在Play Framework 2.5(Scala)中使用CSRF令牌测试请求 [英] Testing request with CSRF Token in Play framework 2.5 (Scala)

问题描述

我在功能测试中遇到了一个小问题.

I'm stuck on a little problem with my functionnal testing.

我有戏！我在某些形式上添加了CSRF验证的2.5 scala项目中，相关的scala-test单元测试按预期失败，出现错误:

I have a Play! 2.5 scala project in which I added CSRF verification on some forms, the associated scala-test units test failed, as expected, with the error :

java.lang.RuntimeException: No CSRF token present!

我正在对路由使用FakeRequest以便对其进行测试:

I'm using FakeRequest with routes in order to test them :

val fakeRequest   = FakeRequest(GET, s"/backOffice/login")
val Some(result)  = route(app, fakeRequest)

如何添加CRSF令牌以使测试再次成功?

How could I add the CRSF Token in order to render my test successful again ?

(谢谢您，英语不好，我不是母语人士)

(Thank you, and sorry for bad english, I'm not native)

推荐答案

更新:就像haui在他的评论中所说:

Update : Like haui said in his comment :

似乎他们在播放版本2.6中添加了类似内容.如import play.api.test.CSRFTokenHelper._ FakeRequest().withCSRFToken(Scala)和CSRFTokenHelper.addCSRFToken(requestBuilder)(Java). rel ="nofollow noreferrer" title =迁移指南">迁移指南

Seems like they added something similar in play version 2.6. There you can use import play.api.test.CSRFTokenHelper._ FakeRequest().withCSRFToken (Scala) and CSRFTokenHelper.addCSRFToken(requestBuilder) (Java) as explained in the Migration guide

对于仍在2.5.6中的人，我的答案仍然适用:

For people who are still in 2.5.6, my answer still apply :

因此，在看了一段时间的Play-scala类之后，我终于找到了一种适应此答案的方法: https://stackoverflow.com/a/19849420/4496364 播放2.5.6

So, after looking in Play-scala classes for a certain time, I finally found a way to adapt this answer : https://stackoverflow.com/a/19849420/4496364 to Play 2.5.6

我什至制造了一个特质，所以如果某天有人需要它，这里就是:

I even made a trait, so if someone need it one day, here it is :

import play.api.Application
import play.api.test.FakeRequest
import play.filters.csrf.CSRF.Token
import play.filters.csrf.{CSRFConfigProvider, CSRFFilter}

import scala.language.postfixOps

trait CSRFTest {
  def addToken[T](fakeRequest: FakeRequest[T])(implicit app: Application) = {
    val csrfConfig     = app.injector.instanceOf[CSRFConfigProvider].get
    val csrfFilter     = app.injector.instanceOf[CSRFFilter]
    val token          = csrfFilter.tokenProvider.generateToken

    fakeRequest.copyFakeRequest(tags = fakeRequest.tags ++ Map(
      Token.NameRequestTag  -> csrfConfig.tokenName,
      Token.RequestTag      -> token
    )).withHeaders((csrfConfig.headerName, token))
  }
}

要使用它，只需使用它扩展您的测试类，即可:

To use it, simply extend your test class with it, like this :

class LoginSpec extends PlaySpec with OneAppPerSuite /* or whatever OneApp */ with CSRFTest

然后，而不是调用

val fakeRequest = FakeRequest(/* params */)

只需致电

val fakeRequest = addToken(FakeRequest(/* params */))

我试图使它看起来像Controller中的addToken {}:

I tried to make it look like the addToken{} in the Controller :)

这篇关于在Play Framework 2.5(Scala)中使用CSRF令牌测试请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！