diff options
Diffstat (limited to 'Tests/Http')
30 files changed, 0 insertions, 4845 deletions
diff --git a/Tests/Http/AccessMapTest.php b/Tests/Http/AccessMapTest.php deleted file mode 100644 index c2d9b7f..0000000 --- a/Tests/Http/AccessMapTest.php +++ /dev/null @@ -1,51 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http; - -use Symfony\Component\Security\Http\AccessMap; - -class AccessMapTest extends \PHPUnit_Framework_TestCase -{ - public function testReturnsFirstMatchedPattern() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $requestMatcher1 = $this->getRequestMatcher($request, false); - $requestMatcher2 = $this->getRequestMatcher($request, true); - - $map = new AccessMap(); - $map->add($requestMatcher1, array('ROLE_ADMIN'), 'http'); - $map->add($requestMatcher2, array('ROLE_USER'), 'https'); - - $this->assertSame(array(array('ROLE_USER'), 'https'), $map->getPatterns($request)); - } - - public function testReturnsEmptyPatternIfNoneMatched() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $requestMatcher = $this->getRequestMatcher($request, false); - - $map = new AccessMap(); - $map->add($requestMatcher, array('ROLE_USER'), 'https'); - - $this->assertSame(array(null, null), $map->getPatterns($request)); - } - - private function getRequestMatcher($request, $matches) - { - $requestMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcherInterface'); - $requestMatcher->expects($this->once()) - ->method('matches')->with($request) - ->will($this->returnValue($matches)); - - return $requestMatcher; - } -} diff --git a/Tests/Http/Authentication/DefaultAuthenticationFailureHandlerTest.php b/Tests/Http/Authentication/DefaultAuthenticationFailureHandlerTest.php deleted file mode 100644 index 38072d6..0000000 --- a/Tests/Http/Authentication/DefaultAuthenticationFailureHandlerTest.php +++ /dev/null @@ -1,174 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Authentication; - -use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler; -use Symfony\Component\Security\Core\SecurityContextInterface; -use Symfony\Component\HttpKernel\HttpKernelInterface; - -class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCase -{ - private $httpKernel = null; - - private $httpUtils = null; - - private $logger = null; - - private $request = null; - - private $session = null; - - private $exception = null; - - protected function setUp() - { - $this->httpKernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'); - $this->httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); - $this->logger = $this->getMock('Psr\Log\LoggerInterface'); - - $this->session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface'); - $this->request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $this->request->expects($this->any())->method('getSession')->will($this->returnValue($this->session)); - $this->exception = $this->getMock('Symfony\Component\Security\Core\Exception\AuthenticationException', array('getMessage')); - } - - public function testForward() - { - $options = array('failure_forward' => true); - - $subRequest = $this->getRequest(); - $subRequest->attributes->expects($this->once()) - ->method('set')->with(SecurityContextInterface::AUTHENTICATION_ERROR, $this->exception); - $this->httpUtils->expects($this->once()) - ->method('createRequest')->with($this->request, '/login') - ->will($this->returnValue($subRequest)); - - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - $this->httpKernel->expects($this->once()) - ->method('handle')->with($subRequest, HttpKernelInterface::SUB_REQUEST) - ->will($this->returnValue($response)); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, $options, $this->logger); - $result = $handler->onAuthenticationFailure($this->request, $this->exception); - - $this->assertSame($response, $result); - } - - public function testRedirect() - { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - $this->httpUtils->expects($this->once()) - ->method('createRedirectResponse')->with($this->request, '/login') - ->will($this->returnValue($response)); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, array(), $this->logger); - $result = $handler->onAuthenticationFailure($this->request, $this->exception); - - $this->assertSame($response, $result); - } - - public function testExceptionIsPersistedInSession() - { - $this->session->expects($this->once()) - ->method('set')->with(SecurityContextInterface::AUTHENTICATION_ERROR, $this->exception); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, array(), $this->logger); - $handler->onAuthenticationFailure($this->request, $this->exception); - } - - public function testExceptionIsPassedInRequestOnForward() - { - $options = array('failure_forward' => true); - - $subRequest = $this->getRequest(); - $subRequest->attributes->expects($this->once()) - ->method('set')->with(SecurityContextInterface::AUTHENTICATION_ERROR, $this->exception); - - $this->httpUtils->expects($this->once()) - ->method('createRequest')->with($this->request, '/login') - ->will($this->returnValue($subRequest)); - - $this->session->expects($this->never())->method('set'); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, $options, $this->logger); - $handler->onAuthenticationFailure($this->request, $this->exception); - } - - public function testRedirectIsLogged() - { - $this->logger->expects($this->once())->method('debug')->with('Redirecting to /login'); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, array(), $this->logger); - $handler->onAuthenticationFailure($this->request, $this->exception); - } - - public function testForwardIsLogged() - { - $options = array('failure_forward' => true); - - $this->httpUtils->expects($this->once()) - ->method('createRequest')->with($this->request, '/login') - ->will($this->returnValue($this->getRequest())); - - $this->logger->expects($this->once())->method('debug')->with('Forwarding to /login'); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, $options, $this->logger); - $handler->onAuthenticationFailure($this->request, $this->exception); - } - - public function testFailurePathCanBeOverwritten() - { - $options = array('failure_path' => '/auth/login'); - - $this->httpUtils->expects($this->once()) - ->method('createRedirectResponse')->with($this->request, '/auth/login'); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, $options, $this->logger); - $handler->onAuthenticationFailure($this->request, $this->exception); - } - - public function testFailurePathCanBeOverwrittenWithRequest() - { - $this->request->expects($this->once()) - ->method('get')->with('_failure_path', null, true) - ->will($this->returnValue('/auth/login')); - - $this->httpUtils->expects($this->once()) - ->method('createRedirectResponse')->with($this->request, '/auth/login'); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, array(), $this->logger); - $handler->onAuthenticationFailure($this->request, $this->exception); - } - - public function testFailurePathParameterCanBeOverwritten() - { - $options = array('failure_path_parameter' => '_my_failure_path'); - - $this->request->expects($this->once()) - ->method('get')->with('_my_failure_path', null, true) - ->will($this->returnValue('/auth/login')); - - $this->httpUtils->expects($this->once()) - ->method('createRedirectResponse')->with($this->request, '/auth/login'); - - $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, $options, $this->logger); - $handler->onAuthenticationFailure($this->request, $this->exception); - } - - private function getRequest() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $request->attributes = $this->getMock('Symfony\Component\HttpFoundation\ParameterBag'); - - return $request; - } -} diff --git a/Tests/Http/Authentication/DefaultAuthenticationSuccessHandlerTest.php b/Tests/Http/Authentication/DefaultAuthenticationSuccessHandlerTest.php deleted file mode 100644 index 3d8ebf3..0000000 --- a/Tests/Http/Authentication/DefaultAuthenticationSuccessHandlerTest.php +++ /dev/null @@ -1,169 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Authentication; - -use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; - -class DefaultAuthenticationSuccessHandlerTest extends \PHPUnit_Framework_TestCase -{ - private $httpUtils = null; - - private $request = null; - - private $token = null; - - protected function setUp() - { - $this->httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); - $this->request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $this->request->headers = $this->getMock('Symfony\Component\HttpFoundation\HeaderBag'); - $this->token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - } - - public function testRequestIsRedirected() - { - $response = $this->expectRedirectResponse('/'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testDefaultTargetPathCanBeForced() - { - $options = array( - 'always_use_default_target_path' => true, - 'default_target_path' => '/dashboard', - ); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathIsPassedWithRequest() - { - $this->request->expects($this->once()) - ->method('get')->with('_target_path') - ->will($this->returnValue('/dashboard')); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathParameterIsCustomised() - { - $options = array('target_path_parameter' => '_my_target_path'); - - $this->request->expects($this->once()) - ->method('get')->with('_my_target_path') - ->will($this->returnValue('/dashboard')); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathIsTakenFromTheSession() - { - $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface'); - $session->expects($this->once()) - ->method('get')->with('_security.admin.target_path') - ->will($this->returnValue('/admin/dashboard')); - $session->expects($this->once()) - ->method('remove')->with('_security.admin.target_path'); - - $this->request->expects($this->any()) - ->method('getSession') - ->will($this->returnValue($session)); - - $response = $this->expectRedirectResponse('/admin/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $handler->setProviderKey('admin'); - - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathIsPassedAsReferer() - { - $options = array('use_referer' => true); - - $this->request->headers->expects($this->once()) - ->method('get')->with('Referer') - ->will($this->returnValue('/dashboard')); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testRefererHasToBeDifferentThatLoginUrl() - { - $options = array('use_referer' => true); - - $this->request->headers->expects($this->any()) - ->method('get')->with('Referer') - ->will($this->returnValue('/login')); - - $this->httpUtils->expects($this->once()) - ->method('generateUri')->with($this->request, '/login') - ->will($this->returnValue('/login')); - - $response = $this->expectRedirectResponse('/'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testRefererTargetPathIsIgnoredByDefault() - { - $this->request->headers->expects($this->never())->method('get'); - - $response = $this->expectRedirectResponse('/'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - private function expectRedirectResponse($path) - { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - - $this->httpUtils->expects($this->once()) - ->method('createRedirectResponse') - ->with($this->request, $path) - ->will($this->returnValue($response)); - - return $response; - } -} diff --git a/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php deleted file mode 100644 index 5640789..0000000 --- a/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php +++ /dev/null @@ -1,43 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\EntryPoint; - -use Symfony\Component\Security\Http\EntryPoint\BasicAuthenticationEntryPoint; -use Symfony\Component\Security\Core\Exception\AuthenticationException; - -class BasicAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase -{ - public function testStart() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - - $authException = new AuthenticationException('The exception message'); - - $entryPoint = new BasicAuthenticationEntryPoint('TheRealmName'); - $response = $entryPoint->start($request, $authException); - - $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate')); - $this->assertEquals(401, $response->getStatusCode()); - } - - public function testStartWithoutAuthException() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - - $entryPoint = new BasicAuthenticationEntryPoint('TheRealmName'); - - $response = $entryPoint->start($request); - - $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate')); - $this->assertEquals(401, $response->getStatusCode()); - } -} diff --git a/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php deleted file mode 100644 index 5c6eccc..0000000 --- a/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php +++ /dev/null @@ -1,56 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\EntryPoint; - -use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint; -use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\Exception\NonceExpiredException; - -class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase -{ - public function testStart() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - - $authenticationException = new AuthenticationException('TheAuthenticationExceptionMessage'); - - $entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheKey'); - $response = $entryPoint->start($request, $authenticationException); - - $this->assertEquals(401, $response->getStatusCode()); - $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate')); - } - - public function testStartWithNoException() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - - $entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheKey'); - $response = $entryPoint->start($request); - - $this->assertEquals(401, $response->getStatusCode()); - $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate')); - } - - public function testStartWithNonceExpiredException() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - - $nonceExpiredException = new NonceExpiredException('TheNonceExpiredExceptionMessage'); - - $entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheKey'); - $response = $entryPoint->start($request, $nonceExpiredException); - - $this->assertEquals(401, $response->getStatusCode()); - $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}", stale="true"$/', $response->headers->get('WWW-Authenticate')); - } -} diff --git a/Tests/Http/EntryPoint/FormAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/FormAuthenticationEntryPointTest.php deleted file mode 100644 index 097912d..0000000 --- a/Tests/Http/EntryPoint/FormAuthenticationEntryPointTest.php +++ /dev/null @@ -1,67 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\EntryPoint; - -use Symfony\Component\Security\Http\EntryPoint\FormAuthenticationEntryPoint; -use Symfony\Component\HttpKernel\HttpKernelInterface; - -class FormAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase -{ - public function testStart() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - - $httpKernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'); - $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); - $httpUtils - ->expects($this->once()) - ->method('createRedirectResponse') - ->with($this->equalTo($request), $this->equalTo('/the/login/path')) - ->will($this->returnValue($response)) - ; - - $entryPoint = new FormAuthenticationEntryPoint($httpKernel, $httpUtils, '/the/login/path', false); - - $this->assertEquals($response, $entryPoint->start($request)); - } - - public function testStartWithUseForward() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $subRequest = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $response = new \Symfony\Component\HttpFoundation\Response('', 200); - - $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); - $httpUtils - ->expects($this->once()) - ->method('createRequest') - ->with($this->equalTo($request), $this->equalTo('/the/login/path')) - ->will($this->returnValue($subRequest)) - ; - - $httpKernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'); - $httpKernel - ->expects($this->once()) - ->method('handle') - ->with($this->equalTo($subRequest), $this->equalTo(HttpKernelInterface::SUB_REQUEST)) - ->will($this->returnValue($response)) - ; - - $entryPoint = new FormAuthenticationEntryPoint($httpKernel, $httpUtils, '/the/login/path', true); - - $entryPointResponse = $entryPoint->start($request); - - $this->assertEquals($response, $entryPointResponse); - $this->assertEquals(401, $entryPointResponse->headers->get('X-Status-Code')); - } -} diff --git a/Tests/Http/EntryPoint/RetryAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/RetryAuthenticationEntryPointTest.php deleted file mode 100644 index 59ec912..0000000 --- a/Tests/Http/EntryPoint/RetryAuthenticationEntryPointTest.php +++ /dev/null @@ -1,64 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\EntryPoint; - -use Symfony\Component\Security\Http\EntryPoint\RetryAuthenticationEntryPoint; -use Symfony\Component\HttpFoundation\Request; - -class RetryAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase -{ - /** - * @dataProvider dataForStart - */ - public function testStart($httpPort, $httpsPort, $request, $expectedUrl) - { - $entryPoint = new RetryAuthenticationEntryPoint($httpPort, $httpsPort); - $response = $entryPoint->start($request); - - $this->assertInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse', $response); - $this->assertEquals($expectedUrl, $response->headers->get('Location')); - } - - public function dataForStart() - { - if (!class_exists('Symfony\Component\HttpFoundation\Request')) { - return array(array()); - } - - return array( - array( - 80, - 443, - Request::create('http://localhost/foo/bar?baz=bat'), - 'https://localhost/foo/bar?baz=bat', - ), - array( - 80, - 443, - Request::create('https://localhost/foo/bar?baz=bat'), - 'http://localhost/foo/bar?baz=bat', - ), - array( - 80, - 123, - Request::create('http://localhost/foo/bar?baz=bat'), - 'https://localhost:123/foo/bar?baz=bat', - ), - array( - 8080, - 443, - Request::create('https://localhost/foo/bar?baz=bat'), - 'http://localhost:8080/foo/bar?baz=bat', - ), - ); - } -} diff --git a/Tests/Http/Firewall/AbstractPreAuthenticatedListenerTest.php b/Tests/Http/Firewall/AbstractPreAuthenticatedListenerTest.php deleted file mode 100644 index d6373b3..0000000 --- a/Tests/Http/Firewall/AbstractPreAuthenticatedListenerTest.php +++ /dev/null @@ -1,252 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken; -use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; -use Symfony\Component\Security\Core\Exception\AuthenticationException; - -class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase -{ - public function testHandleWithValidValues() - { - $userCredentials = array('TheUser', 'TheCredentials'); - - $request = new Request(array(), array(), array(), array(), array(), array()); - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - $context - ->expects($this->once()) - ->method('setToken') - ->with($this->equalTo($token)) - ; - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authenticationManager - ->expects($this->once()) - ->method('authenticate') - ->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken')) - ->will($this->returnValue($token)) - ; - - $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, - $authenticationManager, - 'TheProviderKey', - )); - $listener - ->expects($this->once()) - ->method('getPreAuthenticatedData') - ->will($this->returnValue($userCredentials)); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWhenAuthenticationFails() - { - $userCredentials = array('TheUser', 'TheCredentials'); - - $request = new Request(array(), array(), array(), array(), array(), array()); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - $context - ->expects($this->never()) - ->method('setToken') - ; - - $exception = new AuthenticationException('Authentication failed.'); - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authenticationManager - ->expects($this->once()) - ->method('authenticate') - ->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken')) - ->will($this->throwException($exception)) - ; - - $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, - $authenticationManager, - 'TheProviderKey', - )); - $listener - ->expects($this->once()) - ->method('getPreAuthenticatedData') - ->will($this->returnValue($userCredentials)); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWhenAuthenticationFailsWithDifferentToken() - { - $userCredentials = array('TheUser', 'TheCredentials'); - - $token = new UsernamePasswordToken('TheUsername', 'ThePassword', 'TheProviderKey', array('ROLE_FOO')); - - $request = new Request(array(), array(), array(), array(), array(), array()); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - $context - ->expects($this->never()) - ->method('setToken') - ; - - $exception = new AuthenticationException('Authentication failed.'); - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authenticationManager - ->expects($this->once()) - ->method('authenticate') - ->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken')) - ->will($this->throwException($exception)) - ; - - $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, - $authenticationManager, - 'TheProviderKey', - )); - $listener - ->expects($this->once()) - ->method('getPreAuthenticatedData') - ->will($this->returnValue($userCredentials)); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWithASimilarAuthenticatedToken() - { - $userCredentials = array('TheUser', 'TheCredentials'); - - $request = new Request(array(), array(), array(), array(), array(), array()); - - $token = new PreAuthenticatedToken('TheUser', 'TheCredentials', 'TheProviderKey', array('ROLE_FOO')); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authenticationManager - ->expects($this->never()) - ->method('authenticate') - ; - - $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, - $authenticationManager, - 'TheProviderKey', - )); - $listener - ->expects($this->once()) - ->method('getPreAuthenticatedData') - ->will($this->returnValue($userCredentials)); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWithAnInvalidSimilarToken() - { - $userCredentials = array('TheUser', 'TheCredentials'); - - $request = new Request(array(), array(), array(), array(), array(), array()); - - $token = new PreAuthenticatedToken('AnotherUser', 'TheCredentials', 'TheProviderKey', array('ROLE_FOO')); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - $context - ->expects($this->once()) - ->method('setToken') - ->with($this->equalTo(null)) - ; - - $exception = new AuthenticationException('Authentication failed.'); - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authenticationManager - ->expects($this->once()) - ->method('authenticate') - ->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken')) - ->will($this->throwException($exception)) - ; - - $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, - $authenticationManager, - 'TheProviderKey', - )); - $listener - ->expects($this->once()) - ->method('getPreAuthenticatedData') - ->will($this->returnValue($userCredentials)); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } -} diff --git a/Tests/Http/Firewall/AccessListenerTest.php b/Tests/Http/Firewall/AccessListenerTest.php deleted file mode 100644 index 961c792..0000000 --- a/Tests/Http/Firewall/AccessListenerTest.php +++ /dev/null @@ -1,208 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\Security\Http\Firewall\AccessListener; - -class AccessListenerTest extends \PHPUnit_Framework_TestCase -{ - /** - * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException - */ - public function testHandleWhenTheAccessDecisionManagerDecidesToRefuseAccess() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - - $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'); - $accessMap - ->expects($this->any()) - ->method('getPatterns') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(array('foo' => 'bar'), null))) - ; - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->any()) - ->method('isAuthenticated') - ->will($this->returnValue(true)) - ; - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - - $accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); - $accessDecisionManager - ->expects($this->once()) - ->method('decide') - ->with($this->equalTo($token), $this->equalTo(array('foo' => 'bar')), $this->equalTo($request)) - ->will($this->returnValue(false)) - ; - - $listener = new AccessListener( - $context, - $accessDecisionManager, - $accessMap, - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface') - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWhenTheTokenIsNotAuthenticated() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - - $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'); - $accessMap - ->expects($this->any()) - ->method('getPatterns') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(array('foo' => 'bar'), null))) - ; - - $notAuthenticatedToken = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $notAuthenticatedToken - ->expects($this->any()) - ->method('isAuthenticated') - ->will($this->returnValue(false)) - ; - - $authenticatedToken = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $authenticatedToken - ->expects($this->any()) - ->method('isAuthenticated') - ->will($this->returnValue(true)) - ; - - $authManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authManager - ->expects($this->once()) - ->method('authenticate') - ->with($this->equalTo($notAuthenticatedToken)) - ->will($this->returnValue($authenticatedToken)) - ; - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($notAuthenticatedToken)) - ; - $context - ->expects($this->once()) - ->method('setToken') - ->with($this->equalTo($authenticatedToken)) - ; - - $accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); - $accessDecisionManager - ->expects($this->once()) - ->method('decide') - ->with($this->equalTo($authenticatedToken), $this->equalTo(array('foo' => 'bar')), $this->equalTo($request)) - ->will($this->returnValue(true)) - ; - - $listener = new AccessListener( - $context, - $accessDecisionManager, - $accessMap, - $authManager - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWhenThereIsNoAccessMapEntryMatchingTheRequest() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - - $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'); - $accessMap - ->expects($this->any()) - ->method('getPatterns') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(null, null))) - ; - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->never()) - ->method('isAuthenticated') - ; - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - - $listener = new AccessListener( - $context, - $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'), - $accessMap, - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface') - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - /** - * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException - */ - public function testHandleWhenTheSecurityContextHasNoToken() - { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - - $listener = new AccessListener( - $context, - $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'), - $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'), - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface') - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - - $listener->handle($event); - } -} diff --git a/Tests/Http/Firewall/AnonymousAuthenticationListenerTest.php b/Tests/Http/Firewall/AnonymousAuthenticationListenerTest.php deleted file mode 100644 index 0666ef3..0000000 --- a/Tests/Http/Firewall/AnonymousAuthenticationListenerTest.php +++ /dev/null @@ -1,68 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\Security\Http\Firewall\AnonymousAuthenticationListener; - -class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase -{ - public function testHandleWithContextHavingAToken() - { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))) - ; - $context - ->expects($this->never()) - ->method('setToken') - ; - - $listener = new AnonymousAuthenticationListener($context, 'TheKey'); - $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); - } - - public function testHandleWithContextHavingNoToken() - { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - $context - ->expects($this->once()) - ->method('setToken') - ->with(self::logicalAnd( - $this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken'), - $this->attributeEqualTo('key', 'TheKey') - )) - ; - - $listener = new AnonymousAuthenticationListener($context, 'TheKey'); - $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); - } - - public function testHandledEventIsLogged() - { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $logger = $this->getMock('Psr\Log\LoggerInterface'); - $logger->expects($this->once()) - ->method('info') - ->with('Populated SecurityContext with an anonymous Token') - ; - - $listener = new AnonymousAuthenticationListener($context, 'TheKey', $logger); - $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); - } -} diff --git a/Tests/Http/Firewall/BasicAuthenticationListenerTest.php b/Tests/Http/Firewall/BasicAuthenticationListenerTest.php deleted file mode 100644 index 65dc185..0000000 --- a/Tests/Http/Firewall/BasicAuthenticationListenerTest.php +++ /dev/null @@ -1,249 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken; -use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Http\Firewall\BasicAuthenticationListener; -use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager; - -class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase -{ - public function testHandleWithValidUsernameAndPasswordServerParameters() - { - $request = new Request(array(), array(), array(), array(), array(), array( - 'PHP_AUTH_USER' => 'TheUsername', - 'PHP_AUTH_PW' => 'ThePassword', - )); - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - $context - ->expects($this->once()) - ->method('setToken') - ->with($this->equalTo($token)) - ; - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authenticationManager - ->expects($this->once()) - ->method('authenticate') - ->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken')) - ->will($this->returnValue($token)) - ; - - $listener = new BasicAuthenticationListener( - $context, - $authenticationManager, - 'TheProviderKey', - $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWhenAuthenticationFails() - { - $request = new Request(array(), array(), array(), array(), array(), array( - 'PHP_AUTH_USER' => 'TheUsername', - 'PHP_AUTH_PW' => 'ThePassword', - )); - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - $context - ->expects($this->never()) - ->method('setToken') - ; - - $response = new Response(); - - $authenticationEntryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface'); - $authenticationEntryPoint - ->expects($this->any()) - ->method('start') - ->with($this->equalTo($request), $this->isInstanceOf('Symfony\Component\Security\Core\Exception\AuthenticationException')) - ->will($this->returnValue($response)) - ; - - $listener = new BasicAuthenticationListener( - $context, - new AuthenticationProviderManager(array($this->getMock('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface'))), - 'TheProviderKey', - $authenticationEntryPoint - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - $event - ->expects($this->once()) - ->method('setResponse') - ->with($this->equalTo($response)) - ; - - $listener->handle($event); - } - - public function testHandleWithNoUsernameServerParameter() - { - $request = new Request(); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->never()) - ->method('getToken') - ; - - $listener = new BasicAuthenticationListener( - $context, - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), - 'TheProviderKey', - $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - public function testHandleWithASimilarAuthenticatedToken() - { - $request = new Request(array(), array(), array(), array(), array(), array('PHP_AUTH_USER' => 'TheUsername')); - - $token = new UsernamePasswordToken('TheUsername', 'ThePassword', 'TheProviderKey', array('ROLE_FOO')); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $authenticationManager - ->expects($this->never()) - ->method('authenticate') - ; - - $listener = new BasicAuthenticationListener( - $context, - $authenticationManager, - 'TheProviderKey', - $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - /** - * @expectedException \InvalidArgumentException - * @expectedExceptionMessage $providerKey must not be empty - */ - public function testItRequiresProviderKey() - { - new BasicAuthenticationListener( - $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), - '', - $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') - ); - } - - public function testHandleWithADifferentAuthenticatedToken() - { - $request = new Request(array(), array(), array(), array(), array(), array( - 'PHP_AUTH_USER' => 