Skip to content

[CakePHP 5] MissingRouteException on Social Account Validation due to multiple routing typos (:action vs {action} and mismatched method names) #1175

Open
Open
[CakePHP 5] MissingRouteException on Social Account Validation due to multiple routing typos (:action vs {action} and mismatched method names)#1175
@egonher

Description

@egonher
egonher
opened on Mar 10, 2026

Description
When using social login (Oauth2) with validateSocialAccount => true, the plugin throws a MissingRouteException when attempting to send the validation email.

This happens because the route for SocialAccountsController::validateAccount cannot be generated properly. Upon further inspection, there seem to be two distinct routing bugs related to social account validation in the 16.next-cake5 (CakePHP 5) branch.

Steps to Reproduce

  1. Install the plugin in a CakePHP 5 application.
  2. Configure a social provider (e.g., Google or Facebook).
  3. Ensure validateSocialAccount is set to true in users.php configuration.
  4. Perform a social login for the first time with an existing or new account.
  5. The application throws a MissingRouteException triggered by UsersMailer::socialAccountValidation.

Error Stack Trace (Excerpt)

[Cake\Routing\Exception\MissingRouteException] A route matching `array (
  'prefix' => false,
  'plugin' => 'CakeDC/Users',
  'controller' => 'SocialAccounts',
  'action' => 'validateAccount',
  0 => 'google',
  // ... parameters
)` could not be found.

Root Causes Detailed

  1. Incorrect Action Name in Static Route:
    In config/routes.php, there is a route pointing to a non-existent method:
$routes->connect('/accounts/validate/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
    'action' => 'validate'  // <--- This method does not exist in SocialAccountsController.
]);

The actual method inside [SocialAccountsController] is named validateAccount($provider, $reference, $token). Additionally, UsersMailer.php correctly requests the route for validateAccount. It seems this static route should be pointing to 'action' => 'validateAccount'.

  1. Outdated CakePHP 4 syntax (:action) for fallback routes:
    In [config/routes.php] the fallback route for SocialAccounts (lines 48-51) uses the deprecated CakePHP 4 colon syntax instead of the CakePHP 5 bracket syntax, making it completely ignored by the new Router:
// Current code (CakePHP 4 syntax)
$routes->connect('/social-accounts/:action/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
]);

// Should be (CakePHP 5 syntax)
$routes->connect('/social-accounts/{action}/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
]);

Notice that just below this line, the UsersUrl::actionRouteParams(null) call uses the correct /{action}/* format. Only the SocialAccounts fallback route was missed during the CakePHP 5 upgrade.

Workaround / Proposed Fix
Until this is patched, users can fix the issue by mapping the correct route in their main [config/routes.php]

$routes->connect('/social-accounts/{action}/*', [
    'plugin' => 'CakeDC/Users',
    'controller' => 'SocialAccounts',
]);

Please update the [config/routes.php] inside the plugin to reflect CakePHP 5 curly bracket syntax and fix the mismatched method name in the /accounts/validate/* route.

Environment details

  • CakePHP Version: 5.x
  • CakeDC/Users Version: 16.next-cake5
  • PHP Version: 8.3

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions