我正在将Symfony从2.8升级到3.4,并且我具有身份验证侦听器。
侦听器的构造函数
public function __construct(EntityManager $entityManager, SessionInterface $session, Security $security, LoggerInterface $logger, Redis $redis, $secret)
{
$this->entityManager = $entityManager;
$this->session = $session;
$this->security = $security;
$this->logger = $logger;
$this->redis = $redis;
$this->secret = $secret;
}
正在侦听器中调用的On Request函数
public function onRequest(GetResponseEvent $event)
{
//Validate token
//Get Authorization Header
$headers = $event->getRequest()->headers;
$authHeader = $headers->get('Authorization');
//Check if Header value starts with 'Bearer'
if($this->startsWith($authHeader, self::$BEARER_HEADER)) {
// Allow request to be processed by controllers
//token handler
} else {
$securityContext = $this->security;
if ($securityContext->isGranted('IS_AUTHENTICATED_ANONYMOUSLY')) {
return;
} else {
throw new SessionTimeoutException();
}
}
}
Service.yml
app.token_listener:
class: Insead\MIMBundle\Listener\AuthTokenListener
arguments: ["@doctrine.orm.entity_manager", "@session", "@security.helper", "@logger", "@redis.authtoken", "%secret%"]
tags:
- { name: kernel.event_listener, event: kernel.request, method: onRequest, priority: 0 }
ACL列表条目-security.php
'access_control' => array(
array('path' => '^/api/(.*?)/login', 'role'=>'IS_AUTHENTICATED_ANONYMOUSLY'),
)
我尝试使用用户名和密码访问登录路由,但出现以下错误
GENERAL EXCEPTION: The token storage contains no authentication token. One possible reason may be that there is no firewall configured for this URL. in
/var/www/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authorization/AuthorizationChecker.php line 55
Exception caught by Listener::
[
{
"file": "/var/www/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Security.php",
"line": 65,
"function": "isGranted",
"class": "Symfony\\Component\\Security\\Core\\Authorization\\AuthorizationChecker",
"type": "->",
"args": [
"IS_AUTHENTICATED_ANONYMOUSLY",
null
]
},
{
"file": "/var/www/src/Insead/MIMBundle/Listener/AuthTokenListener.php",
"line": 135,
"function": "isGranted",
"class": "Symfony\\Component\\Security\\Core\\Security",
"type": "->",
"args": [
"IS_AUTHENTICATED_ANONYMOUSLY"
]
},
{
"file": "/var/www/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php",
"line": 212,
"function": "onRequest",
"class": "Insead\\MIMBundle\\Listener\\AuthTokenListener",
"type": "->",
"args": [
null,
"kernel.request",
null
]
},
{
"file": "/var/www/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php",
"line": 44,
"function": "doDispatch",
"class": "Symfony\\Component\\EventDispatcher\\EventDispatcher",
"type": "->",
"args": [
[
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onRequest"
],
[
null,
"onController"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"configure"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onKernelRequest"
],
[
null,
"onRequest"
]
],
"kernel.request",
null
]
},
{
"file": "/var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php",
"line": 127,
"function": "dispatch",
"class": "Symfony\\Component\\EventDispatcher\\EventDispatcher",
"type": "->",
"args": [
"kernel.request",
null
]
},
{
"file": "/var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php",
"line": 68,
"function": "handleRaw",
"class": "Symfony\\Component\\HttpKernel\\HttpKernel",
"type": "->",
"args": [
{
"attributes": null,
"request": null,
"query": null,
"server": null,
"files": null,
"cookies": null,
"headers": null
},
1
]
},
{
"file": "/var/www/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php",
"line": 200,
"function": "handle",
"class": "Symfony\\Component\\HttpKernel\\HttpKernel",
"type": "->",
"args": [
{
"attributes": null,
"request": null,
"query": null,
"server": null,
"files": null,
"cookies": null,
"headers": null
},
1,
true
]
},
{
"file": "/var/www/web/app.php",
"line": 29,
"function": "handle",
"class": "Symfony\\Component\\HttpKernel\\Kernel",
"type": "->",
"args": [
{
"attributes": null,
"request": null,
"query": null,
"server": null,
"files": null,
"cookies": null,
"headers": null
}
]
}
]
我已经花了几天时间,但仍然想不出解决办法。
对不起,如果已经回答了这个问题,我试图进行搜索,并且尝试了各种帖子中提到的问题,但仍无法解决。我也是symfony的新手。
Full Security.php
https://www.codepile.net/pile/7O1LJkpv
AuthTokenListner.php
答案 0 :(得分:1)
我认为已弃用/删除了securitycontext。需要在授权检查器上调用isGranted
return $this->get('security.authorization_checker');
您需要“ security.authorization_checker”服务。
然后您可以在authorization_checker服务上调用isGranted。
// get the service from the container or pass it in via injection
$authChecker = $this->get('security.authorization_checker');
if ($authChecker->isGranted('IS...')) { ... }
我使用了rector以便于迁移。我强烈建议https://github.com/rectorphp/rector以便顺利迁移。我可以保证您将使用此工具节省大量时间。
https://www.tomasvotruba.cz/blog/2019/02/28/how-to-upgrade-symfony-2-8-to-3-4/
答案 1 :(得分:1)
将 AuthorizationChecker 注入您的班级
protected $authChecker;
public function __construct(AuthorizationChecker $authChecker)
{
$this->authChecker = $authChecker;
}
通过将其注入您的 service.yml
XXXXXXXXX:
class: App\XXX\XXXX\XXXXX
arguments: [ "@security.authorization_checker" ]
然后使用 isGranted
使用它来检查角色if ($this->authChecker->isGranted('IS_AUTHENTICATED_ANONYMOUSLY')) {
}
答案 2 :(得分:0)
问题属于优先顺序。
感谢@cerad提供了相关线索
bin/console debug:event-dispatcher kernel.request
帮助解决了该问题。我正在使用
tags:
- { name: kernel.event_listener, event: kernel.response, method: onKernelResponse, priority: 10 }
在Services.yml中,它与
有冲突getSubscribedEvents()
因此,我删除了标签,只保留了
public static function getSubscribedEvents()
{
return array(
KernelEvents::REQUEST => array('onKernelRequest', 10),
);
}
然后,我通过将其他两个侦听器的优先级设置为与symfony 2.8中相同的优先级,将身份验证侦听器降低了
感谢大家为我特别提供@Pie @Cerad和@BoShurik