我将Symfony2与DunglasAngularCsrfBundle一起使用,当我运行我的PHpunit测试时,它会收到错误{“code”:403,“message”:“错误的CSRF令牌。”}
如果auth用户使用http basic
self::$user_client = static::createClient(array(), array(
'PHP_AUTH_USER' => 'user1@mail.com',
'PHP_AUTH_PW' => 'user1',
'HTTP_HOST' => static::getHost()
));
此条件在EventListener \ AngularCsrfValidationListener
中返回falseif (!$value || !$this->angularCsrfTokenManager->isTokenValid($value)) {
throw new AccessDeniedHttpException('Bad CSRF token.');
}
在测试中生成的令牌不相等,我尝试另一个这样的身份验证:
protected function logIn($email)
{
$this->client = static::createClient();
$user = $this->client->getContainer()
->get('doctrine')
->getManager()
->getRepository('UserBundle:User')
->findOneByEmail($email);
$providerKey = static::$kernel->getContainer()->getParameter('fos_user.firewall_name');
$token = new UsernamePasswordToken($user, null, $providerKey, $user->getRoles());
$session = $this->client->getContainer()->get('session');
$session->set('_security_'.$providerKey, serialize($token));
$session->save();
$cookie = new Cookie($session->getName(), $session->getId());
$this->client->getCookieJar()->set($cookie);
}
令牌未创建。在Symfony \ Component \ Security \ Csrf \ CsrfTokenManager :: isTokenValid中返回false:
$this->storage->hasToken($token->getId())
请帮助解决此问题,谢谢
答案 0 :(得分:0)
解决了
self::$client->request('GET', '/')
在Cookie中设置令牌