Bug #106101
open
allow a null value for the getSession method
0%
Description
Under some circumstances the session member variable of FrontendUserAuthentication is null.
abstract class AbstractUserAuthentication implements LoggerAwareInterface
{
...
protected ?UserSession $userSession = null;
...
public function getSession(): UserSession
{
return $this->userSession;
}
}The method getSession should return the null value if userSession is null and not cause a PHP TypeError.
TypeError TYPO3\CMS\Core\Authentication\AbstractUserAuthentication::getSession(): Return value must be of type TYPO3\CMS\Core\Session\UserSession, null returned
Solution:
public function getSession(): ?UserSessionFiles
Updated by Franz Holzinger about 1 month ago
- Subject changed from Feature: allow a null value for the getSession method to allow a null value for the getSession method
This error happends if Dependency Injection is used. At this early moment there is no FrontendUserAuthentication and no sessionHandler object initialized.
Updated by Christian Kuhn about 1 month ago
· Edited
Looks as if we should rather throw a \RuntimeException "user session has not been initialized" instead since calling this method "too early" is a misuse devs should not rely on.
Updated by Garvin Hicking about 1 month ago
Christian Kuhn wrote in #note-2:
Looks as if we should rather throw a \RuntimeException "user session has not been initialized" instead
I agree
Updated by Franz Holzinger 11 days ago
AbstractUserAuthentication::getSession(): Return value must be of type TYPO3\CMS\Core\Session\UserSession, null returne
This error happens during the normal call of an extension plugin.
in .../typo3conf/ext/tt_products/pi1/class.tx_ttproducts_pi1.php line 67
$pibaseObj->setContentObjectRenderer($this->cObj);
$languageSubpath = '/Resources/Private/Language/';
if (!empty($conf['templateFile']) || !empty($conf['templateFile.'])) {
$content = $pibaseObj->main($content, $conf);
} else {
$errorText = $GLOBALS['TSFE']->sL(
'LLL:EXT:' . TT_PRODUCTS_EXT . $languageSubpath . 'Pi1/locallang.xlf:no_template'
);
What must I do that TYPO3 initializes everything needed before it calls the plugin code?
Updated by Franz Holzinger 11 days ago
· Edited
backtrace path
This error happens in TYPO3 12.4.27.
Updated by Franz Holzinger 11 days ago
Christian Kuhn wrote in #note-2:
Looks as if we should rather throw a \RuntimeException "user session has not been initialized" instead since calling this method "too early" is a misuse devs should not rely on.
What is too early?
This also happens with the call of a TypoScript userFunc to a plugin.
tx_ttproducts_pi1->main callUserFunction $funcName ContentObjectRenderer.php #4773
I have checked the class file typo3_src-12.4.27/typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php about the userSession member variable.
It is always set, despite of the case when a Dependency Injection is executed.
getSession $this->userSession AbstractUserAuthentication.php #1366 ->debug Typo3SessionHandler.php #67 ->getSession GeneralUtility.php #3016 ->__construct DependencyInjectionContainer_94afd5ad4b0fa771694783f588db4ae6aae1d2b2.php #4975 ->makeInstanceForDi Container.php #231 ->getSessionHandlerService Container.php #211 ->make
So it does not help to take care of the AbstractUserAuthentication class to be initialized which is done by TYPO3 itself anyways.
It seems that the Dependency Injection loses the $this->userSession member variable.
Updated by Franz Holzinger 11 days ago
I can solve this by an additional Middleware which initializes the class. The DI must be turned off for this class.