diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2016-05-09 14:31:02 -0500 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2016-05-09 14:31:02 -0500 |
| commit | 3eb62fffbb324147f6dd68da4c3427fabfbdbe80 (patch) | |
| tree | afd60f80724e089b8cd648f0c17927d38161e57c /Tests/Http/Firewall | |
| parent | 34e648cf6cc3c9deb2aa0adf57cb17bddf7da57c (diff) | |
| parent | 231aafdaf4c9abbc812139bd6f909008fec91cd7 (diff) | |
| download | symfony-security-3eb62fffbb324147f6dd68da4c3427fabfbdbe80.zip symfony-security-3eb62fffbb324147f6dd68da4c3427fabfbdbe80.tar.gz symfony-security-3eb62fffbb324147f6dd68da4c3427fabfbdbe80.tar.bz2 | |
Merge branch '2.8' into 3.0
* 2.8:
limited the maximum length of a submitted username
Diffstat (limited to 'Tests/Http/Firewall')
| -rw-r--r-- | Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php b/Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php new file mode 100644 index 0000000..eca14d3 --- /dev/null +++ b/Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php @@ -0,0 +1,78 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Http\Firewall; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener; +use Symfony\Component\Security\Core\Security; + +class UsernamePasswordFormAuthenticationListenerTest extends \PHPUnit_Framework_TestCase +{ + /** + * @dataProvider getUsernameForLength + */ + public function testHandleWhenUsernameLength($username, $ok) + { + $request = Request::create('/login_check', 'POST', array('_username' => $username)); + $request->setSession($this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface')); + + $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); + $httpUtils + ->expects($this->any()) + ->method('checkRequestPath') + ->will($this->returnValue(true)) + ; + + $failureHandler = $this->getMock('Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface'); + $failureHandler + ->expects($ok ? $this->never() : $this->once()) + ->method('onAuthenticationFailure') + ->will($this->returnValue(new Response())) + ; + + $authenticationManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager')->disableOriginalConstructor()->getMock(); + $authenticationManager + ->expects($ok ? $this->once() : $this->never()) + ->method('authenticate') + ->will($this->returnValue(new Response())) + ; + + $listener = new UsernamePasswordFormAuthenticationListener( + $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'), + $authenticationManager, + $this->getMock('Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface'), + $httpUtils, + 'TheProviderKey', + $this->getMock('Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface'), + $failureHandler, + array('require_previous_session' => false) + ); + + $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); + $event + ->expects($this->any()) + ->method('getRequest') + ->will($this->returnValue($request)) + ; + + $listener->handle($event); + } + + public function getUsernameForLength() + { + return array( + array(str_repeat('x', Security::MAX_USERNAME_LENGTH + 1), false), + array(str_repeat('x', Security::MAX_USERNAME_LENGTH - 1), true), + ); + } +} |