'TheUsername', - 'PHP_AUTH_PW' => 'ThePassword', - )); - - $token = new PreAuthenticatedToken('TheUser', 'TheCredentials', 'TheProviderKey', array('ROLE_FOO')); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - $context - ->expects($this->never()) - ->method('setToken') - ; - - $response = new Response(); - - $authenticationEntryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface'); - $authenticationEntryPoint - ->expects($this->any()) - ->method('start') - ->with($this->equalTo($request), $this->isInstanceOf('Symfony\Component\Security\Core\Exception\AuthenticationException')) - ->will($this->returnValue($response)) - ; - - $listener = new BasicAuthenticationListener( - $context, - new AuthenticationProviderManager(array($this->getMock('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface'))), - 'TheProviderKey', - $authenticationEntryPoint - ); - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - $event - ->expects($this->once()) - ->method('setResponse') - ->with($this->equalTo($response)) - ; - - $listener->handle($event); - } -} diff --git a/Tests/Http/Firewall/ChannelListenerTest.php b/Tests/Http/Firewall/ChannelListenerTest.php deleted file mode 100644 index 5e583e0..0000000 --- a/Tests/Http/Firewall/ChannelListenerTest.php +++ /dev/null @@ -1,180 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\Security\Http\Firewall\ChannelListener; -use Symfony\Component\HttpFoundation\Response; - -class ChannelListenerTest extends \PHPUnit_Framework_TestCase -{ - public function testHandleWithNotSecuredRequestAndHttpChannel() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $request - ->expects($this->any()) - ->method('isSecure') - ->will($this->returnValue(false)) - ; - - $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'); - $accessMap - ->expects($this->any()) - ->method('getPatterns') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(array(), 'http'))) - ; - - $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface'); - $entryPoint - ->expects($this->never()) - ->method('start') - ; - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - $event - ->expects($this->never()) - ->method('setResponse') - ; - - $listener = new ChannelListener($accessMap, $entryPoint); - $listener->handle($event); - } - - public function testHandleWithSecuredRequestAndHttpsChannel() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $request - ->expects($this->any()) - ->method('isSecure') - ->will($this->returnValue(true)) - ; - - $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'); - $accessMap - ->expects($this->any()) - ->method('getPatterns') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(array(), 'https'))) - ; - - $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface'); - $entryPoint - ->expects($this->never()) - ->method('start') - ; - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - $event - ->expects($this->never()) - ->method('setResponse') - ; - - $listener = new ChannelListener($accessMap, $entryPoint); - $listener->handle($event); - } - - public function testHandleWithNotSecuredRequestAndHttpsChannel() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $request - ->expects($this->any()) - ->method('isSecure') - ->will($this->returnValue(false)) - ; - - $response = new Response(); - - $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'); - $accessMap - ->expects($this->any()) - ->method('getPatterns') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(array(), 'https'))) - ; - - $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface'); - $entryPoint - ->expects($this->once()) - ->method('start') - ->with($this->equalTo($request)) - ->will($this->returnValue($response)) - ; - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - $event - ->expects($this->once()) - ->method('setResponse') - ->with($this->equalTo($response)) - ; - - $listener = new ChannelListener($accessMap, $entryPoint); - $listener->handle($event); - } - - public function testHandleWithSecuredRequestAndHttpChannel() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $request - ->expects($this->any()) - ->method('isSecure') - ->will($this->returnValue(true)) - ; - - $response = new Response(); - - $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'); - $accessMap - ->expects($this->any()) - ->method('getPatterns') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(array(), 'http'))) - ; - - $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface'); - $entryPoint - ->expects($this->once()) - ->method('start') - ->with($this->equalTo($request)) - ->will($this->returnValue($response)) - ; - - $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - $event - ->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - $event - ->expects($this->once()) - ->method('setResponse') - ->with($this->equalTo($response)) - ; - - $listener = new ChannelListener($accessMap, $entryPoint); - $listener->handle($event); - } -} diff --git a/Tests/Http/Firewall/ContextListenerTest.php b/Tests/Http/Firewall/ContextListenerTest.php deleted file mode 100644 index 6b4ef73..0000000 --- a/Tests/Http/Firewall/ContextListenerTest.php +++ /dev/null @@ -1,278 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\HttpFoundation\Session\Session; -use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage; -use Symfony\Component\HttpKernel\Event\FilterResponseEvent; -use Symfony\Component\HttpKernel\HttpKernelInterface; -use Symfony\Component\HttpKernel\KernelEvents; -use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; -use Symfony\Component\Security\Core\SecurityContext; -use Symfony\Component\Security\Http\Firewall\ContextListener; -use Symfony\Component\EventDispatcher\EventDispatcher; - -class ContextListenerTest extends \PHPUnit_Framework_TestCase -{ - protected function setUp() - { - $this->securityContext = new SecurityContext( - $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), - $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface') - ); - } - - protected function tearDown() - { - unset($this->securityContext); - } - - /** - * @expectedException \InvalidArgumentException - * @expectedExceptionMessage $contextKey must not be empty - */ - public function testItRequiresContextKey() - { - new ContextListener( - $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), - array(), - '' - ); - } - - /** - * @expectedException \InvalidArgumentException - * @expectedExceptionMessage User provider "stdClass" must implement "Symfony\Component\Security\Core\User\UserProviderInterface - */ - public function testUserProvidersNeedToImplementAnInterface() - { - new ContextListener( - $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), - array(new \stdClass()), - 'key123' - ); - } - - public function testOnKernelResponseWillAddSession() - { - $session = $this->runSessionOnKernelResponse( - new UsernamePasswordToken('test1', 'pass1', 'phpunit'), - null - ); - - $token = unserialize($session->get('_security_session')); - $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $token); - $this->assertEquals('test1', $token->getUsername()); - } - - public function testOnKernelResponseWillReplaceSession() - { - $session = $this->runSessionOnKernelResponse( - new UsernamePasswordToken('test1', 'pass1', 'phpunit'), - 'C:10:"serialized"' - ); - - $token = unserialize($session->get('_security_session')); - $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', $token); - $this->assertEquals('test1', $token->getUsername()); - } - - public function testOnKernelResponseWillRemoveSession() - { - $session = $this->runSessionOnKernelResponse( - null, - 'C:10:"serialized"' - ); - - $this->assertFalse($session->has('_security_session')); - } - - public function testOnKernelResponseWithoutSession() - { - $this->securityContext->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit')); - $request = new Request(); - $session = new Session(new MockArraySessionStorage()); - $request->setSession($session); - - $event = new FilterResponseEvent( - $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), - $request, - HttpKernelInterface::MASTER_REQUEST, - new Response() - ); - - $listener = new ContextListener($this->securityContext, array(), 'session', null, new EventDispatcher()); - $listener->onKernelResponse($event); - - $this->assertTrue($session->isStarted()); - } - - public function testOnKernelResponseWithoutSessionNorToken() - { - $request = new Request(); - $session = new Session(new MockArraySessionStorage()); - $request->setSession($session); - - $event = new FilterResponseEvent( - $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), - $request, - HttpKernelInterface::MASTER_REQUEST, - new Response() - ); - - $listener = new ContextListener($this->securityContext, array(), 'session', null, new EventDispatcher()); - $listener->onKernelResponse($event); - - $this->assertFalse($session->isStarted()); - } - - /** - * @dataProvider provideInvalidToken - */ - public function testInvalidTokenInSession($token) - { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') - ->disableOriginalConstructor() - ->getMock(); - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface'); - - $event->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)); - $request->expects($this->any()) - ->method('hasPreviousSession') - ->will($this->returnValue(true)); - $request->expects($this->any()) - ->method('getSession') - ->will($this->returnValue($session)); - $session->expects($this->any()) - ->method('get') - ->with('_security_key123') - ->will($this->returnValue($token)); - $context->expects($this->once()) - ->method('setToken') - ->with(null); - - $listener = new ContextListener($context, array(), 'key123'); - $listener->handle($event); - } - - public function provideInvalidToken() - { - return array( - array(serialize(new \__PHP_Incomplete_Class())), - array(serialize(null)), - array(null), - ); - } - - public function testHandleAddsKernelResponseListener() - { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); - $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') - ->disableOriginalConstructor() - ->getMock(); - - $listener = new ContextListener($context, array(), 'key123', null, $dispatcher); - - $event->expects($this->any()) - ->method('getRequestType') - ->will($this->returnValue(HttpKernelInterface::MASTER_REQUEST)); - $event->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($this->getMock('Symfony\Component\HttpFoundation\Request'))); - - $dispatcher->expects($this->once()) - ->method('addListener') - ->with(KernelEvents::RESPONSE, array($listener, 'onKernelResponse')); - - $listener->handle($event); - } - - public function testOnKernelResponseListenerRemovesItself() - { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); - $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\FilterResponseEvent') - ->disableOriginalConstructor() - ->getMock(); - - $listener = new ContextListener($context, array(), 'key123', null, $dispatcher); - - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $request->expects($this->any()) - ->method('hasSession') - ->will($this->returnValue(true)); - - $event->expects($this->any()) - ->method('getRequestType') - ->will($this->returnValue(HttpKernelInterface::MASTER_REQUEST)); - $event->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)); - - $dispatcher->expects($this->once()) - ->method('removeListener') - ->with(KernelEvents::RESPONSE, array($listener, 'onKernelResponse')); - - $listener->onKernelResponse($event); - } - - public function testHandleRemovesTokenIfNoPreviousSessionWasFound() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $request->expects($this->any())->method('hasPreviousSession')->will($this->returnValue(false)); - - $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') - ->disableOriginalConstructor() - ->getMock(); - $event->expects($this->any())->method('getRequest')->will($this->returnValue($request)); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context->expects($this->once())->method('setToken')->with(null); - - $listener = new ContextListener($context, array(), 'key123'); - $listener->handle($event); - } - - protected function runSessionOnKernelResponse($newToken, $original = null) - { - $session = new Session(new MockArraySessionStorage()); - - if ($original !== null) { - $session->set('_security_session', $original); - } - - $this->securityContext->setToken($newToken); - - $request = new Request(); - $request->setSession($session); - $request->cookies->set('MOCKSESSID', true); - - $event = new FilterResponseEvent( - $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), - $request, - HttpKernelInterface::MASTER_REQUEST, - new Response() - ); - - $listener = new ContextListener($this->securityContext, array(), 'session', null, new EventDispatcher()); - $listener->onKernelResponse($event); - - return $session; - } -} diff --git a/Tests/Http/Firewall/DigestDataTest.php b/Tests/Http/Firewall/DigestDataTest.php deleted file mode 100644 index e5be6f8..0000000 --- a/Tests/Http/Firewall/DigestDataTest.php +++ /dev/null @@ -1,181 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\Security\Http\Firewall\DigestData; - -class DigestDataTest extends \PHPUnit_Framework_TestCase -{ - public function testGetResponse() - { - $digestAuth = new DigestData( - 'username="user", realm="Welcome, robot!", '. - 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $this->assertEquals('b52938fc9e6d7c01be7702ece9031b42', $digestAuth->getResponse()); - } - - public function testGetUsername() - { - $digestAuth = new DigestData( - 'username="user", realm="Welcome, robot!", '. - 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $this->assertEquals('user', $digestAuth->getUsername()); - } - - public function testGetUsernameWithQuote() - { - $digestAuth = new DigestData( - 'username="\"user\"", realm="Welcome, robot!", '. - 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $this->assertEquals('"user"', $digestAuth->getUsername()); - } - - public function testGetUsernameWithQuoteAndEscape() - { - $digestAuth = new DigestData( - 'username="\"u\\\\\"ser\"", realm="Welcome, robot!", '. - 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $this->assertEquals('"u\\"ser"', $digestAuth->getUsername()); - } - - public function testGetUsernameWithSingleQuote() - { - $digestAuth = new DigestData( - 'username="\"u\'ser\"", realm="Welcome, robot!", '. - 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $this->assertEquals('"u\'ser"', $digestAuth->getUsername()); - } - - public function testGetUsernameWithSingleQuoteAndEscape() - { - $digestAuth = new DigestData( - 'username="\"u\\\'ser\"", realm="Welcome, robot!", '. - 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $this->assertEquals('"u\\\'ser"', $digestAuth->getUsername()); - } - - public function testGetUsernameWithEscape() - { - $digestAuth = new DigestData( - 'username="\"u\\ser\"", realm="Welcome, robot!", '. - 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $this->assertEquals('"u\\ser"', $digestAuth->getUsername()); - } - - public function testValidateAndDecode() - { - $time = microtime(true); - $key = 'ThisIsAKey'; - $nonce = base64_encode($time.':'.md5($time.':'.$key)); - - $digestAuth = new DigestData( - 'username="user", realm="Welcome, robot!", nonce="'.$nonce.'", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - try { - $digestAuth->validateAndDecode($key, 'Welcome, robot!'); - } catch (\Exception $e) { - $this->fail(sprintf('testValidateAndDecode fail with message: %s', $e->getMessage())); - } - } - - public function testCalculateServerDigest() - { - $this->calculateServerDigest('user', 'Welcome, robot!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); - } - - public function testCalculateServerDigestWithQuote() - { - $this->calculateServerDigest('\"user\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); - } - - public function testCalculateServerDigestWithQuoteAndEscape() - { - $this->calculateServerDigest('\"u\\\\\"ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); - } - - public function testCalculateServerDigestEscape() - { - $this->calculateServerDigest('\"u\\ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); - $this->calculateServerDigest('\"u\\ser\\\\\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); - } - - public function testIsNonceExpired() - { - $time = microtime(true) + 10; - $key = 'ThisIsAKey'; - $nonce = base64_encode($time.':'.md5($time.':'.