1 files changed, 36 insertions, 1 deletions

diff --git a/Guard/Tests/Provider/GuardAuthenticationProviderTest.php b/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
index 33c00e5..bfcf24b 100644
--- a/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
+++ b/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
@@ -60,7 +60,9 @@ class GuardAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
         // checkCredentials is called
         $authenticatorB->expects($this->once())
             ->method('checkCredentials')
-            ->with($enteredCredentials, $mockedUser);
+            ->with($enteredCredentials, $mockedUser)
+            // authentication works!
+            ->will($this->returnValue(true));
         $authedToken = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
         $authenticatorB->expects($this->once())
             ->method('createAuthenticatedToken')
@@ -81,6 +83,39 @@ class GuardAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
     }
 
     /**
+     * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
+     */
+    public function testCheckCredentialsReturningNonTrueFailsAuthentication()
+    {
+        $providerKey = 'my_uncool_firewall';
+
+        $authenticator = $this->getMock('Symfony\Component\Security\Guard\GuardAuthenticatorInterface');
+
+        // make sure the authenticator is used
+        $this->preAuthenticationToken->expects($this->any())
+            ->method('getGuardProviderKey')
+            // the 0 index, to match the only authenticator
+            ->will($this->returnValue('my_uncool_firewall_0'));
+
+        $this->preAuthenticationToken->expects($this->atLeastOnce())
+            ->method('getCredentials')
+            ->will($this->returnValue('non-null-value'));
+
+        $mockedUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $authenticator->expects($this->once())
+            ->method('getUser')
+            ->will($this->returnValue($mockedUser));
+        // checkCredentials is called
+        $authenticator->expects($this->once())
+            ->method('checkCredentials')
+            // authentication fails :(
+            ->will($this->returnValue(null));
+
+        $provider = new GuardAuthenticationProvider(array($authenticator), $this->userProvider, $providerKey, $this->userChecker);
+        $provider->authenticate($this->preAuthenticationToken);
+    }
+
+    /**
      * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationExpiredException
      */
     public function testGuardWithNoLongerAuthenticatedTriggersLogout()