TypeError: Argument 7 passed to Symfony\Component\Security\Http\Firewall\ContextListener::__construct() must be callable or null, array given

[ccvf2s]

Hi Guys,

I am getting the error above on

Symfony version(s) affected: 4.4.19

Description

When running my test after upgrading to the last version to Symfony 4.4.19, I am getting this error:

TypeError: Argument 7 passed to Symfony\Component\Security\Http\Firewall\ContextListener::__construct() must be callable or null, array given, called in /tmp/CompanyBundle/cache/ContainerHobmymf/getSecurity_ContextListener_0Service.php on line 12

How to reproduce

It's a bit difficult to say appropriately how to reproduce it, but I can show you the way my test is written.

$client = static::createClient();

$user = new User();
$user->setEmail('foo@bar.com');
$client->getContainer()->set('security.token_storage', $this->getTokenStorageMock($user));
$client->request('GET', '/api/v1/public/company/4320/review-token');
self::assertEquals(200, $client->getResponse()->getStatusCode());

It's failing on the line $client->request('GET', '/api/v1/public/company/4320/review-token');

Effectively when checking the ContextListener constructor signature method the 7th argument is type-hinted as a callable and not an array.

Possible Solution

When I removed the type-hint of callable it suddenly worked, I guess the correction here should be to pass a callable or remove the type-hint.

Additional context
Composer version:

composer show|grep security

symfony/security                           v4.4.19
symfony/security-bundle                    v4.4.19

The cached getSecurity_ContextListener_0Service.php file:

use Symfony\Component\DependencyInjection\Argument\RewindableGenerator;
use Symfony\Component\DependencyInjection\Exception\RuntimeException;

// This file has been auto-generated by the Symfony Dependency Injection Component for internal use.
// Returns the private 'security.context_listener.0' shared service.

return $this->privates['security.context_listener.0'] = new \Symfony\Component\Security\Http\Firewall\ContextListener(($this->privates['security.untracked_token_storage'] ?? ($this->privates['security.untracked_token_storage'] = new \Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage())), new RewindableGenerator(function () {
    yield 0 => ($this->privates['security.user.provider.concrete.in_memory_private'] ?? $this->load('getSecurity_User_Provider_Concrete_InMemoryPrivateService.php'));
    yield 1 => ($this->privates['security.user.provider.concrete.db'] ?? $this->load('getSecurity_User_Provider_Concrete_DbService.php'));
}, 2), 'api_user', ($this->privates['monolog.logger.security'] ?? $this->load('getMonolog_Logger_SecurityService.php')), ($this->services['event_dispatcher'] ?? $this->getEventDispatcherService()), ($this->privates['security.authentication.trust_resolver'] ?? ($this->privates['security.authentication.trust_resolver'] = new \Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver(NULL, NULL))), [0 => ($this->services['security.token_storage'] ?? $this->getSecurity_TokenStorageService()), 1 => 'enableUsageTracking']);

In the past, another issue was opened with the same error please find below the link of the correction which was surely not the same context as it looks like this one was solving the type of TokenStorage.

Previous issue: #36720
Correction: https://github.com/symfony/symfony/pull/38869/files#diff-eb942086a7d2fce031f42c8a40f7926e3f89c1300cb8930a3e1b54e089a4db9bR52

Thanks a lot for the help which is going to be provided.

Feel free to let me know if I need to give more information and context.

[Nyholm]

Thank you for a detailed issue.
Could you show your security config?

[ccvf2s]

Hi @Nyholm thank you please find below the security config

# Security
security:
    providers:
        in_memory_private:
            memory:
                users:
                    jobs_user:
                        password: testPassword
                        roles: ROLE_API_PRIVATE_CONSUMER
        db:
            entity:
                class: Jobcloud\UserBundle\Entity\Unity\User
                property: email
    firewalls:
        api_private:
            pattern: ^/api/v\d/private
            stateless: true
            anonymous: false
            logout_on_user_change: true
            http_basic:
                realm: api_private
                provider: in_memory_private
        api_user:
            anonymous: ~
            logout_on_user_change: true
            http_basic:
                provider: db
    encoders:
        Symfony\Component\Security\Core\User\User:
            algorithm:   plaintext
            ignore_case: false
        Jobcloud\UserBundle\Entity\Unity\User:
            algorithm: plaintext
    access_control:
        - { path: ^/api/v\d/public, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/v\d/private, roles: ROLE_API_PRIVATE_CONSUMER }
        - { path: ^/api/v\d/user/verify-email-address, roles: IS_AUTHENTICATED_ANONYMOUSLY, methods: [GET] }

[ccvf2s]

Up here @Nyholm and @xabbuh do you need other information from me?

[Nyholm]

I've been looking but I cannot find anything... I was hoping someone with more knowledge than me could spot the misstake.

Could you create a minimum symfony application that reproduces this issue? Ie , create a new repo, run symfony new issue-40334 and add the smallest amount of config and code you can to show this issue. That would help me debugging the problem.

[ccvf2s]

@Nyholm I will try to reproduce it, in a small repo, I will give it a try and update here.

[xabbuh]

@ccvf2s Did you manage to work on an example application?

[xabbuh]

I am going to close here for now due to the lack of feedback. Please let us know when you have more information and we can consider to reopen.