Call to a member function getKeyValue() on null

Created on 9 August 2023, over 1 year ago
Updated 18 July 2024, 5 months ago

Problem/Motivation

Error: Call to a member function getKeyValue() on null in Drupal\openid_connect_windows_aad\Plugin\OpenIDConnectClient\WindowsAad->getRequestOptions() (line 299 of /var/www/html/web/modules/contrib/openid_connect_windows_aad/src/Plugin/OpenIDConnectClient/

Steps to reproduce

  • Migrate to Drupal 10 and try to login using openid_connect using the config override method from settings.php

Proposed resolution

Patch provided to check if value is using the config override method in settings.php or key

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report
Status

Active

Version

2.0

Component

Code

Created by

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @rishabjasrotia
  • @rishabjasrotia opened merge request.
  • @rishabjasrotia opened merge request.
  • Status changed to Needs review over 1 year ago
  • 🇬🇧United Kingdom smaz England, UK

    Patch fixed the issue for me!

  • 🇩🇪Germany webflo

    The key can be overwritten with $config. But you have to override the key settings now.

    $config['key.key.openid_connect_windows_aad_key']['key_provider_settings']['key_value'] = '...';
    

    I would like to close the issue with won't fix.

  • Status changed to Closed: won't fix 11 months ago
  • 🇬🇧United Kingdom smaz England, UK

    I finally got some time to sit down with this one today & webflo is correct, but anyone overriding the key in the old way will need to make a change:

    Before, we would override the client_secret with the following:

    $config['openid_connect.client.windows_aad']['settings']['client_secret'] = "abc123...";
    

    After the module started supporting the key module, the client_secret is intended to be the ID of a key instead. That key gets loaded & the value retrieved - but because of our override, it wasn't able to load the key so caused the error.

    $this->keyRepository->getKey($this->configuration['client_secret'])->getKeyValue();
    

    You'll need to create a key at admin/config/system/keys (if you haven't already / one hasn't already been setup by an update hook), then update your Open ID client config (admin/config/people/openid-connect) to set your Windows AAD client to use that key.

    Then in settings.php, replace the above config line with

    $config['key.key.openid_connect_windows_aad_key']['key_provider_settings']['key_value'] = "abc123...";
    

    (you may need to change the config name if your key is named something different)

    You can still override endpoints / client ID in the old way:

    $config['openid_connect.client.windows_aad']['settings']['authorization_endpoint_wa'] = "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize";
    $config['openid_connect.client.windows_aad']['settings']['client_id'] = "{clientId}";
    $config['openid_connect.client.windows_aad']['settings']['token_endpoint_wa'] =  "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token";
    

    Closing as won't fix, but if I get a chance I might try and submit a patch to handle the error here - the key may not exist if it's been deleted for example:

      protected function getRequestOptions(string $authorization_code, string $redirect_uri): array {
        $options = parent::getRequestOptions($authorization_code, $redirect_uri);
        $options['form_params']['client_secret'] = $this->keyRepository->getKey($this->configuration['client_secret'])->getKeyValue();
        return $options;
      }
    
  • 🇳🇱Netherlands uberengineer

    I had some trouble applying the fix as described it #12
    It's worth mentioning that I had to remove the 'placeholder' value in the config file and set as an empty string for the key value to apply from settings.php

  • 🇪🇸Spain rteijeiro

    I ended up with this issue due to the configuration about the client secret is not saved even when I created a key and selected it in the form.

    Not sure what's the reason as it worked well before upgrading to latest versions:

    - Drupal 10.2.4
    - OpenID Connect / OAuth client 3.0.0-alpha3
    - OpenID Connect Microsoft Azure Active Directory client 2.0.0-beta7

  • Status changed to Active 5 months ago
  • 🇦🇺Australia cafuego

    Re-opening, as I just ran into this as well.

    It's not that overriding causes an issue, it's that the module allows you to configure an AAD client without a key (it is a not a required field) but then assumes a key exists during authentication and throws this error if it doesn't.

    So either the code should be conditional, check if a key is configured before calling getValue() on it *or* make the key mandatory in the client config.

Production build 0.71.5 2024