使用自定义用户提供程序,用户实体等时,“记住我”测试失败

时间:2013-07-17 18:09:59

标签: symfony symfony-2.3

我有一个我在Symfony 2.2中成功使用的自定义用户提供程序和用户实体。但现在我升级到2.3,我意识到“记住我”的功能已被破坏。所以我创建了一个新的sf2应用程序和一个功能测试。当我使用Acme \ DemoBundle默认值时,测试通过了。但是当我添加我的提供者时,它又开始失败了。这是测试:

<?php

namespace Acme\DemoBundle\Tests\Controller;

use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
use Symfony\Component\BrowserKit\Cookie;

class DemoControllerTest extends WebTestCase
{
    public function testRemember()
    {
        $client = static::createClient();

        $securedPageUri = '/user/settings/account';
        $securedPageFilter = 'html:contains("New Password")';
        $loginPageFilter = 'html:contains("Login")';
        $username = 'test@test.com';
        $password = 'test';
        /*
        $securedPageUri = '/demo/secured/hello/World';
        $securedPageFilter = 'html:contains("Hello resource secured for admin only.")';
        $loginPageFilter = 'html:contains("Login")';
        $username = 'admin';
        $password = 'adminpass';
        */

        // Go to Secured page, and be redirected to Login page
        $client->request('GET', $securedPageUri);
        $crawler = $client->followRedirect();
        $this->assertGreaterThan(0, $crawler->filter($loginPageFilter)->count());

        // Try to log in, and be redirected to Secured page
        $form = $crawler->selectButton('Login')->form();
        $form['_username'] = $username;
        $form['_password'] = $password;
        $form['_remember_me'] = 1;
        $client->submit($form);
        $crawler = $client->followRedirect();
        $this->assertGreaterThan(0, $crawler->filter($securedPageFilter)->count());

        // Remove all the cookies, but keep the "remember me" cookie
        $remembermeCookie = $client->getCookieJar()->get('REMEMBERME');
        $client->restart();
        $client->getCookieJar()->set($remembermeCookie);

        // Go to Secured page, this time we should be allowed in
        $client->followRedirects();
        $crawler = $client->request('GET', $securedPageUri);
        //$this->assertTrue($client->getResponse()->isSuccessful());
        $this->assertEquals(0, $crawler->filter($loginPageFilter)->count(), "Redirected to Login page"); // THIS IS WHERE THE TEST FAILS
        $this->assertGreaterThan(0, $crawler->filter($securedPageFilter)->count());
    }
}

测试工作正常,我也尝试过手动测试:我登录,删除会话cookie,并尝试使用记住我的cookie访问受保护的页面。记住我的cookie被删除,我被重定向到登录页面:S

为什么会发生这种情况的任何想法?我的提供者没有做任何奇怪的事情,它只是像往常一样从数据库中抓取用户。为什么地球上这会影响“记住我”的功能?有没有我不知道的变化?我没有使用自定义身份验证提供程序,只是用户提供程序。

哦,这是日志,使用grep security

[2013-07-17 15:18:49] security.DEBUG: Username "test@test.com" was reloaded from user provider. [] []
[2013-07-17 15:18:49] security.DEBUG: Write SecurityContext in the session [] []
[2013-07-17 15:18:49] security.DEBUG: Remember-me cookie detected. [] []
[2013-07-17 15:18:49] security.WARNING: User class for remember-me cookie not supported. [] []
[2013-07-17 15:18:49] security.DEBUG: Clearing remember-me cookie "REMEMBERME" [] []
[2013-07-17 15:18:49] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2013-07-17 15:18:49] security.DEBUG: Access is denied (user is not fully authenticated) by "/srv/www/dev/public/remember/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php" at line 73; redirecting to authentication entry point [] []
[2013-07-17 15:18:49] security.DEBUG: Calling Authentication entry point [] []
[2013-07-17 15:18:49] security.DEBUG: Write SecurityContext in the session [] []
[2013-07-17 15:18:49] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2013-07-17 15:18:49] security.DEBUG: Write SecurityContext in the session [] []

更新:只有当我粘贴日志时,我才注意到这个警告。无论如何,你知道如何解决这个问题吗?

更新2 :如果我使用默认用户提供程序,但仍然是我自己的User类,它可以正常工作。错误消息非常容易引起误解。

1 个答案:

答案 0 :(得分:1)

查看安全警告来自的Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices.php#L130

服务仅提供抽象方法processAutoLoginCookie,您可能需要将其添加到提供程序以处理cookie。