Get the CSRF token in test
CSRF token generator is normal symfony 2 service. You can get service and generate token yourself. For example:
$csrfToken = $client->getContainer()->get('form.csrf_provider')->generateCsrfToken('registration'); $crawler = $client->request('POST', '/ajax/register', array( 'fos_user_registration_form' => array( '_token' => $csrfToken, 'username' => 'samplelogin', 'email' => 'sample@fake.pl', 'plainPassword' => array( 'first' => 'somepass', 'second' => 'somepass', ), 'name' => 'sampleuser', 'type' => 'DSWP', ), ));
The generateCsrfToken gets one important parameter intention which should be the same in the test and in the form otherwise it fails.
After a long search (i've found nothing in doc and on the net about how to retrieve csrf token) i found a way:
$extract = $this->crawler->filter('input[name="element_add[_token]"]') ->extract(array('value'));$csrf_token = $extract[0];
Extract the token from response before make the request.
In symfony 3, in your WebTestCase
, you need to get the CSRF token:
$csrfToken = $client->getContainer()->get('security.csrf.token_manager')->getToken($csrfTokenId);
To get the $csrfTokenId
, the best way would be to force it in the options of your FormType
():
class TaskType extends AbstractType{ // ... public function configureOptions(OptionsResolver $resolver) { $resolver->setDefaults(array( 'csrf_token_id' => 'task_item', )); } // ...}
So in this case: $csrfTokenId = "task_item";
. Or you you can try to use the default value, that would be the name of your form.
Then use it as a post parameter:
$client->request( 'POST', '/url', [ 'formName' => [ 'field' => 'value', 'field2' => 'value2', '_token' => $csrfToken ] ]);