diff options
| author | Dawid Nowak <code@dnowak.pl> | 2015-06-03 01:54:30 +0200 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2015-10-05 16:40:29 +0200 |
| commit | 135b1b5bb942c97ec1f1d5e811063a7be3cae35e (patch) | |
| tree | a93df9aca9b0e64067ef6cd8eebbe74d42e770f3 /Tests/Http/RememberMe/AbstractRememberMeServicesTest.php | |
| parent | 86642118470f5301b4e29b8fb7d3dfe876c2e83e (diff) | |
| download | symfony-security-135b1b5bb942c97ec1f1d5e811063a7be3cae35e.zip symfony-security-135b1b5bb942c97ec1f1d5e811063a7be3cae35e.tar.gz symfony-security-135b1b5bb942c97ec1f1d5e811063a7be3cae35e.tar.bz2 | |
[Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
Diffstat (limited to 'Tests/Http/RememberMe/AbstractRememberMeServicesTest.php')
| -rw-r--r-- | Tests/Http/RememberMe/AbstractRememberMeServicesTest.php | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php b/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php index 70ff6a0..9dbcf3f 100644 --- a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php +++ b/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php @@ -82,16 +82,35 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase $this->assertSame('fookey', $returnedToken->getProviderKey()); } - public function testLogout() + /** + * @dataProvider provideOptionsForLogout + */ + public function testLogout(array $options) { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); + $service = $this->getService(null, $options); $request = new Request(); $response = new Response(); $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); $service->logout($request, $response, $token); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); + $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME); + + $this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie); + $this->assertTrue($cookie->isCleared()); + $this->assertSame($options['name'], $cookie->getName()); + $this->assertSame($options['path'], $cookie->getPath()); + $this->assertSame($options['domain'], $cookie->getDomain()); + $this->assertSame($options['secure'], $cookie->isSecure()); + $this->assertSame($options['httponly'], $cookie->isHttpOnly()); + } + + public function provideOptionsForLogout() + { + return array( + array(array('name' => 'foo', 'path' => '/', 'domain' => null, 'secure' => false, 'httponly' => true)), + array(array('name' => 'foo', 'path' => '/bar', 'domain' => 'baz.com', 'secure' => true, 'httponly' => false)), + ); } public function testLoginFail() @@ -267,6 +286,13 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase $userProvider = $this->getProvider(); } + if (!isset($options['secure'])) { + $options['secure'] = false; + } + if (!isset($options['httponly'])) { + $options['httponly'] = true; + } + return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array( array($userProvider), 'fookey', 'fookey', $options, $logger, )); |