[Security] TokenBasedRememberMeServices test to show why encoding username is required

author: Dawid Nowak <code@dnowak.pl> 2015-05-16 18:06:19 +0200
committer: Fabien Potencier <fabien.potencier@gmail.com> 2015-05-21 06:29:39 +0200
commit: fc2175946153bee537787dc1b6d8854c827f5e36 (patch)
tree: 2736724fbee28a77f98420c78b89512e9f50ce7e /Tests/Http
parent: c7a417a9e3a9712ddd2f8650193232fcf370e3c8 (diff)
download: symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.zip
symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.gz
symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.bz2
1 files changed, 16 insertions, 3 deletions
diff --git a/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php b/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php
index 4606003..511ddcc 100644
--- a/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php
+++ b/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php
@@ -105,7 +105,12 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
         $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared());
     }
 
-    public function testAutoLogin()
+    /**
+     * @dataProvider provideUsernamesForAutoLogin
+     *
+     * @param string $username
+     */
+    public function testAutoLogin($username)
     {
         $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
         $user
@@ -123,13 +128,13 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
         $userProvider
             ->expects($this->once())
             ->method('loadUserByUsername')
-            ->with($this->equalTo('foouser'))
+            ->with($this->equalTo($username))
             ->will($this->returnValue($user))
         ;
 
         $service = $this->getService($userProvider, array('name' => 'foo', 'always_remember_me' => true, 'lifetime' => 3600));
         $request = new Request();
-        $request->cookies->set('foo', $this->getCookie('fooclass', 'foouser', time() + 3600, 'foopass'));
+        $request->cookies->set('foo', $this->getCookie('fooclass', $username, time() + 3600, 'foopass'));
 
         $returnedToken = $service->autoLogin($request);
 
@@ -138,6 +143,14 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
         $this->assertEquals('fookey', $returnedToken->getKey());
     }
 
+    public function provideUsernamesForAutoLogin()
+    {
+        return array(
+            array('foouser', 'Simple username'),
+            array('foo'.TokenBasedRememberMeServices::COOKIE_DELIMITER.'user', 'Username might contain the delimiter'),
+        );
+    }
+
     public function testLogout()
     {
         $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null));
author	Dawid Nowak <code@dnowak.pl>	2015-05-16 18:06:19 +0200
committer	Fabien Potencier <fabien.potencier@gmail.com>	2015-05-21 06:29:39 +0200
commit	fc2175946153bee537787dc1b6d8854c827f5e36 (patch)
tree	2736724fbee28a77f98420c78b89512e9f50ce7e /Tests/Http
parent	c7a417a9e3a9712ddd2f8650193232fcf370e3c8 (diff)
download	symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.zip symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.gz symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.bz2