Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #2283637 by pfrenssen, dawehner, shivanshuag, znerol: Provide test coverage to prove that an AuthenticationProvider can initiate a session

8.0.x
Alex Pott 2015-05-18 05:55:06 +01:00
parent e9a25fca2d
commit 4d4635c123
5 changed files with 107 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php
View File

@ -28,10 +28,52 @@ trait BasicAuthTestTrait {
* The retrieved HTML string, also available as $this->getRawContent().
*/
protected function basicAuthGet($path, $username, $password, array $options = []) {
// Set up Curl to use basic authentication with the test user's credentials.
$headers = ['Authorization: Basic ' . base64_encode("$username:$password")];
return $this->drupalGet($path, $options, $this->getBasicAuthHeaders($username, $password));
}
return $this->drupalGet($path, $options, $headers);
/**
* Executes a form submission using basic authentication.
*
* @param string $path
* Location of the post form.
* @param array $edit
* Field data in an associative array.
* @param string $submit
* Value of the submit button whose click is to be emulated.
* @param string $username
* The username to use for basic authentication.
* @param string $password
* The password to use for basic authentication.
* @param array $options
* Options to be forwarded to the url generator.
* @param string $form_html_id
* (optional) HTML ID of the form to be submitted.
* @param string $extra_post
* (optional) A string of additional data to append to the POST submission.
*
* @return string
* The retrieved HTML string.
*
* @see \Drupal\simpletest\WebTestBase::drupalPostForm()
*/
protected function basicAuthPostForm($path, $edit, $submit, $username, $password, array $options = array(), $form_html_id = NULL, $extra_post = NULL) {
return $this->drupalPostForm($path, $edit, $submit, $options, $this->getBasicAuthHeaders($username, $password), $form_html_id, $extra_post);
}
/**
* Returns HTTP headers that can be used for basic authentication in Curl.
*
* @param string $username
* The username to use for basic authentication.
* @param string $password
* The password to use for basic authentication.
*
* @return array
* An array of raw request headers as used by curl_setopt().
*/
protected function getBasicAuthHeaders($username, $password) {
// Set up Curl to use basic authentication with the test user's credentials.
return ['Authorization: Basic ' . base64_encode("$username:$password")];
}
}

2
core/modules/simpletest/src/WebTestBase.php
View File

@ -1369,7 +1369,7 @@ abstract class WebTestBase extends TestBase {
* An array containing additional HTTP request headers, each formatted as
* "name: value".
*
* @return
* @return string
* The retrieved HTML string, also available as $this->getRawContent()
*/
protected function drupalGet($path, array $options = array(), array $headers = array()) {

32
core/modules/system/src/Tests/Session/SessionAuthenticationTest.php
View File

@ -78,4 +78,36 @@ class SessionAuthenticationTest extends WebTestBase {
$this->assertResponse(401, 'A subsequent request to the same route without basic authentication is not authorized.');
}
/**
* Tests if a session can be initiated through basic authentication.
*/
public function testBasicAuthSession() {
// Set a session value on a request through basic auth.
$test_value = 'alpaca';
$response = $this->basicAuthGet('session-test/set-session/' . $test_value, $this->user->getUsername(), $this->user->pass_raw);
$this->assertSessionData($response, $test_value);
$this->assertResponse(200, 'The request to set a session value was successful.');
// Test that on a subsequent request the session value is still present.
$response = $this->basicAuthGet('session-test/get-session', $this->user->getUsername(), $this->user->pass_raw);
$this->assertSessionData($response, $test_value);
$this->assertResponse(200, 'The request to get a session value was successful.');
}
/**
* Checks the session data returned by the session test routes.
*
* @param string $response
* A response object containing the session values and the user ID.
* @param string $expected
* The expected session value.
*/
protected function assertSessionData($response, $expected) {
$response = json_decode($response, TRUE);
$this->assertEqual(['test_value' => $expected], $response['session'], 'The session data matches the expected value.');
// Check that we are logged in as the correct user.
$this->assertEqual($this->user->id(), $response['user'], 'The correct user is logged in.');
}
}

12
core/modules/system/tests/modules/session_test/session_test.routing.yml
View File

@ -107,3 +107,15 @@ session_test.get_session_no_auth:
_controller: '\Drupal\session_test\Controller\SessionTestController::getSession'
requirements:
_access: 'TRUE'
session_test.set_session:
path: '/session-test/set-session/{test_value}'
defaults:
_title: 'Set a session value using basic authentication'
_controller: '\Drupal\session_test\Controller\SessionTestController::setSession'
options:
_auth: ['basic_auth']
converters:
test_value: '\s+'
requirements:
_permission: 'administer site configuration'

17
core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php
View File

@ -175,4 +175,21 @@ class SessionTestController extends ControllerBase {
return new JsonResponse(['session' => $request->getSession()->all(), 'user' => $this->currentUser()->id()]);
}
/**
* Sets a test value on the session.
*
* @param \Symfony\Component\HttpFoundation\Request $request
* The request object.
* @param string $test_value
* A value to set on the session.
*
* @return \Symfony\Component\HttpFoundation\JsonResponse
* A response object containing the session values and the user ID.
*/
public function setSession(Request $request, $test_value) {
$session = $request->getSession();
$session->set('test_value', $test_value);
return new JsonResponse(['session' => $session->all(), 'user' => $this->currentUser()->id()]);
}
}