每次响应 401 Unauthorized 时在 DEV Env 中调用休息，PROD 工作正常

Posted 2023-02-16

【中文标题】每次响应 401 Unauthorized 时在 DEV Env 中调用休息，PROD 工作正常

【英文标题】：Rest calls in DEV Env everytime response a 401 Unauthorized, PROD works fine

【发布时间】：2020-01-29 13:05:13

【问题描述】：

我使用休息 api。在生产中，所有调用都在工作。在开发环境中，它每次都会失败，并出现 401。 有一个自定义用户 api 提供程序，它检查用户是否具有 api 访问权限。登录是带有用户凭据的 http_basic。

我尝试了几件事来找出问题所在。但没有任何效果。

我在 UserApiProvider 中做了一个调试输出，但我不会被调用。

security.yaml

providers:
        user_provider:
            id: dashboard.user_provider.email
        api_provider:
            id: dashboard.user_provider.api
        internal_provider:
            id: dashboard.user_provider.internal

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false

        internal_status:
            pattern: ^/internal/status$
            stateless: true
            http_basic:
                provider: internal_provider

        api:
            pattern: ^/api/
            stateless: true
            http_basic:
                provider: api_provider

        main:
            pattern: ^/
            form_login:
                provider: user_provider
                failure_handler: security.login_failure_handler
                success_handler: security.login_success_handler
                csrf_provider: security.csrf.token_manager
            logout:
                csrf_provider: security.csrf.token_manager
                success_handler: security.custom_logout_success_handler
            anonymous: true
            switch_user: true

ApiUserProvider

class ApiUserProvider extends UserProvider

    /**
     * @inheritDoc
     */
    protected function findUser($username)
    
        /** @var User $user */
        $user = $this->userManager->findUserByEmail($username);

        if ($user && !$user->hasApiAccess()) 
            return null;
        

        return $user;
    

错误将是：

"error":"code":401,"message":"Unauthorized","exception":["message":"You are not authenticated","class":"Symfony\Component\HttpKernel \Exception\HttpException","trace":["namespace":"","short_class":"","class":"","type":"","function":"","file" :"/dashboard/lib/vendor/friendsofsymfony/rest-bundle/FOS/RestBundle/EventListener/AccessDeniedListener.php","line":77,"args":[],"namespace":"FOS\RestBundle\ EventListener","short_class":"AccessDeniedListener","class":"FOS\RestBundle\EventListener\AccessDeniedListener","type":"->","function":"onKernelException","file":"/dashboard/ lib/vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/WrappedListener.php","line":61,"args":[["object","Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent" ],["string","kernel.exception"],["object","Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher"]]

...

来自 dev.log

[request ERROR] Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\HttpException: "You are not authenticated" at /dashboard/lib/vendor/friendsofsymfony/rest-bundle/FOS/RestBundle/EventListener/AccessDeniedListener.php line 77 "exception":"[object] (Symfony\\Component\\HttpKernel\\Exception\\HttpException(code: 0): You are not authenticated at /dashboard/lib/vendor/friendsofsymfony/rest-bundle/FOS/RestBundle/EventListener/AccessDeniedListener.php:77, Symfony\\Component\\Security\\Core\\Exception\\AuthenticationCredentialsNotFoundException(code: 0): A Token was not found in the TokenStorage. at /dashboard/lib/vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php:51)"

有人有什么想法吗？

亲切的问候， 启

【问题讨论】：

你还有其他来自 api 的日志吗？

我把 dev.log 中有趣的一行放在我上面的帖子中

看起来 Symfony 不接受来自基本身份验证的凭据。但它在生产和我的测试系统上工作，只有本地开发人员无法工作

你用同样的方式调用 prod 和 dev 之间的路由？

当然。我使用邮递员并有 2 个相同的电话，唯一的区别是网址

【参考方案1】：

当然，我认为这是应用程序的问题。

问题是 php-cgi 缺少身份验证标头。在我的产品引擎上是 mod_php 和本地 cgi：/

Workaround for missing Authorization header under CGI/FastCGI Apache:
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0