Page MenuHomePhabricator
Create Task
Maniphest T373507

TypeError: Argument 1 passed to MediaWiki\Extension\CentralAuth\CentralAuthTokenManager::consume() must be of the type string, null given
Closed, ResolvedPublicPRODUCTION ERROR
Actions

Description

Error
labels.normalized_message
[{reqId}] {exception_url}   TypeError: Argument 1 passed to MediaWiki\Extension\CentralAuth\CentralAuthTokenManager::consume() must be of the type string, null given, called in /srv/mediawiki/php-1.43.0-wmf.20/extensions/CentralAuth/includes/session/Centr
error.stack_trace
from /srv/mediawiki/php-1.43.0-wmf.20/extensions/CentralAuth/includes/CentralAuthTokenManager.php(157)
#0 /srv/mediawiki/php-1.43.0-wmf.20/extensions/CentralAuth/includes/session/CentralAuthTokenSessionProvider.php(176): MediaWiki\Extension\CentralAuth\CentralAuthTokenManager->consume(null, string)
#1 /srv/mediawiki/php-1.43.0-wmf.20/extensions/CentralAuth/includes/session/CentralAuthApiSessionProvider.php(95): CentralAuthTokenSessionProvider->consumeToken(null)
#2 /srv/mediawiki/php-1.43.0-wmf.20/includes/HookContainer/HookContainer.php(159): CentralAuthApiSessionProvider->onApiCheckCanExecute(ApiQuery, MediaWiki\User\User, string)
#3 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiHookRunner.php(76): MediaWiki\HookContainer\HookContainer->run(string, array)
#4 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiMain.php(1778): MediaWiki\Api\ApiHookRunner->onApiCheckCanExecute(ApiQuery, MediaWiki\User\User, string)
#5 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiMain.php(1934): ApiMain->checkExecutePermissions(ApiQuery)
#6 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiMain.php(895): ApiMain->executeAction()
#7 /srv/mediawiki/php-1.43.0-wmf.20/extensions/PageImages/includes/PageImages.php(291): ApiMain->execute()
#8 /srv/mediawiki/php-1.43.0-wmf.20/extensions/PageImages/includes/PageImages.php(256): PageImages\PageImages::getImages(array, int)
#9 /srv/mediawiki/php-1.43.0-wmf.20/includes/HookContainer/HookContainer.php(159): PageImages\PageImages->onApiOpenSearchSuggest(array)
#10 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiHookRunner.php(170): MediaWiki\HookContainer\HookContainer->run(string, array)
#11 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiOpenSearch.php(118): MediaWiki\Api\ApiHookRunner->onApiOpenSearchSuggest(array)
#12 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiMain.php(1948): ApiOpenSearch->execute()
#13 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiMain.php(926): ApiMain->executeAction()
#14 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiMain.php(897): ApiMain->executeActionWithErrorHandling()
#15 /srv/mediawiki/php-1.43.0-wmf.20/includes/api/ApiEntryPoint.php(153): ApiMain->execute()
#16 /srv/mediawiki/php-1.43.0-wmf.20/includes/MediaWikiEntryPoint.php(200): MediaWiki\Api\ApiEntryPoint->execute()
#17 /srv/mediawiki/php-1.43.0-wmf.20/api.php(44): MediaWiki\MediaWikiEntryPoint->run()
#18 /srv/mediawiki/w/api.php(3): require(string)
#19 {main}
Impact
Notes

All similar requests are for action=opensearch, as far as I can tell.

Details

Request URL
https://commons.wikimedia.org/w/api.php?action=opensearch&centralauthtoken=*&format=*&formatversion=*&limit=*&namespace=*&origin=*&search=*
Related Changes in Gerrit:
SubjectRepoBranchLines +/-
CentralAuthApiSessionProvider: Avoid error in internal API requestsmediawiki/extensions/CentralAuthwmf/1.43.0-wmf.20+2 -1
Customize query in gerrit

Related Objects
Search...

Event Timeline

hashar created this task.Aug 28 2024, 9:02 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 28 2024, 9:02 AM
Tgr added a comment.Aug 28 2024, 9:11 AM

Caused by rECAUe59ff145fbbb: Use TokenManager for existing token operations.

Tgr claimed this task.Aug 28 2024, 9:11 AM
Tgr added a parent task: T363699: Determine and implement SUL 3 login handshake mechanism.
Tgr moved this task from Inbox, needs triage to In progress (DO NOT USE) on the MediaWiki-Platform-Team board.
hashar mentioned this in T366965: 1.43.0-wmf.20 deployment blockers.Aug 28 2024, 9:27 AM
Tgr added a comment.Aug 28 2024, 9:50 AM

This seems like a pre-existing bug that became more severe due to stricter type hinting added in that patch. Not sure what exactly is going on - it seems the API sees the centralauthtoken URL parameter at the beginning of the request so it loads the CentralAuth session provider, but then doesn't see the parameter anymore by the point it actually starts processing the request. The first check is via WebRequest::getVal() and the second one via ApiMain::getVal() so it's presumably some sort of discrepancy between those.

