From ed5e16e7691947d6b2f3e5a0e569291ba0b3a596 Mon Sep 17 00:00:00 2001 From: Javier Eguiluz Date: Thu, 2 Oct 2025 16:23:42 +0200 Subject: [PATCH] [Security] Fix the OIDC discovery cache configuration --- security/access_token.rst | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/security/access_token.rst b/security/access_token.rst index 70c9e21980e..2c070f72e92 100644 --- a/security/access_token.rst +++ b/security/access_token.rst @@ -434,7 +434,8 @@ Next, configure the ``base_uri`` and ``discovery`` options: oidc_user_info: base_uri: https://www.example.com/realms/demo/ discovery: - cache: cache.app + cache: + id: cache.app .. code-block:: xml @@ -473,7 +474,7 @@ Next, configure the ``base_uri`` and ``discovery`` options: ->oidcUserInfo() ->baseUri('https://www.example.com/realms/demo/') ->discovery() - ->cache('cache.app') + ->cache(['id' => 'cache.app']) ; }; @@ -482,7 +483,7 @@ Next, configure the ``base_uri`` and ``discovery`` options: Support for OpenID Connect Discovery was introduced in Symfony 7.3. Following the `OpenID Connect Specification`_, the ``sub`` claim is used as user -identifier by default. To use another claim, specify it on the configuration: +identifier by default. To use another claim, specify it using the ``claim`` option: .. configuration-block:: @@ -744,7 +745,8 @@ from the OpenID Connect Discovery), and configure the ``discovery`` option: issuers: ['https://oidc.example.com'] discovery: base_uri: https://www.example.com/realms/demo/ - cache: cache.app + cache: + id: cache.app .. code-block:: xml @@ -790,7 +792,7 @@ from the OpenID Connect Discovery), and configure the ``discovery`` option: ->issuers(['https://oidc.example.com']) ->discovery() ->baseUri('https://www.example.com/realms/demo/') - ->cache('cache.app') + ->cache(['id' => 'cache.app']) ; };