalliser @javiermadueno @monsieurchico @damijank