$key)); - - $digestAuth = new DigestData( - 'username="user", realm="Welcome, robot!", nonce="'.$nonce.'", '. - 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", '. - 'response="b52938fc9e6d7c01be7702ece9031b42"' - ); - - $digestAuth->validateAndDecode($key, 'Welcome, robot!'); - - $this->assertFalse($digestAuth->isNonceExpired()); - } - - protected function setUp() - { - class_exists('Symfony\Component\Security\Http\Firewall\DigestAuthenticationListener', true); - } - - private function calculateServerDigest($username, $realm, $password, $key, $nc, $cnonce, $qop, $method, $uri) - { - $time = microtime(true); - $nonce = base64_encode($time.':'.md5($time.':'.$key)); - - $response = md5( - md5($username.':'.$realm.':'.$password).':'.$nonce.':'.$nc.':'.$cnonce.':'.$qop.':'.md5($method.':'.$uri) - ); - - $digest = sprintf('username="%s", realm="%s", nonce="%s", uri="%s", cnonce="%s", nc=%s, qop="%s", response="%s"', - $username, $realm, $nonce, $uri, $cnonce, $nc, $qop, $response - ); - - $digestAuth = new DigestData($digest); - - $this->assertEquals($digestAuth->getResponse(), $digestAuth->calculateServerDigest($password, $method)); - } -} diff --git a/Tests/Http/Firewall/ExceptionListenerTest.php b/Tests/Http/Firewall/ExceptionListenerTest.php deleted file mode 100644 index 12f18a6..0000000 --- a/Tests/Http/Firewall/ExceptionListenerTest.php +++ /dev/null @@ -1,189 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; -use Symfony\Component\HttpKernel\HttpKernelInterface; -use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; -use Symfony\Component\Security\Core\Exception\AccessDeniedException; -use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\SecurityContextInterface; -use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; -use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; -use Symfony\Component\Security\Http\Firewall\ExceptionListener; -use Symfony\Component\Security\Http\HttpUtils; - -class ExceptionListenerTest extends \PHPUnit_Framework_TestCase -{ - /** - * @dataProvider getAuthenticationExceptionProvider - */ - public function testAuthenticationExceptionWithoutEntryPoint(\Exception $exception, \Exception $eventException = null) - { - $event = $this->createEvent($exception); - - $listener = $this->createExceptionListener(); - $listener->onKernelException($event); - - $this->assertNull($event->getResponse()); - $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()); - } - - /** - * @dataProvider getAuthenticationExceptionProvider - */ - public function testAuthenticationExceptionWithEntryPoint(\Exception $exception, \Exception $eventException = null) - { - $event = $this->createEvent($exception = new AuthenticationException()); - - $listener = $this->createExceptionListener(null, null, null, $this->createEntryPoint()); - $listener->onKernelException($event); - - $this->assertEquals('OK', $event->getResponse()->getContent()); - $this->assertSame($exception, $event->getException()); - } - - public function getAuthenticationExceptionProvider() - { - return array( - array(new AuthenticationException()), - array(new \LogicException('random', 0, $e = new AuthenticationException()), $e), - array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AuthenticationException())), $e), - array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AccessDeniedException())), $e), - array(new AuthenticationException('random', 0, new \LogicException())), - ); - } - - /** - * @dataProvider getAccessDeniedExceptionProvider - */ - public function testAccessDeniedExceptionFullFledgedAndWithoutAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null) - { - $event = $this->createEvent($exception); - - $listener = $this->createExceptionListener(null, $this->createTrustResolver(true)); - $listener->onKernelException($event); - - $this->assertNull($event->getResponse()); - $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); - } - - /** - * @dataProvider getAccessDeniedExceptionProvider - */ - public function testAccessDeniedExceptionFullFledgedAndWithoutAccessDeniedHandlerAndWithErrorPage(\Exception $exception, \Exception $eventException = null) - { - $kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'); - $kernel->expects($this->once())->method('handle')->will($this->returnValue(new Response('error'))); - - $event = $this->createEvent($exception, $kernel); - - $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); - $httpUtils->expects($this->once())->method('createRequest')->will($this->returnValue(Request::create('/error'))); - - $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), $httpUtils, null, '/error'); - $listener->onKernelException($event); - - $this->assertEquals('error', $event->getResponse()->getContent()); - $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); - } - - /** - * @dataProvider getAccessDeniedExceptionProvider - */ - public function testAccessDeniedExceptionFullFledgedAndWithAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null) - { - $event = $this->createEvent($exception); - - $accessDeniedHandler = $this->getMock('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface'); - $accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue(new Response('error'))); - - $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $accessDeniedHandler); - $listener->onKernelException($event); - - $this->assertEquals('error', $event->getResponse()->getContent()); - $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); - } - - /** - * @dataProvider getAccessDeniedExceptionProvider - */ - public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \Exception $eventException = null) - { - $event = $this->createEvent($exception); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context->expects($this->once())->method('getToken')->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))); - - $listener = $this->createExceptionListener($context, $this->createTrustResolver(false), null, $this->createEntryPoint()); - $listener->onKernelException($event); - - $this->assertEquals('OK', $event->getResponse()->getContent()); - $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); - } - - public function getAccessDeniedExceptionProvider() - { - return array( - array(new AccessDeniedException()), - array(new \LogicException('random', 0, $e = new AccessDeniedException()), $e), - array(new \LogicException('random', 0, $e = new AccessDeniedException('embed', new AccessDeniedException())), $e), - array(new \LogicException('random', 0, $e = new AccessDeniedException('embed', new AuthenticationException())), $e), - array(new AccessDeniedException('random', new \LogicException())), - ); - } - - private function createEntryPoint() - { - $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface'); - $entryPoint->expects($this->once())->method('start')->will($this->returnValue(new Response('OK'))); - - return $entryPoint; - } - - private function createTrustResolver($fullFledged) - { - $trustResolver = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface'); - $trustResolver->expects($this->once())->method('isFullFledged')->will($this->returnValue($fullFledged)); - - return $trustResolver; - } - - private function createEvent(\Exception $exception, $kernel = null) - { - if (null === $kernel) { - $kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'); - } - - $event = new GetResponseForExceptionEvent($kernel, Request::create('/'), HttpKernelInterface::MASTER_REQUEST, $exception); - - $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); - $event->setDispatcher($dispatcher); - - return $event; - } - - private function createExceptionListener(SecurityContextInterface $context = null, AuthenticationTrustResolverInterface $trustResolver = null, HttpUtils $httpUtils = null, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null) - { - return new ExceptionListener( - $context ?: $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), - $trustResolver ?: $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface'), - $httpUtils ?: $this->getMock('Symfony\Component\Security\Http\HttpUtils'), - 'key', - $authenticationEntryPoint, - $errorPage, - $accessDeniedHandler - ); - } -} diff --git a/Tests/Http/Firewall/LogoutListenerTest.php b/Tests/Http/Firewall/LogoutListenerTest.php deleted file mode 100644 index 9301086..0000000 --- a/Tests/Http/Firewall/LogoutListenerTest.php +++ /dev/null @@ -1,239 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Http\Firewall\LogoutListener; - -class LogoutListenerTest extends \PHPUnit_Framework_TestCase -{ - public function testHandleUnmatchedPath() - { - list($listener, $context, $httpUtils, $options) = $this->getListener(); - - list($event, $request) = $this->getGetResponseEvent(); - - $event->expects($this->never()) - ->method('setResponse'); - - $httpUtils->expects($this->once()) - ->method('checkRequestPath') - ->with($request, $options['logout_path']) - ->will($this->returnValue(false)); - - $listener->handle($event); - } - - public function testHandleMatchedPathWithSuccessHandlerAndCsrfValidation() - { - $successHandler = $this->getSuccessHandler(); - $csrfProvider = $this->getCsrfProvider(); - - list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler, $csrfProvider); - - list($event, $request) = $this->getGetResponseEvent(); - - $request->query->set('_csrf_token', $csrfToken = 'token'); - - $httpUtils->expects($this->once()) - ->method('checkRequestPath') - ->with($request, $options['logout_path']) - ->will($this->returnValue(true)); - - $csrfProvider->expects($this->once()) - ->method('isCsrfTokenValid') - ->with('logout', $csrfToken) - ->will($this->returnValue(true)); - - $successHandler->expects($this->once()) - ->method('onLogoutSuccess') - ->with($request) - ->will($this->returnValue($response = new Response())); - - $context->expects($this->once()) - ->method('getToken') - ->will($this->returnValue($token = $this->getToken())); - - $handler = $this->getHandler(); - $handler->expects($this->once()) - ->method('logout') - ->with($request, $response, $token); - - $context->expects($this->once()) - ->method('setToken') - ->with(null); - - $event->expects($this->once()) - ->method('setResponse') - ->with($response); - - $listener->addHandler($handler); - - $listener->handle($event); - } - - public function testHandleMatchedPathWithoutSuccessHandlerAndCsrfValidation() - { - $successHandler = $this->getSuccessHandler(); - - list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler); - - list($event, $request) = $this->getGetResponseEvent(); - - $httpUtils->expects($this->once()) - ->method('checkRequestPath') - ->with($request, $options['logout_path']) - ->will($this->returnValue(true)); - - $successHandler->expects($this->once()) - ->method('onLogoutSuccess') - ->with($request) - ->will($this->returnValue($response = new Response())); - - $context->expects($this->once()) - ->method('getToken') - ->will($this->returnValue($token = $this->getToken())); - - $handler = $this->getHandler(); - $handler->expects($this->once()) - ->method('logout') - ->with($request, $response, $token); - - $context->expects($this->once()) - ->method('setToken') - ->with(null); - - $event->expects($this->once()) - ->method('setResponse') - ->with($response); - - $listener->addHandler($handler); - - $listener->handle($event); - } - - /** - * @expectedException \RuntimeException - */ - public function testSuccessHandlerReturnsNonResponse() - { - $successHandler = $this->getSuccessHandler(); - - list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler); - - list($event, $request) = $this->getGetResponseEvent(); - - $httpUtils->expects($this->once()) - ->method('checkRequestPath') - ->with($request, $options['logout_path']) - ->will($this->returnValue(true)); - - $successHandler->expects($this->once()) - ->method('onLogoutSuccess') - ->with($request) - ->will($this->returnValue(null)); - - $listener->handle($event); - } - - /** - * @expectedException \Symfony\Component\Security\Core\Exception\LogoutException - */ - public function testCsrfValidationFails() - { - $csrfProvider = $this->getCsrfProvider(); - - list($listener, $context, $httpUtils, $options) = $this->getListener(null, $csrfProvider); - - list($event, $request) = $this->getGetResponseEvent(); - - $request->query->set('_csrf_token', $csrfToken = 'token'); - - $httpUtils->expects($this->once()) - ->method('checkRequestPath') - ->with($request, $options['logout_path']) - ->will($this->returnValue(true)); - - $csrfProvider->expects($this->once()) - ->method('isCsrfTokenValid') - ->with('logout', $csrfToken) - ->will($this->returnValue(false)); - - $listener->handle($event); - } - - private function getCsrfProvider() - { - return $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface'); - } - - private function getContext() - { - return $this->getMockBuilder('Symfony\Component\Security\Core\SecurityContext') - ->disableOriginalConstructor() - ->getMock(); - } - - private function getGetResponseEvent() - { - $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') - ->disableOriginalConstructor() - ->getMock(); - - $event->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request = new Request())); - - return array($event, $request); - } - - private function getHandler() - { - return $this->getMock('Symfony\Component\Security\Http\Logout\LogoutHandlerInterface'); - } - - private function getHttpUtils() - { - return $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils') - ->disableOriginalConstructor() - ->getMock(); - } - - private function getListener($successHandler = null, $csrfProvider = null) - { - $listener = new LogoutListener( - $context = $this->getContext(), - $httpUtils = $this->getHttpUtils(), - $successHandler ?: $this->getSuccessHandler(), - $options = array( - 'csrf_parameter' => '_csrf_token', - 'intention' => 'logout', - 'logout_path' => '/logout', - 'target_url' => '/', - ), - $csrfProvider - ); - - return array($listener, $context, $httpUtils, $options); - } - - private function getSuccessHandler() - { - return $this->getMock('Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface'); - } - - private function getToken() - { - return $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - } -} diff --git a/Tests/Http/Firewall/RememberMeListenerTest.php b/Tests/Http/Firewall/RememberMeListenerTest.php deleted file mode 100644 index 8316a8c..0000000 --- a/Tests/Http/Firewall/RememberMeListenerTest.php +++ /dev/null @@ -1,247 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Http\Firewall\RememberMeListener; -use Symfony\Component\HttpFoundation\Request; - -class RememberMeListenerTest extends \PHPUnit_Framework_TestCase -{ - public function testOnCoreSecurityDoesNotTryToPopulateNonEmptySecurityContext() - { - list($listener, $context, $service) = $this->getListener(); - - $context - ->expects($this->once()) - ->method('getToken') - ->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))) - ; - - $context - ->expects($this->never()) - ->method('setToken') - ; - - $this->assertNull($listener->handle($this->getGetResponseEvent())); - } - - public function testOnCoreSecurityDoesNothingWhenNoCookieIsSet() - { - list($listener, $context, $service) = $this->getListener(); - - $context - ->expects($this->once()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - - $service - ->expects($this->once()) - ->method('autoLogin') - ->will($this->returnValue(null)) - ; - - $event = $this->getGetResponseEvent(); - $event - ->expects($this->once()) - ->method('getRequest') - ->will($this->returnValue(new Request())) - ; - - $this->assertNull($listener->handle($event)); - } - - public function testOnCoreSecurityIgnoresAuthenticationExceptionThrownByAuthenticationManagerImplementation() - { - list($listener, $context, $service, $manager) = $this->getListener(); - - $context - ->expects($this->once()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - - $service - ->expects($this->once()) - ->method('autoLogin') - ->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))) - ; - - $service - ->expects($this->once()) - ->method('loginFail') - ; - - $exception = new AuthenticationException('Authentication failed.'); - $manager - ->expects($this->once()) - ->method('authenticate') - ->will($this->throwException($exception)) - ; - - $event = $this->getGetResponseEvent(); - $event - ->expects($this->once()) - ->method('getRequest') - ->will($this->returnValue(new Request())) - ; - - $listener->handle($event); - } - - public function testOnCoreSecurity() - { - list($listener, $context, $service, $manager) = $this->getListener(); - - $context - ->expects($this->once()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $service - ->expects($this->once()) - ->method('autoLogin') - ->will($this->returnValue($token)) - ; - - $context - ->expects($this->once()) - ->method('setToken') - ->with($this->equalTo($token)) - ; - - $manager - ->expects($this->once()) - ->method('authenticate') - ->will($this->returnValue($token)) - ; - - $event = $this->getGetResponseEvent(); - $event - ->expects($this->once()) - ->method('getRequest') - ->will($this->returnValue(new Request())) - ; - - $listener->handle($event); - } - - public function testSessionStrategy() - { - list($listener, $tokenStorage, $service, $manager) = $this->getListener(); - - $tokenStorage - ->expects($this->once()) - ->method('getToken') - ->will($this->returnValue(null)) - ; - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $service - ->expects($this->once()) - ->method('autoLogin') - ->will($this->returnValue($token)) - ; - - $tokenStorage - ->expects($this->once()) - ->method('setToken') - ->with($this->equalTo($token)) - ; - - $manager - ->expects($this->once()) - ->method('authenticate') - ->will($this->returnValue($token)) - ; - - $session = $this->getMock('\Symfony\Component\HttpFoundation\Session\SessionInterface'); - $session - ->expects($this->once()) - ->method('isStarted') - ->will($this->returnValue(true)) - ; - $session - ->expects($this->once()) - ->method('migrate') - ; - - $request = $this->getMock('\Symfony\Component\HttpFoundation\Request'); - $request - ->expects($this->any()) - ->method('hasSession') - ->will($this->returnValue(true)) - ; - - $request - ->expects($this->any()) - ->method('getSession') - ->will($this->returnValue($session)) - ; - - $event = $this->getGetResponseEvent(); - $event - ->expects($this->once()) - ->method('getRequest') - ->will($this->returnValue($request)) - ; - - $listener->handle($event); - } - - protected function getGetResponseEvent() - { - return $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); - } - - protected function getFilterResponseEvent() - { - return $this->getMock('Symfony\Component\HttpKernel\Event\FilterResponseEvent', array(), array(), '', false); - } - - protected function getListener() - { - $listener = new RememberMeListener( - $context = $this->getContext(), - $service = $this->getService(), - $manager = $this->getManager(), - $logger = $this->getLogger() - ); - - return array($listener, $context, $service, $manager, $logger); - } - - protected function getLogger() - { - return $this->getMock('Psr\Log\LoggerInterface'); - } - - protected function getManager() - { - return $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - } - - protected function getService() - { - return $this->getMock('Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface'); - } - - protected function getContext() - { - return $this->getMockBuilder('Symfony\Component\Security\Core\SecurityContext') - ->disableOriginalConstructor() - ->getMock(); - } -} diff --git a/Tests/Http/Firewall/SwitchUserListenerTest.php b/Tests/Http/Firewall/SwitchUserListenerTest.php deleted file mode 100644 index 4e795c8..0000000 --- a/Tests/Http/Firewall/SwitchUserListenerTest.php +++ /dev/null @@ -1,266 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\Security\Http\Event\SwitchUserEvent; -use Symfony\Component\Security\Http\Firewall\SwitchUserListener; -use Symfony\Component\Security\Http\SecurityEvents; - -class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase -{ - private $securityContext; - - private $userProvider; - - private $userChecker; - - private $accessDecisionManager; - - private $request; - - private $event; - - protected function setUp() - { - $this->securityContext = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $this->userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface'); - $this->userChecker = $this->getMock('Symfony\Component\Security\Core\User\UserCheckerInterface'); - $this->accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); - $this->request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $this->request->server = $this->getMock('Symfony\Component\HttpFoundation\ServerBag'); - $this->event = $this->getEvent($this->request); - } - - /** - * @expectedException \InvalidArgumentException - * @expectedExceptionMessage $providerKey must not be empty - */ - public function testProviderKeyIsRequired() - { - new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, '', $this->accessDecisionManager); - } - - public function testEventIsIgnoredIfUsernameIsNotPassedWithTheRequest() - { - $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue(null)); - - $this->event->expects($this->never())->method('setResponse'); - $this->securityContext->expects($this->never())->method('setToken'); - - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); - $listener->handle($this->event); - } - - /** - * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException - */ - public function testExitUserThrowsAuthenticationExceptionIfOriginalTokenCannotBeFound() - { - $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); - - $this->securityContext->expects($this->any())->method('getToken')->will($this->returnValue($token)); - $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit')); - - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); - $listener->handle($this->event); - } - - public function testExitUserUpdatesToken() - { - $originalToken = $this->getToken(); - $role = $this->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') - ->disableOriginalConstructor() - ->getMock(); - $role->expects($this->any())->method('getSource')->will($this->returnValue($originalToken)); - - $this->securityContext->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($this->getToken(array($role)))); - - $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit')); - $this->request->expects($this->any())->method('getUri')->will($this->returnValue('/')); - $this->request->server->expects($this->once())->method('set')->with('QUERY_STRING', ''); - - $this->securityContext->expects($this->once()) - ->method('setToken')->with($originalToken); - $this->event->expects($this->once()) - ->method('setResponse')->with($this->isInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse')); - - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); - $listener->handle($this->event); - } - - public function testExitUserDispatchesEventWithRefreshedUser() - { - $originalUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $refreshedUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $this - ->userProvider - ->expects($this->any()) - ->method('refreshUser') - ->with($originalUser) - ->willReturn($refreshedUser); - $originalToken = $this->getToken(); - $originalToken - ->expects($this->any()) - ->method('getUser') - ->willReturn($originalUser); - $role = $this - ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') - ->disableOriginalConstructor() - ->getMock(); - $role->expects($this->any())->method('getSource')->willReturn($originalToken); - $this - ->securityContext - ->expects($this->any()) - ->method('getToken') - ->willReturn($this->getToken(array($role))); - $this - ->request - ->expects($this->any()) - ->method('get') - ->with('_switch_user') - ->willReturn('_exit'); - $this - ->request - ->expects($this->any()) - ->method('getUri') - ->willReturn('/'); - - $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); - $dispatcher - ->expects($this->once()) - ->method('dispatch') - ->with(SecurityEvents::SWITCH_USER, $this->callback(function (SwitchUserEvent $event) use ($refreshedUser) { - return $event->getTargetUser() === $refreshedUser; - })) - ; - - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher); - $listener->handle($this->event); - } - - public function testExitUserDoesNotDispatchEventWithStringUser() - { - $originalUser = 'anon.'; - $this - ->userProvider - ->expects($this->never()) - ->method('refreshUser'); - $originalToken = $this->getToken(); - $originalToken - ->expects($this->any()) - ->method('getUser') - ->willReturn($originalUser); - $role = $this - ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') - ->disableOriginalConstructor() - ->getMock(); - $role - ->expects($this->any()) - ->method('getSource') - ->willReturn($originalToken); - $this - ->securityContext - ->expects($this->any()) - ->method('getToken') - ->willReturn($this->getToken(array($role))); - $this - ->request - ->expects($this->any()) - ->method('get') - ->with('_switch_user') - ->willReturn('_exit'); - $this - ->request - ->expects($this->any()) - ->method('getUri') - ->willReturn('/'); - - $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); - $dispatcher - ->expects($this->never()) - ->method('dispatch') - ; - - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher); - $listener->handle($this->event); - } - - /** - * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException - */ - public function testSwitchUserIsDissallowed() - { - $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); - - $this->securityContext->expects($this->any())->method('getToken')->will($this->returnValue($token)); - $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba')); - - $this->accessDecisionManager->expects($this->once()) - ->method('decide')->with($token, array('ROLE_ALLOWED_TO_SWITCH')) - ->will($this->returnValue(false)); - - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); - $listener->handle($this->event); - } - - public function testSwitchUser() - { - $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); - $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $user->expects($this->any())->method('getRoles')->will($this->returnValue(array())); - - $this->securityContext->expects($this->any())->method('getToken')->will($this->returnValue($token)); - $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba')); - $this->request->expects($this->any())->method('getUri')->will($this->returnValue('/')); - $this->request->server->expects($this->once())->method('set')->with('QUERY_STRING', ''); - - $this->accessDecisionManager->expects($this->once()) - ->method('decide')->with($token, array('ROLE_ALLOWED_TO_SWITCH')) - ->will($this->returnValue(true)); - - $this->userProvider->expects($this->once()) - ->method('loadUserByUsername')->with('kuba') - ->will($this->returnValue($user)); - $this->userChecker->expects($this->once()) - ->method('checkPostAuth')->with($user); - $this->securityContext->expects($this->once()) - ->method('setToken')->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken')); - - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); - $listener->handle($this->event); - } - - private function getEvent($request) - { - $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') - ->disableOriginalConstructor() - ->getMock(); - - $event->expects($this->any()) - ->method('getRequest') - ->will($this->returnValue($request)); - - return $event; - } - - private function getToken(array $roles = array()) - { - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token->expects($this->any()) - ->method('getRoles') - ->will($this->returnValue($roles)); - - return $token; - } -} diff --git a/Tests/Http/Firewall/X509AuthenticationListenerTest.php b/Tests/Http/Firewall/X509AuthenticationListenerTest.php deleted file mode 100644 index b28c0ac..0000000 --- a/Tests/Http/Firewall/X509AuthenticationListenerTest.php +++ /dev/null @@ -1,123 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Firewall; - -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Security\Http\Firewall\X509AuthenticationListener; - -class X509AuthenticationListenerTest extends \PHPUnit_Framework_TestCase -{ - /** - * @dataProvider dataProviderGetPreAuthenticatedData - */ - public function testGetPreAuthenticatedData($user, $credentials) - { - $serverVars = array(); - if ('' !== $user) { - $serverVars['SSL_CLIENT_S_DN_Email'] = $user; - } - if ('' !== $credentials) { - $serverVars['SSL_CLIENT_S_DN'] = $credentials; - } - - $request = new Request(array(), array(), array(), array(), array(), $serverVars); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey'); - - $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); - $method->setAccessible(true); - - $result = $method->invokeArgs($listener, array($request)); - $this->assertSame($result, array($user, $credentials)); - } - - public static function dataProviderGetPreAuthenticatedData() - { - return array( - 'validValues' => array('TheUser', 'TheCredentials'), - 'noCredentials' => array('TheUser', ''), - ); - } - - /** - * @dataProvider dataProviderGetPreAuthenticatedDataNoUser - */ - public function testGetPreAuthenticatedDataNoUser($emailAddress) - { - $credentials = 'CN=Sample certificate DN/emailAddress='.$emailAddress; - $request = new Request(array(), array(), array(), array(), array(), array('SSL_CLIENT_S_DN' => $credentials)); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey'); - - $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); - $method->setAccessible(true); - - $result = $method->invokeArgs($listener, array($request)); - $this->assertSame($result, array($emailAddress, $credentials)); - } - - public static function dataProviderGetPreAuthenticatedDataNoUser() - { - return array( - 'basicEmailAddress' => array('cert@example.com'), - 'emailAddressWithPlusSign' => array('cert+something@example.com'), - ); - } - - /** - * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException - */ - public function testGetPreAuthenticatedDataNoData() - { - $request = new Request(array(), array(), array(), array(), array(), array()); - - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey'); - - $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); - $method->setAccessible(true); - - $result = $method->invokeArgs($listener, array($request)); - } - - public function testGetPreAuthenticatedDataWithDifferentKeys() - { - $userCredentials = array('TheUser', 'TheCredentials'); - - $request = new Request(array(), array(), array(), array(), array(), array( - 'TheUserKey' => 'TheUser', - 'TheCredentialsKey' => 'TheCredentials', - )); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - - $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey', 'TheUserKey', 'TheCredentialsKey'); - - $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); - $method->setAccessible(true); - - $result = $method->invokeArgs($listener, array($request)); - $this->assertSame($result, $userCredentials); - } -} diff --git a/Tests/Http/FirewallMapTest.php b/Tests/Http/FirewallMapTest.php deleted file mode 100644 index 5d3a72a..0000000 --- a/Tests/Http/FirewallMapTest.php +++ /dev/null @@ -1,117 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http; - -use Symfony\Component\Security\Http\FirewallMap; -use Symfony\Component\HttpFoundation\Request; - -class FirewallMapTest extends \PHPUnit_Framework_TestCase -{ - public function testGetListeners() - { - $map = new FirewallMap(); - - $request = new Request(); - - $notMatchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher'); - $notMatchingMatcher - ->expects($this->once()) - ->method('matches') - ->with($this->equalTo($request)) - ->will($this->returnValue(false)) - ; - - $map->add($notMatchingMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'))); - - $matchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher'); - $matchingMatcher - ->expects($this->once()) - ->method('matches') - ->with($this->equalTo($request)) - ->will($this->returnValue(true)) - ; - $theListener = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'); - $theException = $this->getMock('Symfony\Component\Security\Http\Firewall\ExceptionListener', array(), array(), '', false); - - $map->add($matchingMatcher, array($theListener), $theException); - - $tooLateMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher'); - $tooLateMatcher - ->expects($this->never()) - ->method('matches') - ; - - $map->add($tooLateMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'))); - - list($listeners, $exception) = $map->getListeners($request); - - $this->assertEquals(array($theListener), $listeners); - $this->assertEquals($theException, $exception); - } - - public function testGetListenersWithAnEntryHavingNoRequestMatcher() - { - $map = new FirewallMap(); - - $request = new Request(); - - $notMatchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher'); - $notMatchingMatcher - ->expects($this->once()) - ->method('matches') - ->with($this->equalTo($request)) - ->will($this->returnValue(false)) - ; - - $map->add($notMatchingMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'))); - - $theListener = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'); - $theException = $this->getMock('Symfony\Component\Security\Http\Firewall\ExceptionListener', array(), array(), '', false); - - $map->add(null, array($theListener), $theException); - - $tooLateMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher'); - $tooLateMatcher - ->expects($this->never()) - ->method('matches') - ; - - $map->add($tooLateMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'))); - - list($listeners, $exception) = $map->getListeners($request); - - $this->assertEquals(array($theListener), $listeners); - $this->assertEquals($theException, $exception); - } - - public function testGetListenersWithNoMatchingEntry() - { - $map = new FirewallMap(); - - $request = new Request(); - - $notMatchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher'); - $notMatchingMatcher - ->expects($this->once()) - ->method('matches') - ->with($this->equalTo($request)) - ->will($this->returnValue(false)) - ; - - $map->add($notMatchingMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'))); - - list($listeners, $exception) = $map->getListeners($request); - - $this->assertEquals(array(), $listeners); - $this->assertNull($exception); - } -} diff --git a/Tests/Http/FirewallTest.php b/Tests/Http/FirewallTest.php deleted file mode 100644 index 7fd2cda..0000000 --- a/Tests/Http/FirewallTest.php +++ /dev/null @@ -1,108 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http; - -use Symfony\Component\Security\Http\Firewall; -use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\HttpKernelInterface; - -class FirewallTest extends \PHPUnit_Framework_TestCase -{ - public function testOnKernelRequestRegistersExceptionListener() - { - $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); - - $listener = $this->getMock('Symfony\Component\Security\Http\Firewall\ExceptionListener', array(), array(), '', false); - $listener - ->expects($this->once()) - ->method('register') - ->with($this->equalTo($dispatcher)) - ; - - $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - - $map = $this->getMock('Symfony\Component\Security\Http\FirewallMapInterface'); - $map - ->expects($this->once()) - ->method('getListeners') - ->with($this->equalTo($request)) - ->will($this->returnValue(array(array(), $listener))) - ; - - $event = new GetResponseEvent($this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), $request, HttpKernelInterface::MASTER_REQUEST); - - $firewall = new Firewall($map, $dispatcher); - $firewall->onKernelRequest($event); - } - - public function testOnKernelRequestStopsWhenThereIsAResponse() - { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - - $first = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'); - $first - ->expects($this->once()) - ->method('handle') - ; - - $second = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'); - $second - ->expects($this->never()) - ->method('handle') - ; - - $map = $this->getMock('Symfony\Component\Security\Http\FirewallMapInterface'); - $map - ->expects($this->once()) - ->method('getListeners') - ->will($this->returnValue(array(array($first, $second), null))) - ; - - $event = $this->getMock( - 'Symfony\Component\HttpKernel\Event\GetResponseEvent', - array('hasResponse'), - array( - $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), - $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false), - HttpKernelInterface::MASTER_REQUEST, - ) - ); - $event - ->expects($this->once()) - ->method('hasResponse') - ->will($this->returnValue(true)) - ; - - $firewall = new Firewall($map, $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface')); - $firewall->onKernelRequest($event); - } - - public function testOnKernelRequestWithSubRequest() - { - $map = $this->getMock('Symfony\Component\Security\Http\FirewallMapInterface'); - $map - ->expects($this->never()) - ->method('getListeners') - ; - - $event = new GetResponseEvent( - $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), - $this->getMock('Symfony\Component\HttpFoundation\Request'), - HttpKernelInterface::SUB_REQUEST - ); - - $firewall = new Firewall($map, $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface')); - $firewall->onKernelRequest($event); - - $this->assertFalse($event->hasResponse()); - } -} diff --git a/Tests/Http/HttpUtilsTest.php b/Tests/Http/HttpUtilsTest.php deleted file mode 100644 index 4a69242..0000000 --- a/Tests/Http/HttpUtilsTest.php +++ /dev/null @@ -1,267 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http; - -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Routing\Exception\MethodNotAllowedException; -use Symfony\Component\Routing\Exception\ResourceNotFoundException; -use Symfony\Component\Routing\Generator\UrlGeneratorInterface; -use Symfony\Component\Security\Core\SecurityContextInterface; -use Symfony\Component\Security\Http\HttpUtils; - -class HttpUtilsTest extends \PHPUnit_Framework_TestCase -{ - public function testCreateRedirectResponseWithPath() - { - $utils = new HttpUtils($this->getUrlGenerator()); - $response = $utils->createRedirectResponse($this->getRequest(), '/foobar'); - - $this->assertTrue($response->isRedirect('http://localhost/foobar')); - $this->assertEquals(302, $response->getStatusCode()); - } - - public function testCreateRedirectResponseWithAbsoluteUrl() - { - $utils = new HttpUtils($this->getUrlGenerator()); - $response = $utils->createRedirectResponse($this->getRequest(), 'http://symfony.com/'); - - $this->assertTrue($response->isRedirect('http://symfony.com/')); - } - - public function testCreateRedirectResponseWithRouteName() - { - $utils = new HttpUtils($urlGenerator = $this->getMock('Symfony\Component\Routing\Generator\UrlGeneratorInterface')); - - $urlGenerator - ->expects($this->any()) - ->method('generate') - ->with('foobar', array(), UrlGeneratorInterface::ABSOLUTE_URL) - ->will($this->returnValue('http://localhost/foo/bar')) - ; - $urlGenerator - ->expects($this->any()) - ->method('getContext') - ->will($this->returnValue($this->getMock('Symfony\Component\Routing\RequestContext'))) - ; - - $response = $utils->createRedirectResponse($this->getRequest(), 'foobar'); - - $this->assertTrue($response->isRedirect('http://localhost/foo/bar')); - } - - public function testCreateRequestWithPath() - { - $request = $this->getRequest(); - $request->server->set('Foo', 'bar'); - - $utils = new HttpUtils($this->getUrlGenerator()); - $subRequest = $utils->createRequest($request, '/foobar'); - - $this->assertEquals('GET', $subRequest->getMethod()); - $this->assertEquals('/foobar', $subRequest->getPathInfo()); - $this->assertEquals('bar', $subRequest->server->get('Foo')); - } - - public function testCreateRequestWithRouteName() - { - $utils = new HttpUtils($urlGenerator = $this->getMock('Symfony\Component\Routing\Generator\UrlGeneratorInterface')); - - $urlGenerator - ->expects($this->once()) - ->method('generate') - ->will($this->returnValue('/foo/bar')) - ; - $urlGenerator - ->expects($this->any()) - ->method('getContext') - ->will($this->returnValue($this->getMock('Symfony\Component\Routing\RequestContext'))) - ; - - $subRequest = $utils->createRequest($this->getRequest(), 'foobar'); - - $this->assertEquals('/foo/bar', $subRequest->getPathInfo()); - } - - public function testCreateRequestWithAbsoluteUrl() - { - $utils = new HttpUtils($this->getMock('Symfony\Component\Routing\Generator\UrlGeneratorInterface')); - $subRequest = $utils->createRequest($this->getRequest(), 'http://symfony.com/'); - - $this->assertEquals('/', $subRequest->getPathInfo()); - } - - public function testCreateRequestPassesSessionToTheNewRequest() - { - $request = $this->getRequest(); - $request->setSession($session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface')); - - $utils = new HttpUtils($this->getUrlGenerator()); - $subRequest = $utils->createRequest($request, '/foobar'); - - $this->assertSame($session, $subRequest->getSession()); - } - - /** - * @dataProvider provideSecurityContextAttributes - */ - public function testCreateRequestPassesSecurityContextAttributesToTheNewRequest($attribute) - { - $request = $this->getRequest(); - $request->attributes->set($attribute, 'foo'); - - $utils = new HttpUtils($this->getUrlGenerator()); - $subRequest = $utils->createRequest($request, '/foobar'); - - $this->assertSame('foo', $subRequest->attributes->get($attribute)); - } - - public function provideSecurityContextAttributes() - { - return array( - array(SecurityContextInterface::AUTHENTICATION_ERROR), - array(SecurityContextInterface::ACCESS_DENIED_ERROR), - array(SecurityContextInterface::LAST_USERNAME), - ); - } - - public function testCheckRequestPath() - { - $utils = new HttpUtils($this->getUrlGenerator()); - - $this->assertTrue($utils->checkRequestPath($this->getRequest(), '/')); - $this->assertFalse($utils->checkRequestPath($this->getRequest(), '/foo')); - $this->assertTrue($utils->checkRequestPath($this->getRequest('/foo%20bar'), '/foo bar')); - // Plus must not decoded to space - $this->assertTrue($utils->checkRequestPath($this->getRequest('/foo+bar'), '/foo+bar')); - // Checking unicode - $this->assertTrue($utils->checkRequestPath($this->getRequest(urlencode('/вход')), '/вход')); - } - - public function testCheckRequestPathWithUrlMatcherAndResourceNotFound() - { - $urlMatcher = $this->getMock('Symfony\Component\Routing\Matcher\UrlMatcherInterface'); - $urlMatcher - ->expects($this->any()) - ->method('match') - ->with('/') - ->will($this->throwException(new ResourceNotFoundException())) - ; - - $utils = new HttpUtils(null, $urlMatcher); - $this->assertFalse($utils->checkRequestPath($this->getRequest(), 'foobar')); - } - - public function testCheckRequestPathWithUrlMatcherAndMethodNotAllowed() - { - $request = $this->getRequest(); - $urlMatcher = $this->getMock('Symfony\Component\Routing\Matcher\RequestMatcherInterface'); - $urlMatcher - ->expects($this->any()) - ->method('matchRequest') - ->with($request) - ->will($this->throwException(new MethodNotAllowedException(array()))) - ; - - $utils = new HttpUtils(null, $urlMatcher); - $this->assertFalse($utils->checkRequestPath($request, 'foobar')); - } - - public function testCheckRequestPathWithUrlMatcherAndResourceFoundByUrl() - { - $urlMatcher = $this->getMock('Symfony\Component\Routing\Matcher\UrlMatcherInterface'); - $urlMatcher - ->expects($this->any()) - ->method('match') - ->with('/foo/bar') - ->will($this->returnValue(array('_route' => 'foobar'))) - ; - - $utils = new HttpUtils(null, $urlMatcher); - $this->assertTrue($utils->checkRequestPath($this->getRequest('/foo/bar'), 'foobar')); - } - - public function testCheckRequestPathWithUrlMatcherAndResourceFoundByRequest() - { - $request = $this->getRequest(); - $urlMatcher = $this->getMock('Symfony\Component\Routing\Matcher\RequestMatcherInterface'); - $urlMatcher - ->expects($this->any()) - ->method('matchRequest') - ->with($request) - ->will($this->returnValue(array('_route' => 'foobar'))) - ; - - $utils = new HttpUtils(null, $urlMatcher); - $this->assertTrue($utils->checkRequestPath($request, 'foobar')); - } - - /** - * @expectedException \RuntimeException - */ - public function testCheckRequestPathWithUrlMatcherLoadingException() - { - $urlMatcher = $this->getMock('Symfony\Component\Routing\Matcher\UrlMatcherInterface'); - $urlMatcher - ->expects($this->any()) - ->method('match') - ->will($this->throwException(new \RuntimeException())) - ; - - $utils = new HttpUtils(null, $urlMatcher); - $utils->checkRequestPath($this->getRequest(), 'foobar'); - } - - /** - * @expectedException \InvalidArgumentException - * @expectedExceptionMessage Matcher must either implement UrlMatcherInterface or RequestMatcherInterface - */ - public function testUrlMatcher() - { - new HttpUtils($this->getUrlGenerator(), new \stdClass()); - } - - public function testGenerateUriRemovesQueryString() - { - $utils = new HttpUtils($this->getUrlGenerator('/foo/bar')); - $this->assertEquals('/foo/bar', $utils->generateUri(new Request(), 'route_name')); - - $utils = new HttpUtils($this->getUrlGenerator('/foo/bar?param=value')); - $this->assertEquals('/foo/bar', $utils->generateUri(new Request(), 'route_name')); - } - - /** - * @expectedException \LogicException - * @expectedExceptionMessage You must provide a UrlGeneratorInterface instance to be able to use routes. - */ - public function testUrlGeneratorIsRequiredToGenerateUrl() - { - $utils = new HttpUtils(); - $utils->generateUri(new Request(), 'route_name'); - } - - private function getUrlGenerator($generatedUrl = '/foo/bar') - { - $urlGenerator = $this->getMock('Symfony\Component\Routing\Generator\UrlGeneratorInterface'); - $urlGenerator - ->expects($this->any()) - ->method('generate') - ->will($this->returnValue($generatedUrl)) - ; - - return $urlGenerator; - } - - private function getRequest($path = '/') - { - return Request::create($path, 'get'); - } -} diff --git a/Tests/Http/Logout/CookieClearingLogoutHandlerTest.php b/Tests/Http/Logout/CookieClearingLogoutHandlerTest.php deleted file mode 100644 index c443d8d..0000000 --- a/Tests/Http/Logout/CookieClearingLogoutHandlerTest.php +++ /dev/null @@ -1,49 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Logout; - -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\HttpFoundation\ResponseHeaderBag; -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Security\Http\Logout\CookieClearingLogoutHandler; - -class CookieClearingLogoutHandlerTest extends \PHPUnit_Framework_TestCase -{ - public function testLogout() - { - $request = new Request(); - $response = new Response(); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $handler = new CookieClearingLogoutHandler(array('foo' => array('path' => '/foo', 'domain' => 'foo.foo'), 'foo2' => array('path' => null, 'domain' => null))); - - $cookies = $response->headers->getCookies(); - $this->assertCount(0, $cookies); - - $handler->logout($request, $response, $token); - - $cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY); - $this->assertCount(2, $cookies); - - $cookie = $cookies['foo.foo']['/foo']['foo']; - $this->assertEquals('foo', $cookie->getName()); - $this->assertEquals('/foo', $cookie->getPath()); - $this->assertEquals('foo.foo', $cookie->getDomain()); - $this->assertTrue($cookie->isCleared()); - - $cookie = $cookies['']['/']['foo2']; - $this->assertStringStartsWith('foo2', $cookie->getName()); - $this->assertEquals('/', $cookie->getPath()); - $this->assertNull($cookie->getDomain()); - $this->assertTrue($cookie->isCleared()); - } -} diff --git a/Tests/Http/Logout/DefaultLogoutSuccessHandlerTest.php b/Tests/Http/Logout/DefaultLogoutSuccessHandlerTest.php deleted file mode 100644 index f18604d..0000000 --- a/Tests/Http/Logout/DefaultLogoutSuccessHandlerTest.php +++ /dev/null @@ -1,34 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Logout; - -use Symfony\Component\Security\Http\Logout\DefaultLogoutSuccessHandler; - -class DefaultLogoutSuccessHandlerTest extends \PHPUnit_Framework_TestCase -{ - public function testLogout() - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - - $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); - $httpUtils->expects($this->once()) - ->method('createRedirectResponse') - ->with($request, '/dashboard') - ->will($this->returnValue($response)); - - $handler = new DefaultLogoutSuccessHandler($httpUtils, '/dashboard'); - $result = $handler->onLogoutSuccess($request); - - $this->assertSame($response, $result); - } -} diff --git a/Tests/Http/Logout/SessionLogoutHandlerTest.php b/Tests/Http/Logout/SessionLogoutHandlerTest.php deleted file mode 100644 index f89a423..0000000 --- a/Tests/Http/Logout/SessionLogoutHandlerTest.php +++ /dev/null @@ -1,40 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Logout; - -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Http\Logout\SessionLogoutHandler; - -class SessionLogoutHandlerTest extends \PHPUnit_Framework_TestCase -{ - public function testLogout() - { - $handler = new SessionLogoutHandler(); - - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $response = new Response(); - $session = $this->getMock('Symfony\Component\HttpFoundation\Session\Session', array(), array(), '', false); - - $request - ->expects($this->once()) - ->method('getSession') - ->will($this->returnValue($session)) - ; - - $session - ->expects($this->once()) - ->method('invalidate') - ; - - $handler->logout($request, $response, $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); - } -} diff --git a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php b/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php deleted file mode 100644 index c98b6b4..0000000 --- a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php +++ /dev/null @@ -1,311 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\RememberMe; - -use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices; - -class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase -{ - public function testGetRememberMeParameter() - { - $service = $this->getService(null, array('remember_me_parameter' => 'foo')); - - $this->assertEquals('foo', $service->getRememberMeParameter()); - } - - public function testGetKey() - { - $service = $this->getService(); - $this->assertEquals('fookey', $service->getKey()); - } - - public function testAutoLoginReturnsNullWhenNoCookie() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); - - $this->assertNull($service->autoLogin(new Request())); - } - - /** - * @expectedException \RuntimeException - */ - public function testAutoLoginThrowsExceptionWhenImplementationDoesNotReturnUserInterface() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); - $request = new Request(); - $request->cookies->set('foo', 'foo'); - - $service - ->expects($this->once()) - ->method('processAutoLoginCookie') - ->will($this->returnValue(null)) - ; - - $service->autoLogin($request); - } - - public function testAutoLogin() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); - $request = new Request(); - $request->cookies->set('foo', 'foo'); - - $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $user - ->expects($this->once()) - ->method('getRoles') - ->will($this->returnValue(array())) - ; - - $service - ->expects($this->once()) - ->method('processAutoLoginCookie') - ->will($this->returnValue($user)) - ; - - $returnedToken = $service->autoLogin($request); - - $this->assertSame($user, $returnedToken->getUser()); - $this->assertSame('fookey', $returnedToken->getKey()); - $this->assertSame('fookey', $returnedToken->getProviderKey()); - } - - /** - * @dataProvider provideOptionsForLogout - */ - public function testLogout(array $options) - { - $service = $this->getService(null, $options); - $request = new Request(); - $response = new Response(); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $service->logout($request, $response, $token); - $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME); - $this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie); - $this->assertTrue($cookie->isCleared()); - $this->assertSame($options['name'], $cookie->getName()); - $this->assertSame($options['path'], $cookie->getPath()); - $this->assertSame($options['domain'], $cookie->getDomain()); - $this->assertSame($options['secure'], $cookie->isSecure()); - $this->assertSame($options['httponly'], $cookie->isHttpOnly()); - } - - public function provideOptionsForLogout() - { - return array( - array(array('name' => 'foo', 'path' => '/', 'domain' => null, 'secure' => false, 'httponly' => true)), - array(array('name' => 'foo', 'path' => '/bar', 'domain' => 'baz.com', 'secure' => true, 'httponly' => false)), - ); - } - - public function testLoginFail() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); - $request = new Request(); - - $service->loginFail($request); - - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testLoginSuccessIsNotProcessedWhenTokenDoesNotContainUserInterfaceImplementation() - { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true, 'path' => null, 'domain' => null)); - $request = new Request(); - $response = new Response(); - $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->once()) - ->method('getUser') - ->will($this->returnValue('foo')) - ; - - $service - ->expects($this->never()) - ->method('onLoginSuccess') - ; - - $this->assertFalse($request->request->has('foo')); - - $service->loginSuccess($request, $response, $token); - } - - public function testLoginSuccessIsNotProcessedWhenRememberMeIsNotRequested() - { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo', 'path' => null, 'domain' => null)); - $request = new Request(); - $response = new Response(); - $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->once()) - ->method('getUser') - ->will($this->returnValue($account)) - ; - - $service - ->expects($this->never()) - ->method('onLoginSuccess') - ->will($this->returnValue(null)) - ; - - $this->assertFalse($request->request->has('foo')); - - $service->loginSuccess($request, $response, $token); - } - - public function testLoginSuccessWhenRememberMeAlwaysIsTrue() - { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true, 'path' => null, 'domain' => null)); - $request = new Request(); - $response = new Response(); - $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->once()) - ->method('getUser') - ->will($this->returnValue($account)) - ; - - $service - ->expects($this->once()) - ->method('onLoginSuccess') - ->will($this->returnValue(null)) - ; - - $service->loginSuccess($request, $response, $token); - } - - /** - * @dataProvider getPositiveRememberMeParameterValues - */ - public function testLoginSuccessWhenRememberMeParameterWithPathIsPositive($value) - { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo[bar]', 'path' => null, 'domain' => null)); - - $request = new Request(); - $request->request->set('foo', array('bar' => $value)); - $response = new Response(); - $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->once()) - ->method('getUser') - ->will($this->returnValue($account)) - ; - - $service - ->expects($this->once()) - ->method('onLoginSuccess') - ->will($this->returnValue(true)) - ; - - $service->loginSuccess($request, $response, $token); - } - - /** - * @dataProvider getPositiveRememberMeParameterValues - */ - public function testLoginSuccessWhenRememberMeParameterIsPositive($value) - { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo', 'path' => null, 'domain' => null)); - - $request = new Request(); - $request->request->set('foo', $value); - $response = new Response(); - $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->once()) - ->method('getUser') - ->will($this->returnValue($account)) - ; - - $service - ->expects($this->once()) - ->method('onLoginSuccess') - ->will($this->returnValue(true)) - ; - - $service->loginSuccess($request, $response, $token); - } - - public function getPositiveRememberMeParameterValues() - { - return array( - array('true'), - array('1'), - array('on'), - array('yes'), - ); - } - - public function testEncodeCookieAndDecodeCookieAreInvertible() - { - $cookieParts = array('aa', 'bb', 'cc'); - $service = $this->getService(); - - $encoded = $this->callProtected($service, 'encodeCookie', array($cookieParts)); - $this->assertInternalType('string', $encoded); - - $decoded = $this->callProtected($service, 'decodeCookie', array($encoded)); - $this->assertSame($cookieParts, $decoded); - } - - /** - * @expectedException InvalidArgumentException - * @expectedExceptionMessage cookie delimiter - */ - public function testThereShouldBeNoCookieDelimiterInCookieParts() - { - $cookieParts = array('aa', 'b'.AbstractRememberMeServices::COOKIE_DELIMITER.'b', 'cc'); - $service = $this->getService(); - - $this->callProtected($service, 'encodeCookie', array($cookieParts)); - } - - protected function getService($userProvider = null, $options = array(), $logger = null) - { - if (null === $userProvider) { - $userProvider = $this->getProvider(); - } - - return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array( - array($userProvider), 'fookey', 'fookey', $options, $logger, - )); - } - - protected function getProvider() - { - $provider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface'); - $provider - ->expects($this->any()) - ->method('supportsClass') - ->will($this->returnValue(true)) - ; - - return $provider; - } - - private function callProtected($object, $method, array $args) - { - $reflection = new \ReflectionClass(get_class($object)); - $reflectionMethod = $reflection->getMethod($method); - $reflectionMethod->setAccessible(true); - - return $reflectionMethod->invokeArgs($object, $args); - } -} diff --git a/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php b/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php deleted file mode 100644 index 3ba8f99..0000000 --- a/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php +++ /dev/null @@ -1,339 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\RememberMe; - -use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; -use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; -use Symfony\Component\Security\Core\Authentication\RememberMe\PersistentToken; -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\HttpFoundation\ResponseHeaderBag; -use Symfony\Component\Security\Http\RememberMe\PersistentTokenBasedRememberMeServices; -use Symfony\Component\Security\Core\Exception\TokenNotFoundException; -use Symfony\Component\Security\Core\Exception\CookieTheftException; -use Symfony\Component\Security\Core\Util\SecureRandom; - -class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase -{ - public static function setUpBeforeClass() - { - try { - random_bytes(1); - } catch (\Exception $e) { - throw new \PHPUnit_Framework_SkippedTestError($e->getMessage()); - } - } - - public function testAutoLoginReturnsNullWhenNoCookie() - { - $service = $this->getService(null, array('name' => 'foo')); - - $this->assertNull($service->autoLogin(new Request())); - } - - public function testAutoLoginThrowsExceptionOnInvalidCookie() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => false, 'remember_me_parameter' => 'foo')); - $request = new Request(); - $request->request->set('foo', 'true'); - $request->cookies->set('foo', 'foo'); - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testAutoLoginThrowsExceptionOnNonExistentToken() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => false, 'remember_me_parameter' => 'foo')); - $request = new Request(); - $request->request->set('foo', 'true'); - $request->cookies->set('foo', $this->encodeCookie(array( - $series = 'fooseries', - $tokenValue = 'foovalue', - ))); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->once()) - ->method('loadTokenBySeries') - ->will($this->throwException(new TokenNotFoundException('Token not found.'))) - ; - $service->setTokenProvider($tokenProvider); - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testAutoLoginReturnsNullOnNonExistentUser() - { - $userProvider = $this->getProvider(); - $service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600, 'secure' => false, 'httponly' => false)); - $request = new Request(); - $request->cookies->set('foo', $this->encodeCookie(array('fooseries', 'foovalue'))); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->once()) - ->method('loadTokenBySeries') - ->will($this->returnValue(new PersistentToken('fooclass', 'fooname', 'fooseries', 'foovalue', new \DateTime()))) - ; - $service->setTokenProvider($tokenProvider); - - $userProvider - ->expects($this->once()) - ->method('loadUserByUsername') - ->will($this->throwException(new UsernameNotFoundException('user not found'))) - ; - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME)); - } - - public function testAutoLoginThrowsExceptionOnStolenCookieAndRemovesItFromThePersistentBackend() - { - $userProvider = $this->getProvider(); - $service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true)); - $request = new Request(); - $request->cookies->set('foo', $this->encodeCookie(array('fooseries', 'foovalue'))); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $service->setTokenProvider($tokenProvider); - - $tokenProvider - ->expects($this->once()) - ->method('loadTokenBySeries') - ->will($this->returnValue(new PersistentToken('fooclass', 'foouser', 'fooseries', 'anotherFooValue', new \DateTime()))) - ; - - $tokenProvider - ->expects($this->once()) - ->method('deleteTokenBySeries') - ->with($this->equalTo('fooseries')) - ->will($this->returnValue(null)) - ; - - try { - $service->autoLogin($request); - $this->fail('Expected CookieTheftException was not thrown.'); - } catch (CookieTheftException $e) { - } - - $this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME)); - } - - public function testAutoLoginDoesNotAcceptAnExpiredCookie() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600)); - $request = new Request(); - $request->cookies->set('foo', $this->encodeCookie(array('fooseries', 'foovalue'))); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->once()) - ->method('loadTokenBySeries') - ->with($this->equalTo('fooseries')) - ->will($this->returnValue(new PersistentToken('fooclass', 'username', 'fooseries', 'foovalue', new \DateTime('yesterday')))) - ; - $service->setTokenProvider($tokenProvider); - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME)); - } - - public function testAutoLogin() - { - $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $user - ->expects($this->once()) - ->method('getRoles') - ->will($this->returnValue(array('ROLE_FOO'))) - ; - - $userProvider = $this->getProvider(); - $userProvider - ->expects($this->once()) - ->method('loadUserByUsername') - ->with($this->equalTo('foouser')) - ->will($this->returnValue($user)) - ; - - $service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'secure' => false, 'httponly' => false, 'always_remember_me' => true, 'lifetime' => 3600)); - $request = new Request(); - $request->cookies->set('foo', $this->encodeCookie(array('fooseries', 'foovalue'))); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->once()) - ->method('loadTokenBySeries') - ->with($this->equalTo('fooseries')) - ->will($this->returnValue(new PersistentToken('fooclass', 'foouser', 'fooseries', 'foovalue', new \DateTime()))) - ; - $service->setTokenProvider($tokenProvider); - - $returnedToken = $service->autoLogin($request); - - $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', $returnedToken); - $this->assertSame($user, $returnedToken->getUser()); - $this->assertEquals('fookey', $returnedToken->getKey()); - $this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME)); - } - - public function testLogout() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => '/foo', 'domain' => 'foodomain.foo', 'secure' => true, 'httponly' => false)); - $request = new Request(); - $request->cookies->set('foo', $this->encodeCookie(array('fooseries', 'foovalue'))); - $response = new Response(); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->once()) - ->method('deleteTokenBySeries') - ->with($this->equalTo('fooseries')) - ->will($this->returnValue(null)) - ; - $service->setTokenProvider($tokenProvider); - - $service->logout($request, $response, $token); - - $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME); - $this->assertTrue($cookie->isCleared()); - $this->assertEquals('/foo', $cookie->getPath()); - $this->assertEquals('foodomain.foo', $cookie->getDomain()); - $this->assertTrue($cookie->isSecure()); - $this->assertFalse($cookie->isHttpOnly()); - } - - public function testLogoutSimplyIgnoresNonSetRequestCookie() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); - $request = new Request(); - $response = new Response(); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->never()) - ->method('deleteTokenBySeries') - ; - $service->setTokenProvider($tokenProvider); - - $service->logout($request, $response, $token); - - $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME); - $this->assertTrue($cookie->isCleared()); - $this->assertEquals('/', $cookie->getPath()); - $this->assertNull($cookie->getDomain()); - } - - public function testLogoutSimplyIgnoresInvalidCookie() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); - $request = new Request(); - $request->cookies->set('foo', 'somefoovalue'); - $response = new Response(); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->never()) - ->method('deleteTokenBySeries') - ; - $service->setTokenProvider($tokenProvider); - - $service->logout($request, $response, $token); - - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testLoginFail() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); - $request = new Request(); - - $this->assertFalse($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME)); - $service->loginFail($request); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testLoginSuccessSetsCookieWhenLoggedInWithNonRememberMeTokenInterfaceImplementation() - { - $service = $this->getService(null, array('name' => 'foo', 'domain' => 'myfoodomain.foo', 'path' => '/foo/path', 'secure' => true, 'httponly' => true, 'lifetime' => 3600, 'always_remember_me' => true)); - $request = new Request(); - $response = new Response(); - - $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $account - ->expects($this->once()) - ->method('getUsername') - ->will($this->returnValue('foo')) - ; - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->any()) - ->method('getUser') - ->will($this->returnValue($account)) - ; - - $tokenProvider = $this->getMock('Symfony\Component\Security\Core\Authentication\RememberMe\TokenProviderInterface'); - $tokenProvider - ->expects($this->once()) - ->method('createNewToken') - ; - $service->setTokenProvider($tokenProvider); - - $cookies = $response->headers->getCookies(); - $this->assertCount(0, $cookies); - - $service->loginSuccess($request, $response, $token); - - $cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY); - $cookie = $cookies['myfoodomain.foo']['/foo/path']['foo']; - $this->assertFalse($cookie->isCleared()); - $this->assertTrue($cookie->isSecure()); - $this->assertTrue($cookie->isHttpOnly()); - $this->assertTrue($cookie->getExpiresTime() > time() + 3590 && $cookie->getExpiresTime() < time() + 3610); - $this->assertEquals('myfoodomain.foo', $cookie->getDomain()); - $this->assertEquals('/foo/path', $cookie->getPath()); - } - - protected function encodeCookie(array $parts) - { - $service = $this->getService(); - $r = new \ReflectionMethod($service, 'encodeCookie'); - $r->setAccessible(true); - - return $r->invoke($service, $parts); - } - - protected function getService($userProvider = null, $options = array(), $logger = null) - { - if (null === $userProvider) { - $userProvider = $this->getProvider(); - } - - return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed')); - } - - protected function getProvider() - { - $provider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface'); - $provider - ->expects($this->any()) - ->method('supportsClass') - ->will($this->returnValue(true)) - ; - - return $provider; - } -} diff --git a/Tests/Http/RememberMe/ResponseListenerTest.php b/Tests/Http/RememberMe/ResponseListenerTest.php deleted file mode 100644 index bca2c43..0000000 --- a/Tests/Http/RememberMe/ResponseListenerTest.php +++ /dev/null @@ -1,102 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\RememberMe; - -use Symfony\Component\HttpKernel\HttpKernelInterface; -use Symfony\Component\Security\Http\RememberMe\ResponseListener; -use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Cookie; -use Symfony\Component\HttpKernel\KernelEvents; - -class ResponseListenerTest extends \PHPUnit_Framework_TestCase -{ - public function testRememberMeCookieIsSentWithResponse() - { - $cookie = new Cookie('rememberme'); - - $request = $this->getRequest(array( - RememberMeServicesInterface::COOKIE_ATTR_NAME => $cookie, - )); - - $response = $this->getResponse(); - $response->headers->expects($this->once())->method('setCookie')->with($cookie); - - $listener = new ResponseListener(); - $listener->onKernelResponse($this->getEvent($request, $response)); - } - - public function testRememberMeCookieIsNotSendWithResponseForSubRequests() - { - $cookie = new Cookie('rememberme'); - - $request = $this->getRequest(array( - RememberMeServicesInterface::COOKIE_ATTR_NAME => $cookie, - )); - - $response = $this->getResponse(); - $response->headers->expects($this->never())->method('setCookie'); - - $listener = new ResponseListener(); - $listener->onKernelResponse($this->getEvent($request, $response, HttpKernelInterface::SUB_REQUEST)); - } - - public function testRememberMeCookieIsNotSendWithResponse() - { - $request = $this->getRequest(); - - $response = $this->getResponse(); - $response->headers->expects($this->never())->method('setCookie'); - - $listener = new ResponseListener(); - $listener->onKernelResponse($this->getEvent($request, $response)); - } - - public function testItSubscribesToTheOnKernelResponseEvent() - { - $listener = new ResponseListener(); - - $this->assertSame(array(KernelEvents::RESPONSE => 'onKernelResponse'), ResponseListener::getSubscribedEvents()); - } - - private function getRequest(array $attributes = array()) - { - $request = new Request(); - - foreach ($attributes as $name => $value) { - $request->attributes->set($name, $value); - } - - return $request; - } - - private function getResponse() - { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - $response->headers = $this->getMock('Symfony\Component\HttpFoundation\ResponseHeaderBag'); - - return $response; - } - - private function getEvent($request, $response, $type = HttpKernelInterface::MASTER_REQUEST) - { - $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\FilterResponseEvent') - ->disableOriginalConstructor() - ->getMock(); - - $event->expects($this->any())->method('getRequest')->will($this->returnValue($request)); - $event->expects($this->any())->method('getRequestType')->will($this->returnValue($type)); - $event->expects($this->any())->method('getResponse')->will($this->returnValue($response)); - - return $event; - } -} diff --git a/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php b/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php deleted file mode 100644 index d1ec9b2..0000000 --- a/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php +++ /dev/null @@ -1,284 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\RememberMe; - -use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; -use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\HttpFoundation\ResponseHeaderBag; -use Symfony\Component\Security\Http\RememberMe\TokenBasedRememberMeServices; - -class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase -{ - public function testAutoLoginReturnsNullWhenNoCookie() - { - $service = $this->getService(null, array('name' => 'foo')); - - $this->assertNull($service->autoLogin(new Request())); - } - - public function testAutoLoginThrowsExceptionOnInvalidCookie() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => false, 'remember_me_parameter' => 'foo')); - $request = new Request(); - $request->request->set('foo', 'true'); - $request->cookies->set('foo', 'foo'); - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testAutoLoginThrowsExceptionOnNonExistentUser() - { - $userProvider = $this->getProvider(); - $service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600)); - $request = new Request(); - $request->cookies->set('foo', $this->getCookie('fooclass', 'foouser', time() + 3600, 'foopass')); - - $userProvider - ->expects($this->once()) - ->method('loadUserByUsername') - ->will($this->throwException(new UsernameNotFoundException('user not found'))) - ; - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testAutoLoginDoesNotAcceptCookieWithInvalidHash() - { - $userProvider = $this->getProvider(); - $service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600)); - $request = new Request(); - $request->cookies->set('foo', base64_encode('class:'.base64_encode('foouser').':123456789:fooHash')); - - $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $user - ->expects($this->once()) - ->method('getPassword') - ->will($this->returnValue('foopass')) - ; - - $userProvider - ->expects($this->once()) - ->method('loadUserByUsername') - ->with($this->equalTo('foouser')) - ->will($this->returnValue($user)) - ; - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - public function testAutoLoginDoesNotAcceptAnExpiredCookie() - { - $userProvider = $this->getProvider(); - $service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600)); - $request = new Request(); - $request->cookies->set('foo', $this->getCookie('fooclass', 'foouser', time() - 1, 'foopass')); - - $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $user - ->expects($this->once()) - ->method('getPassword') - ->will($this->returnValue('foopass')) - ; - - $userProvider - ->expects($this->once()) - ->method('loadUserByUsername') - ->with($this->equalTo('foouser')) - ->will($this->returnValue($user)) - ; - - $this->assertNull($service->autoLogin($request)); - $this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared()); - } - - /** - * @dataProvider provideUsernamesForAutoLogin - * - * @param string $username - */ - public function testAutoLogin($username) - { - $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $user - ->expects($this->once()) - ->method('getRoles') - ->will($this->returnValue(array('ROLE_FOO'))) - ; - $user - ->expects($this->once()) - ->method('getPassword') - ->will($this->returnValue('foopass')) - ; - - $userProvider = $this->getProvider(); - $userProvider - ->expects($this->once()) - ->method('loadUserByUsername') - ->with($this->equalTo($username)) - ->will($this->returnValue($user)) - ; - - $service = $this->getService($userProvider, array('name' => 'foo', 'always_remember_me' => true, 'lifetime' => 3600)); - $request = new Request(); - $request->cookies->set('foo', $this->getCookie('fooclass', $username, time() + 3600, 'foopass')); - - $returnedToken = $service->autoLogin($request); - - $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', $returnedToken); - $this->assertSame($user, $returnedToken->getUser()); - $this->assertEquals('fookey', $returnedToken->getKey()); - } - - public function provideUsernamesForAutoLogin() - { - return array( - array('foouser', 'Simple username'), - array('foo'.TokenBasedRememberMeServices::COOKIE_DELIMITER.'user', 'Username might contain the delimiter'), - ); - } - - public function testLogout() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null, 'secure' => true, 'httponly' => false)); - $request = new Request(); - $response = new Response(); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - - $service->logout($request, $response, $token); - - $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME); - $this->assertTrue($cookie->isCleared()); - $this->assertEquals('/', $cookie->getPath()); - $this->assertNull($cookie->getDomain()); - $this->assertTrue($cookie->isSecure()); - $this->assertFalse($cookie->isHttpOnly()); - } - - public function testLoginFail() - { - $service = $this->getService(null, array('name' => 'foo', 'path' => '/foo', 'domain' => 'foodomain.foo')); - $request = new Request(); - - $service->loginFail($request); - - $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME); - $this->assertTrue($cookie->isCleared()); - $this->assertEquals('/foo', $cookie->getPath()); - $this->assertEquals('foodomain.foo', $cookie->getDomain()); - } - - public function testLoginSuccessIgnoresTokensWhichDoNotContainAnUserInterfaceImplementation() - { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true, 'path' => null, 'domain' => null)); - $request = new Request(); - $response = new Response(); - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $token - ->expects($this->once()) - ->method('getUser') - ->will($this->returnValue('foo')) - ; - - $cookies = $response->headers->getCookies(); - $this->assertCount(0, $cookies); - - $service->loginSuccess($request, $response, $token); - - $cookies = $response->headers->getCookies(); - $this->assertCount(0, $cookies); - } - - public function testLoginSuccess() - { - $service = $this->getService(null, array('name' => 'foo', 'domain' => 'myfoodomain.foo', 'path' => '/foo/path', 'secure' => true, 'httponly' => true, 'lifetime' => 3600, 'always_remember_me' => true)); - $request = new Request(); - $response = new Response(); - - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - $user - ->expects($this->once()) - ->method('getPassword') - ->will($this->returnValue('foopass')) - ; - $user - ->expects($this->once()) - ->method('getUsername') - ->will($this->returnValue('foouser')) - ; - $token - ->expects($this->atLeastOnce()) - ->method('getUser') - ->will($this->returnValue($user)) - ; - - $cookies = $response->headers->getCookies(); - $this->assertCount(0, $cookies); - - $service->loginSuccess($request, $response, $token); - - $cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY); - $cookie = $cookies['myfoodomain.foo']['/foo/path']['foo']; - $this->assertFalse($cookie->isCleared()); - $this->assertTrue($cookie->isSecure()); - $this->assertTrue($cookie->isHttpOnly()); - $this->assertTrue($cookie->getExpiresTime() > time() + 3590 && $cookie->getExpiresTime() < time() + 3610); - $this->assertEquals('myfoodomain.foo', $cookie->getDomain()); - $this->assertEquals('/foo/path', $cookie->getPath()); - } - - protected function getCookie($class, $username, $expires, $password) - { - $service = $this->getService(); - $r = new \ReflectionMethod($service, 'generateCookieValue'); - $r->setAccessible(true); - - return $r->invoke($service, $class, $username, $expires, $password); - } - - protected function encodeCookie(array $parts) - { - $service = $this->getService(); - $r = new \ReflectionMethod($service, 'encodeCookie'); - $r->setAccessible(true); - - return $r->invoke($service, $parts); - } - - protected function getService($userProvider = null, $options = array(), $logger = null) - { - if (null === $userProvider) { - $userProvider = $this->getProvider(); - } - - $service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger); - - return $service; - } - - protected function getProvider() - { - $provider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface'); - $provider - ->expects($this->any()) - ->method('supportsClass') - ->will($this->returnValue(true)) - ; - - return $provider; - } -} diff --git a/Tests/Http/Session/SessionAuthenticationStrategyTest.php b/Tests/Http/Session/SessionAuthenticationStrategyTest.php deleted file mode 100644 index 7296afd..0000000 --- a/Tests/Http/Session/SessionAuthenticationStrategyTest.php +++ /dev/null @@ -1,90 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Tests\Http\Session; - -use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategy; - -class SessionAuthenticationStrategyTest extends \PHPUnit_Framework_TestCase -{ - public function testSessionIsNotChanged() - { - $request = $this->getRequest(); - $request->expects($this->never())->method('getSession'); - - $strategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::NONE); - $strategy->onAuthentication($request, $this->getToken()); - } - - /** - * @expectedException \RuntimeException - * @expectedExceptionMessage Invalid session authentication strategy "foo" - */ - public function testUnsupportedStrategy() - { - $request = $this->getRequest(); - $request->expects($this->never())->method('getSession'); - - $strategy = new SessionAuthenticationStrategy('foo'); - $strategy->onAuthentication($request, $this->getToken()); - } - - public function testSessionIsMigrated() - { - if (PHP_VERSION_ID >= 50400 && PHP_VERSION_ID < 50411) { - $this->markTestSkipped('We cannot destroy the old session on PHP 5.4.0 - 5.4.10.'); - } - - $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface'); - $session->expects($this->once())->method('migrate')->with($this->equalTo(true)); - - $strategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE); - $strategy->onAuthentication($this->getRequest($session), $this->getToken()); - } - - public function testSessionIsMigratedWithPhp54Workaround() - { - if (PHP_VERSION_ID < 50400 || PHP_VERSION_ID >= 50411) { - $this->markTestSkipped('This PHP version is not affected.'); - } - - $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface'); - $session->expects($this->once())->method('migrate')->with($this->equalTo(false)); - - $strategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE); - $strategy->onAuthentication($this->getRequest($session), $this->getToken()); - } - - public function testSessionIsInvalidated() - { - $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface'); - $session->expects($this->once())->method('invalidate'); - - $strategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::INVALIDATE); - $strategy->onAuthentication($this->getRequest($session), $this->getToken()); - } - - private function getRequest($session = null) - { - $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - - if (null !== $session) { - $request->expects($this->any())->method('getSession')->will($this->returnValue($session)); - } - - return $request; - } - - private function getToken() - { - return $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - } -} |