我有以下问题。当我在我的src文件夹上运行分析时,我得到了这个错误
------ ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Line Security/CustomerAuthenticator.php
------ ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
38 Parameter #1 $userIdentifier of class SymfonyComponentSecurityHttpAuthenticatorPassportBadgeUserBadge constructor expects string, bool|float|int|string given.
39 Parameter #1 $password of class SymfonyComponentSecurityHttpAuthenticatorPassportCredentialsPasswordCredentials constructor expects string, bool|float|int|string given.
41 Parameter #2 $csrfToken of class SymfonyComponentSecurityHttpAuthenticatorPassportBadgeCsrfTokenBadge constructor expects string|null, bool|float|int|string|null given.
53 Cannot call method getRoles() on SymfonyComponentSecurityCoreUserUserInterface|null.
主要的问题是,我没有写Authenticator,Symfony也是。我使用maker bundle来生成user和authenticator,并且我几乎没有更改代码中的任何内容(我只添加了支持方法,否则authenticator将无法工作(
客户身份验证器
<?php
namespace AppSecurity;
use SymfonyComponentHttpFoundationRedirectResponse;
use SymfonyComponentHttpFoundationRequest;
use SymfonyComponentHttpFoundationResponse;
use SymfonyComponentRoutingGeneratorUrlGeneratorInterface;
use SymfonyComponentSecurityCoreAuthenticationTokenTokenInterface;
use SymfonyComponentSecurityCoreSecurity;
use SymfonyComponentSecurityHttpAuthenticatorAbstractLoginFormAuthenticator;
use SymfonyComponentSecurityHttpAuthenticatorPassportBadgeCsrfTokenBadge;
use SymfonyComponentSecurityHttpAuthenticatorPassportBadgeUserBadge;
use SymfonyComponentSecurityHttpAuthenticatorPassportCredentialsPasswordCredentials;
use SymfonyComponentSecurityHttpAuthenticatorPassportPassport;
use SymfonyComponentSecurityHttpUtilTargetPathTrait;
class CustomerAuthenticator extends AbstractLoginFormAuthenticator
{
use TargetPathTrait;
public const LOGIN_ROUTE = 'app_login';
private UrlGeneratorInterface $urlGenerator;
public function __construct(UrlGeneratorInterface $urlGenerator)
{
$this->urlGenerator = $urlGenerator;
}
public function authenticate(Request $request): Passport
{
$username = $request->request->get('username', '');
$request->getSession()->set(Security::LAST_USERNAME, $username);
return new Passport(
new UserBadge($username),
new PasswordCredentials($request->request->get('password', '')),
[
new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
]
);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
if ($targetPath = $this->getTargetPath($request->getSession(), $firewallName)) {
return new RedirectResponse($targetPath);
}
$user = $token->getUser();
if (in_array('ROLE_ADMIN', $user->getRoles(), true)) {
return new RedirectResponse($this->urlGenerator->generate('admin.adminpanel'));
}
// For example:
// return new RedirectResponse($this->urlGenerator->generate('some_route'));
return new RedirectResponse($this->urlGenerator->generate('app_home'));
}
protected function getLoginUrl(Request $request): string
{
return $this->urlGenerator->generate(self::LOGIN_ROUTE);
}
public function supports(Request $request): bool
{
return self::LOGIN_ROUTE === $request->attributes->get('_route')
&& $request->isMethod('POST');
}
}
phpstan中的级别可能太严格了?你对样板代码有什么期望Phpstan说,怎么了。在第38行,您传递$username变量,该变量是从请求中获得的。但它可能不仅仅是phpstan所说的请求中的字符串。强制转换为字符串,或者更好——检查是否为该字符串。Phpstan足够聪明地意识到,经过检查,它正是string。其他人也是如此。通常情况下,这不是什么大问题,在大多数情况下,它会像预期的那样工作。但最好至少在7级修复所有phpstan问题。
例如:
$username = (string)$request->request->get('username', '');
或
if (!is_string($request->request->get('_csrf_token'))) {
throw new AuthenticationException(''); // or maybe csrf token exception
}