Incidentally, rECAUe993c058288d: TokenManager: Get rid of delete() and consume() (on next week's train) will get rid of the code that's causing this error. But it would be nice to understand what's happening.

matmarex subscribed.Aug 28 2024, 4:02 PM

The stack trace says that PageImages calls the API internally from within an API request. So there will be two WebRequest objects involved, one with a centralauthtoken (the real one) and one without (the internal one). The hook in CentralAuth doesn't handle that (and never did).

matmarex added a comment.Aug 28 2024, 4:16 PM

This seems a bit noisy, so let's patch wmf.20 to avoid the error (we already removed the code on master).

It would have previously failed with a "Raced out trying to mark the token as expired" log message – you can see that the shapes of these charts match very well:

So let's just make it fail in the same way.

gerritbot added a comment.Aug 28 2024, 4:19 PM

Change #1068041 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):

[mediawiki/extensions/CentralAuth@wmf/1.43.0-wmf.20] CentralAuthApiSessionProvider: Avoid error in internal API requests

https://gerrit.wikimedia.org/r/1068041

gerritbot added a project: Patch-For-Review.Aug 28 2024, 4:19 PM
matmarex renamed this task from TypeError: Argument 1 passed to MediaWiki\Extension\CentralAuth\CentralAuthTokenManager::consume() must be of the type string, null given, called in /srv/mediawiki/php-1.43.0-wmf.20/extensions/CentralAuth/includes/session/Centr to TypeError: Argument 1 passed to MediaWiki\Extension\CentralAuth\CentralAuthTokenManager::consume() must be of the type string, null given.Aug 28 2024, 4:20 PM
Tgr added a comment.EditedAug 28 2024, 5:48 PM

So until now any API involving page images broke when used with a CA token? Huh.

The current master should not have that issue, since the internal API call doesn't reinitialize session handlers, and we don't use API hooks anymore which would be double-called.

gerritbot added a comment.Aug 28 2024, 8:36 PM

Change #1068041 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@wmf/1.43.0-wmf.20] CentralAuthApiSessionProvider: Avoid error in internal API requests

https://gerrit.wikimedia.org/r/1068041

Stashbot added a comment.Aug 28 2024, 8:37 PM

Mentioned in SAL (#wikimedia-operations) [2024-08-28T20:37:41Z] <cjming@deploy1003> Started scap sync-world: Backport for [[gerrit:1068051|auth: Relax AuthManager session state check while cde00b55 is deployed (T373504)]], [[gerrit:1068052|Fix missing definition of setSaveErrorMessage too (T373288)]], [[gerrit:1068041|CentralAuthApiSessionProvider: Avoid error in internal API requests (T373507)]]

Stashbot mentioned this in T373288: Show error message when a shortened URL prevents user from adding a topic or comment.Aug 28 2024, 8:37 PM
Stashbot mentioned this in T373504: Wikimedia\NormalizedException\NormalizedException: Authentication failed because of inconsistent provider array.
Stashbot added a comment.Aug 28 2024, 8:39 PM

Mentioned in SAL (#wikimedia-operations) [2024-08-28T20:39:45Z] <cjming@deploy1003> matmarex, cjming: Backport for [[gerrit:1068051|auth: Relax AuthManager session state check while cde00b55 is deployed (T373504)]], [[gerrit:1068052|Fix missing definition of setSaveErrorMessage too (T373288)]], [[gerrit:1068041|CentralAuthApiSessionProvider: Avoid error in internal API requests (T373507)]] synced to the testservers (https://wikitech.wikimedia.org/wiki/Mwdebug)

Stashbot added a comment.Aug 28 2024, 8:49 PM

Mentioned in SAL (#wikimedia-operations) [2024-08-28T20:49:13Z] <cjming@deploy1003> Finished scap sync-world: Backport for [[gerrit:1068051|auth: Relax AuthManager session state check while cde00b55 is deployed (T373504)]], [[gerrit:1068052|Fix missing definition of setSaveErrorMessage too (T373288)]], [[gerrit:1068041|CentralAuthApiSessionProvider: Avoid error in internal API requests (T373507)]] (duration: 11m 31s)

ReleaseTaggerBot added a project: MW-1.43-notes (1.43.0-wmf.20; 2024-08-27).Aug 28 2024, 9:00 PM
matmarex closed this task as Resolved.Aug 28 2024, 10:21 PM
matmarex removed a project: Patch-For-Review.

No more errors since the deployment.

hashar added a comment.Aug 29 2024, 8:31 AM

Thank you for the patch, that made the logs quieter for this morning MediaWiki Train :)

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits