summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlex Pott2015-05-18 04:55:06 (GMT)
committerAlex Pott2015-05-18 04:55:06 (GMT)
commit4d4635c1230a442c4a6c5bb8ec5dffa817888974 (patch)
tree896af86743937c0aa398a9c2a1eac99772bf4f2d
parente9a25fca2dc32827dfb1943690d1b9326676530d (diff)
Issue #2283637 by pfrenssen, dawehner, shivanshuag, znerol: Provide test coverage to prove that an AuthenticationProvider can initiate a session
-rw-r--r--core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php48
-rw-r--r--core/modules/simpletest/src/WebTestBase.php2
-rw-r--r--core/modules/system/src/Tests/Session/SessionAuthenticationTest.php32
-rw-r--r--core/modules/system/tests/modules/session_test/session_test.routing.yml12
-rw-r--r--core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php17
5 files changed, 107 insertions, 4 deletions
diff --git a/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php b/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php
index 7cd6d30..2d04672 100644
--- a/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php
+++ b/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php
@@ -28,10 +28,52 @@ trait BasicAuthTestTrait {
* The retrieved HTML string, also available as $this->getRawContent().
*/
protected function basicAuthGet($path, $username, $password, array $options = []) {
- // Set up Curl to use basic authentication with the test user's credentials.
- $headers = ['Authorization: Basic ' . base64_encode("$username:$password")];
+ return $this->drupalGet($path, $options, $this->getBasicAuthHeaders($username, $password));
+ }
+
+ /**
+ * Executes a form submission using basic authentication.
+ *
+ * @param string $path
+ * Location of the post form.
+ * @param array $edit
+ * Field data in an associative array.
+ * @param string $submit
+ * Value of the submit button whose click is to be emulated.
+ * @param string $username
+ * The username to use for basic authentication.
+ * @param string $password
+ * The password to use for basic authentication.
+ * @param array $options
+ * Options to be forwarded to the url generator.
+ * @param string $form_html_id
+ * (optional) HTML ID of the form to be submitted.
+ * @param string $extra_post
+ * (optional) A string of additional data to append to the POST submission.
+ *
+ * @return string
+ * The retrieved HTML string.
+ *
+ * @see \Drupal\simpletest\WebTestBase::drupalPostForm()
+ */
+ protected function basicAuthPostForm($path, $edit, $submit, $username, $password, array $options = array(), $form_html_id = NULL, $extra_post = NULL) {
+ return $this->drupalPostForm($path, $edit, $submit, $options, $this->getBasicAuthHeaders($username, $password), $form_html_id, $extra_post);
+ }
- return $this->drupalGet($path, $options, $headers);
+ /**
+ * Returns HTTP headers that can be used for basic authentication in Curl.
+ *
+ * @param string $username
+ * The username to use for basic authentication.
+ * @param string $password
+ * The password to use for basic authentication.
+ *
+ * @return array
+ * An array of raw request headers as used by curl_setopt().
+ */
+ protected function getBasicAuthHeaders($username, $password) {
+ // Set up Curl to use basic authentication with the test user's credentials.
+ return ['Authorization: Basic ' . base64_encode("$username:$password")];
}
}
diff --git a/core/modules/simpletest/src/WebTestBase.php b/core/modules/simpletest/src/WebTestBase.php
index 99cb227..8e224c1 100644
--- a/core/modules/simpletest/src/WebTestBase.php
+++ b/core/modules/simpletest/src/WebTestBase.php
@@ -1369,7 +1369,7 @@ abstract class WebTestBase extends TestBase {
* An array containing additional HTTP request headers, each formatted as
* "name: value".
*
- * @return
+ * @return string
* The retrieved HTML string, also available as $this->getRawContent()
*/
protected function drupalGet($path, array $options = array(), array $headers = array()) {
diff --git a/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php b/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php
index 121bc34..1a67266 100644
--- a/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php
+++ b/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php
@@ -78,4 +78,36 @@ class SessionAuthenticationTest extends WebTestBase {
$this->assertResponse(401, 'A subsequent request to the same route without basic authentication is not authorized.');
}
+ /**
+ * Tests if a session can be initiated through basic authentication.
+ */
+ public function testBasicAuthSession() {
+ // Set a session value on a request through basic auth.
+ $test_value = 'alpaca';
+ $response = $this->basicAuthGet('session-test/set-session/' . $test_value, $this->user->getUsername(), $this->user->pass_raw);
+ $this->assertSessionData($response, $test_value);
+ $this->assertResponse(200, 'The request to set a session value was successful.');
+
+ // Test that on a subsequent request the session value is still present.
+ $response = $this->basicAuthGet('session-test/get-session', $this->user->getUsername(), $this->user->pass_raw);
+ $this->assertSessionData($response, $test_value);
+ $this->assertResponse(200, 'The request to get a session value was successful.');
+ }
+
+ /**
+ * Checks the session data returned by the session test routes.
+ *
+ * @param string $response
+ * A response object containing the session values and the user ID.
+ * @param string $expected
+ * The expected session value.
+ */
+ protected function assertSessionData($response, $expected) {
+ $response = json_decode($response, TRUE);
+ $this->assertEqual(['test_value' => $expected], $response['session'], 'The session data matches the expected value.');
+
+ // Check that we are logged in as the correct user.
+ $this->assertEqual($this->user->id(), $response['user'], 'The correct user is logged in.');
+ }
+
}
diff --git a/core/modules/system/tests/modules/session_test/session_test.routing.yml b/core/modules/system/tests/modules/session_test/session_test.routing.yml
index 0cedf4f..b2ef74f 100644
--- a/core/modules/system/tests/modules/session_test/session_test.routing.yml
+++ b/core/modules/system/tests/modules/session_test/session_test.routing.yml
@@ -107,3 +107,15 @@ session_test.get_session_no_auth:
_controller: '\Drupal\session_test\Controller\SessionTestController::getSession'
requirements:
_access: 'TRUE'
+
+session_test.set_session:
+ path: '/session-test/set-session/{test_value}'
+ defaults:
+ _title: 'Set a session value using basic authentication'
+ _controller: '\Drupal\session_test\Controller\SessionTestController::setSession'
+ options:
+ _auth: ['basic_auth']
+ converters:
+ test_value: '\s+'
+ requirements:
+ _permission: 'administer site configuration'
diff --git a/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php b/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php
index 41fe7ed..b17d9a0 100644
--- a/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php
+++ b/core/modules/system/tests/modules/session_test/src/Controller/SessionTestController.php
@@ -175,4 +175,21 @@ class SessionTestController extends ControllerBase {
return new JsonResponse(['session' => $request->getSession()->all(), 'user' => $this->currentUser()->id()]);
}
+ /**
+ * Sets a test value on the session.
+ *
+ * @param \Symfony\Component\HttpFoundation\Request $request
+ * The request object.
+ * @param string $test_value
+ * A value to set on the session.
+ *
+ * @return \Symfony\Component\HttpFoundation\JsonResponse
+ * A response object containing the session values and the user ID.
+ */
+ public function setSession(Request $request, $test_value) {
+ $session = $request->getSession();
+ $session->set('test_value', $test_value);
+ return new JsonResponse(['session' => $session->all(), 'user' => $this->currentUser()->id()]);
+ }
+
}