diff options
6 files changed, 103 insertions, 23 deletions
diff --git a/Core/Tests/User/InMemoryUserProviderTest.php b/Core/Tests/User/InMemoryUserProviderTest.php index dfc4237..0a1815f 100644 --- a/Core/Tests/User/InMemoryUserProviderTest.php +++ b/Core/Tests/User/InMemoryUserProviderTest.php @@ -18,18 +18,39 @@ class InMemoryUserProviderTest extends \PHPUnit_Framework_TestCase { public function testConstructor() { - $provider = new InMemoryUserProvider(array( + $provider = $this->createProvider(); + + $user = $provider->loadUserByUsername('fabien'); + $this->assertEquals('foo', $user->getPassword()); + $this->assertEquals(array('ROLE_USER'), $user->getRoles()); + $this->assertFalse($user->isEnabled()); + } + + public function testRefresh() + { + $user = new User('fabien', 'bar'); + + $provider = $this->createProvider(); + + $refreshedUser = $provider->refreshUser($user); + $this->assertEquals('foo', $refreshedUser->getPassword()); + $this->assertEquals(array('ROLE_USER'), $refreshedUser->getRoles()); + $this->assertFalse($refreshedUser->isEnabled()); + $this->assertFalse($refreshedUser->isCredentialsNonExpired()); + } + + /** + * @return InMemoryUserProvider + */ + protected function createProvider() + { + return new InMemoryUserProvider(array( 'fabien' => array( 'password' => 'foo', 'enabled' => false, 'roles' => array('ROLE_USER'), ), )); - - $user = $provider->loadUserByUsername('fabien'); - $this->assertEquals('foo', $user->getPassword()); - $this->assertEquals(array('ROLE_USER'), $user->getRoles()); - $this->assertFalse($user->isEnabled()); } public function testCreateUser() diff --git a/Core/User/InMemoryUserProvider.php b/Core/User/InMemoryUserProvider.php index 624eb3d..9aa39ca 100644 --- a/Core/User/InMemoryUserProvider.php +++ b/Core/User/InMemoryUserProvider.php @@ -67,17 +67,9 @@ class InMemoryUserProvider implements UserProviderInterface */ public function loadUserByUsername($username) { - if (!isset($this->users[strtolower($username)])) { - $ex = new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username)); - $ex->setUsername($username); - - throw $ex; - } + $user = $this->getUser($username); - $user = $this->users[strtolower($username)]; - - return new User($user->getUsername(), $user->getPassword(), $user->getRoles(), $user->isEnabled(), $user->isAccountNonExpired(), - $user->isCredentialsNonExpired(), $user->isAccountNonLocked()); + return new User($user->getUsername(), $user->getPassword(), $user->getRoles(), $user->isEnabled(), $user->isAccountNonExpired(), $user->isCredentialsNonExpired(), $user->isAccountNonLocked()); } /** @@ -89,7 +81,9 @@ class InMemoryUserProvider implements UserProviderInterface throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user))); } - return $this->loadUserByUsername($user->getUsername()); + $storedUser = $this->getUser($user->getUsername()); + + return new User($storedUser->getUsername(), $storedUser->getPassword(), $storedUser->getRoles(), $storedUser->isEnabled(), $storedUser->isAccountNonExpired(), $storedUser->isCredentialsNonExpired() && $storedUser->getPassword() === $user->getPassword(), $storedUser->isAccountNonLocked()); } /** @@ -99,4 +93,25 @@ class InMemoryUserProvider implements UserProviderInterface { return $class === 'Symfony\Component\Security\Core\User\User'; } + + /** + * Returns the user by given username. + * + * @param string $username The username. + * + * @return User + * + * @throws UsernameNotFoundException If user whose given username does not exist. + */ + private function getUser($username) + { + if (!isset($this->users[strtolower($username)])) { + $ex = new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username)); + $ex->setUsername($username); + + throw $ex; + } + + return $this->users[strtolower($username)]; + } } diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php index 04d95ea..3638f0c 100644 --- a/Http/RememberMe/AbstractRememberMeServices.php +++ b/Http/RememberMe/AbstractRememberMeServices.php @@ -304,7 +304,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface $this->logger->debug('Clearing remember-me cookie.', array('name' => $this->options['name'])); } - $request->attributes->set(self::COOKIE_ATTR_NAME, new Cookie($this->options['name'], null, 1, $this->options['path'], $this->options['domain'])); + $request->attributes->set(self::COOKIE_ATTR_NAME, new Cookie($this->options['name'], null, 1, $this->options['path'], $this->options['domain'], $this->options['secure'], $this->options['httponly'])); } /** diff --git a/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php b/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php index d3daa35..4ea4f5d 100644 --- a/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php +++ b/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php @@ -82,16 +82,35 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase $this->assertSame('fookey', $returnedToken->getProviderKey()); } - public function testLogout() + /** + * @dataProvider provideOptionsForLogout + */ + public function testLogout(array $options) { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); + $service = $this->getService(null, $options); $request = new Request(); $response = new Response(); $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); $service->logout($request, $response, $token); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); + $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME); + + $this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie); + $this->assertTrue($cookie->isCleared()); + $this->assertSame($options['name'], $cookie->getName()); + $this->assertSame($options['path'], $cookie->getPath()); + $this->assertSame($options['domain'], $cookie->getDomain()); + $this->assertSame($options['secure'], $cookie->isSecure()); + $this->assertSame($options['httponly'], $cookie->isHttpOnly()); + } + + public function provideOptionsForLogout() + { + return array( + array(array('name' => 'foo', 'path' => '/', 'domain' => null, 'secure' => false, 'httponly' => true)), + array(array('name' => 'foo', 'path' => '/bar', 'domain' => 'baz.com', 'secure' => true, 'httponly' => false)), + ); } public function testLoginFail() @@ -267,6 +286,13 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase $userProvider = $this->getProvider(); } + if (!isset($options['secure'])) { + $options['secure'] = false; + } + if (!isset($options['httponly'])) { + $options['httponly'] = true; + } + return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array( array($userProvider), 'foosecret', 'fookey', $options, $logger, )); diff --git a/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php b/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php index 889211c..43aaf92 100644 --- a/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php +++ b/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php @@ -180,7 +180,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test public function testLogout() { - $service = $this->getService(null, array('name' => 'foo', 'path' => '/foo', 'domain' => 'foodomain.foo')); + $service = $this->getService(null, array('name' => 'foo', 'path' => '/foo', 'domain' => 'foodomain.foo', 'secure' => true, 'httponly' => false)); $request = new Request(); $request->cookies->set('foo', $this->encodeCookie(array('fooseries', 'foovalue'))); $response = new Response(); @@ -201,6 +201,8 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test $this->assertTrue($cookie->isCleared()); $this->assertEquals('/foo', $cookie->getPath()); $this->assertEquals('foodomain.foo', $cookie->getDomain()); + $this->assertTrue($cookie->isSecure()); + $this->assertFalse($cookie->isHttpOnly()); } public function testLogoutSimplyIgnoresNonSetRequestCookie() @@ -311,6 +313,13 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test $userProvider = $this->getProvider(); } + if (!isset($options['secure'])) { + $options['secure'] = false; + } + if (!isset($options['httponly'])) { + $options['httponly'] = true; + } + return new PersistentTokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed')); } diff --git a/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php b/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php index 2a892c3..dab811b 100644 --- a/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php +++ b/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php @@ -153,7 +153,7 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase public function testLogout() { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); + $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null, 'secure' => true, 'httponly' => false)); $request = new Request(); $response = new Response(); $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); @@ -164,6 +164,8 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase $this->assertTrue($cookie->isCleared()); $this->assertEquals('/', $cookie->getPath()); $this->assertNull($cookie->getDomain()); + $this->assertTrue($cookie->isSecure()); + $this->assertFalse($cookie->isHttpOnly()); } public function testLoginFail() @@ -264,6 +266,13 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase $userProvider = $this->getProvider(); } + if (!isset($options['secure'])) { + $options['secure'] = false; + } + if (!isset($options['httponly'])) { + $options['httponly'] = true; + } + $service = new TokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger); return $service; |