Issue #2283637 by pfrenssen, dawehner, shivanshuag, znerol: Provide test coverage to prove that an AuthenticationProvider can initiate a session
Alex Pott
parent
e9a25fca2d
commit
4d4635c123
|
|
@ -28,10 +28,52 @@ trait BasicAuthTestTrait {
|
||||||
* The retrieved HTML string, also available as $this->getRawContent().
|
* The retrieved HTML string, also available as $this->getRawContent().
|
||||||
*/
|
*/
|
||||||
protected function basicAuthGet($path, $username, $password, array $options = []) {
|
protected function basicAuthGet($path, $username, $password, array $options = []) {
|
||||||
// Set up Curl to use basic authentication with the test user's credentials.
|
return $this->drupalGet($path, $options, $this->getBasicAuthHeaders($username, $password));
|
||||||
$headers = ['Authorization: Basic ' . base64_encode("$username:$password")];
|
}
|
||||||
|
|
||||||
return $this->drupalGet($path, $options, $headers);
|
/**
|
||||||
|
* Executes a form submission using basic authentication.
|
||||||
|
*
|
||||||
|
* @param string $path
|
||||||
|
* Location of the post form.
|
||||||
|
* @param array $edit
|
||||||
|
* Field data in an associative array.
|
||||||
|
* @param string $submit
|
||||||
|
* Value of the submit button whose click is to be emulated.
|
||||||
|
* @param string $username
|
||||||
|
* The username to use for basic authentication.
|
||||||
|
* @param string $password
|
||||||
|
* The password to use for basic authentication.
|
||||||
|
* @param array $options
|
||||||
|
* Options to be forwarded to the url generator.
|
||||||
|
* @param string $form_html_id
|
||||||
|
* (optional) HTML ID of the form to be submitted.
|
||||||
|
* @param string $extra_post
|
||||||
|
* (optional) A string of additional data to append to the POST submission.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
* The retrieved HTML string.
|
||||||
|
*
|
||||||
|
* @see \Drupal\simpletest\WebTestBase::drupalPostForm()
|
||||||
|
*/
|
||||||
|
protected function basicAuthPostForm($path, $edit, $submit, $username, $password, array $options = array(), $form_html_id = NULL, $extra_post = NULL) {
|
||||||
|
return $this->drupalPostForm($path, $edit, $submit, $options, $this->getBasicAuthHeaders($username, $password), $form_html_id, $extra_post);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns HTTP headers that can be used for basic authentication in Curl.
|
||||||
|
*
|
||||||
|
* @param string $username
|
||||||
|
* The username to use for basic authentication.
|
||||||
|
* @param string $password
|
||||||
|
* The password to use for basic authentication.
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
* An array of raw request headers as used by curl_setopt().
|
||||||
|
*/
|
||||||
|
protected function getBasicAuthHeaders($username, $password) {
|
||||||
|
// Set up Curl to use basic authentication with the test user's credentials.
|
||||||
|
return ['Authorization: Basic ' . base64_encode("$username:$password")];
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1369,7 +1369,7 @@ abstract class WebTestBase extends TestBase {
|
||||||
* An array containing additional HTTP request headers, each formatted as
|
* An array containing additional HTTP request headers, each formatted as
|
||||||
* "name: value".
|
* "name: value".
|
||||||
*
|
*
|
||||||
* @return
|
* @return string
|
||||||
* The retrieved HTML string, also available as $this->getRawContent()
|
* The retrieved HTML string, also available as $this->getRawContent()
|
||||||
*/
|
*/
|
||||||
protected function drupalGet($path, array $options = array(), array $headers = array()) {
|
protected function drupalGet($path, array $options = array(), array $headers = array()) {
|
||||||
|
|
|
||||||
|
|
@ -78,4 +78,36 @@ class SessionAuthenticationTest extends WebTestBase {
|
||||||
$this->assertResponse(401, 'A subsequent request to the same route without basic authentication is not authorized.');
|
$this->assertResponse(401, 'A subsequent request to the same route without basic authentication is not authorized.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests if a session can be initiated through basic authentication.
|
||||||
|
*/
|
||||||
|
public function testBasicAuthSession() {
|
||||||
|
// Set a session value on a request through basic auth.
|
||||||
|
$test_value = 'alpaca';
|
||||||
|
$response = $this->basicAuthGet('session-test/set-session/' . $test_value, $this->user->getUsername(), $this->user->pass_raw);
|
||||||
|
$this->assertSessionData($response, $test_value);
|
||||||
|
$this->assertResponse(200, 'The request to set a session value was successful.');
|
||||||
|
|
||||||
|
// Test that on a subsequent request the session value is still present.
|
||||||
|
$response = $this->basicAuthGet('session-test/get-session', $this->user->getUsername(), $this->user->pass_raw);
|
||||||
|
$this->assertSessionData($response, $test_value);
|
||||||
|
$this->assertResponse(200, 'The request to get a session value was successful.');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks the session data returned by the session test routes.
|
||||||
|
*
|
||||||
|
* @param string $response
|
||||||
|
* A response object containing the session values and the user ID.
|
||||||
|
* @param string $expected
|
||||||
|
* The expected session value.
|
||||||
|
*/
|
||||||
|
protected function assertSessionData($response, $expected) {
|
||||||
|
$response = json_decode($response, TRUE);
|
||||||
|
$this->assertEqual(['test_value' => $expected], $response['session'], 'The session data matches the expected value.');
|
||||||
|
|
||||||
|
// Check that we are logged in as the correct user.
|
||||||
|
$this->assertEqual($this->user->id(), $response['user'], 'The correct user is logged in.');
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -107,3 +107,15 @@ session_test.get_session_no_auth:
|
||||||
_controller: '\Drupal\session_test\Controller\SessionTestController::getSession'
|
_controller: '\Drupal\session_test\Controller\SessionTestController::getSession'
|
||||||
requirements:
|
requirements:
|
||||||
_access: 'TRUE'
|
_access: 'TRUE'
|
||||||
|
|
||||||
|
session_test.set_session:
|
||||||
|
path: '/session-test/set-session/{test_value}'
|
||||||
|
defaults:
|
||||||
|
_title: 'Set a session value using basic authentication'
|
||||||
|
_controller: '\Drupal\session_test\Controller\SessionTestController::setSession'
|
||||||
|
options:
|
||||||
|
_auth: ['basic_auth']
|
||||||
|
converters:
|
||||||
|
test_value: '\s+'
|
||||||
|
requirements:
|
||||||
|
_permission: 'administer site configuration'
|
||||||
|
|
|
||||||
|
|
@ -175,4 +175,21 @@ class SessionTestController extends ControllerBase {
|
||||||
return new JsonResponse(['session' => $request->getSession()->all(), 'user' => $this->currentUser()->id()]);
|
return new JsonResponse(['session' => $request->getSession()->all(), 'user' => $this->currentUser()->id()]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets a test value on the session.
|
||||||
|
*
|
||||||
|
* @param \Symfony\Component\HttpFoundation\Request $request
|
||||||
|
* The request object.
|
||||||
|
* @param string $test_value
|
||||||
|
* A value to set on the session.
|
||||||
|
*
|
||||||
|
* @return \Symfony\Component\HttpFoundation\JsonResponse
|
||||||
|
* A response object containing the session values and the user ID.
|
||||||
|
*/
|
||||||
|
public function setSession(Request $request, $test_value) {
|
||||||
|
$session = $request->getSession();
|
||||||
|
$session->set('test_value', $test_value);
|
||||||
|
return new JsonResponse(['session' => $session->all(), 'user' => $this->currentUser()->id()]);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue