我已经安装了FOSOauthServerBundle,但似乎csrf_provider的配置错误,我不知道如何解决它,因为我从https://github.com/FriendsOfSymfony/FOSOAuthServerBundle/blob/master/Resources/doc/index.md复制了代码 当我执行composer update时出现此错误
[RuntimeException]
An error occurred when executing the ""cache:clear --no-warmup"" command:
[Symfony\Component\Config\Definition\Exception\InvalidConfigurationExcept
ion] Unrecognized option "csrf_provider" under "security.firewalls.main.form_login"
当我去localhost时,我收到了致命错误
Fatal error: Uncaught Symfony\Component\Config\Definition\Exception\InvalidConfigurationException: Unrecognized option "csrf_provider" under "security.firewalls.main.form_login" in C:\wamp64\www\MDSAP\mdsap-api\vendor\symfony\symfony\src\Symfony\Component\Config\Definition\ArrayNode.php on line 317
( ! ) Symfony\Component\Config\Definition\Exception\InvalidConfigurationException: Unrecognized option "csrf_provider" under "security.firewalls.main.form_login" in C:\wamp64\www\MDSAP\mdsap-api\vendor\symfony\symfony\src\Symfony\Component\Config\Definition\ArrayNode.php on line 317
这是security.yml
# To get started with security, check out the documentation:
# http://symfony.com/doc/current/book/security.html
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha1
role_hierarchy:
ROLE_ADHERANT: ROLE_USER
ROLE_STAGIAIRE: ROLE_USER
ROLE_PARTENAIRE: ROLE_USER
ROLE_DUPPLESSIX: ROLE_USER
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
oauth_token:
pattern: ^/oauth/v2/token
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
anonymous: true
# Add your favorite authentication process here
api:
pattern: ^/api
fos_oauth: true
stateless: true
anonymous: false # can be omitted as its default value
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
# if you are using Symfony < 2.8, use the following config instead:
# csrf_provider: form.csrf_provider
logout: true
anonymous: true
# activate different ways to authenticate
# http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
- { path: ^/api, roles: [ IS_AUTHENTICATED_FULLY ] }
答案 0 :(得分:0)
不确定,但您需要做的就是在更新作曲家之前启用csrf protaction。
<强> config.yml
framework:
csrf_protection:
enabled: true