TomaHost/Chamilo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade 1-11.38

Browse Source
This commit is contained in:
xesmyd
2026-03-30 14:10:30 +02:00
parent f2a7e6d1fc
commit ac648ef29d
24665 changed files with 69682 additions and 2205004 deletions
Download Patch File Download Diff File Expand all files Collapse all files
vendor/symfony/security/Guard/Tests/Authenticator/FormLoginAuthenticatorTest.php
Vendored
+4 -10
View File
@@ -77,7 +77,7 @@ class FormLoginAuthenticatorTest extends TestCase
$this->requestWithSession->getSession()
->expects($this->once())
->method('get')
->will($this->returnValue(null));
->willReturn(null);
$redirectResponse = $this->authenticator->onAuthenticationSuccess($this->requestWithSession, $token, 'providerkey');
@@ -96,7 +96,7 @@ class FormLoginAuthenticatorTest extends TestCase
$this->requestWithSession->getSession()
->expects($this->once())
->method('get')
->will($this->returnValue(self::CUSTOM_SUCCESS_URL));
->willReturn(self::CUSTOM_SUCCESS_URL);
$redirectResponse = $this->authenticator->onAuthenticationSuccess($this->requestWithSession, $token, 'providerkey');
@@ -129,8 +129,8 @@ class FormLoginAuthenticatorTest extends TestCase
protected function setUp()
{
$this->requestWithoutSession = new Request(array(), array(), array(), array(), array(), array());
$this->requestWithSession = new Request(array(), array(), array(), array(), array(), array());
$this->requestWithoutSession = new Request([], [], [], [], [], []);
$this->requestWithSession = new Request([], [], [], [], [], []);
$session = $this->getMockBuilder('Symfony\\Component\\HttpFoundation\\Session\\SessionInterface')
->disableOriginalConstructor()
@@ -143,12 +143,6 @@ class FormLoginAuthenticatorTest extends TestCase
->setDefaultSuccessRedirectUrl(self::DEFAULT_SUCCESS_URL)
;
}
protected function tearDown()
{
$this->request = null;
$this->requestWithSession = null;
}
}
class TestFormLoginAuthenticator extends AbstractFormLoginAuthenticator
vendor/symfony/security/Guard/Tests/Firewall/GuardAuthenticationListenerTest.php
Vendored
+282 -33
View File
@@ -14,12 +14,20 @@ namespace Symfony\Component\Security\Guard\Tests\Firewall;
use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Guard\Firewall\GuardAuthenticationListener;
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\LockedException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
use Symfony\Component\Security\Guard\AuthenticatorInterface;
use Symfony\Component\Security\Guard\Firewall\GuardAuthenticationListener;
use Symfony\Component\Security\Guard\GuardAuthenticatorInterface;
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
/**
* @author Ryan Weaver <weaverryan@gmail.com>
* @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
*/
class GuardAuthenticationListenerTest extends TestCase
{
@@ -32,16 +40,21 @@ class GuardAuthenticationListenerTest extends TestCase
public function testHandleSuccess()
{
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticateToken = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
$authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticateToken = $this->getMockBuilder(TokenInterface::class)->getMock();
$providerKey = 'my_firewall';
$credentials = array('username' => 'weaverryan', 'password' => 'all_your_base');
$credentials = ['username' => 'weaverryan', 'password' => 'all_your_base'];
$authenticator
->expects($this->once())
->method('supports')
->willReturn(true);
$authenticator
->expects($this->once())
->method('getCredentials')
->with($this->equalTo($this->request))
->will($this->returnValue($credentials));
->willReturn($credentials);
// a clone of the token that should be created internally
$uniqueGuardKey = 'my_firewall_0';
@@ -51,7 +64,7 @@ class GuardAuthenticationListenerTest extends TestCase
->expects($this->once())
->method('authenticate')
->with($this->equalTo($nonAuthedToken))
->will($this->returnValue($authenticateToken));
->willReturn($authenticateToken);
$this->guardAuthenticatorHandler
->expects($this->once())
@@ -67,7 +80,7 @@ class GuardAuthenticationListenerTest extends TestCase
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
array($authenticator),
[$authenticator],
$this->logger
);
@@ -82,10 +95,14 @@ class GuardAuthenticationListenerTest extends TestCase
public function testHandleSuccessStopsAfterResponseIsSet()
{
$authenticator1 = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticator2 = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticator1 = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticator2 = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
// mock the first authenticator to fail, and set a Response
$authenticator1
->expects($this->once())
->method('supports')
->willReturn(true);
$authenticator1
->expects($this->once())
->method('getCredentials')
@@ -103,7 +120,7 @@ class GuardAuthenticationListenerTest extends TestCase
$this->guardAuthenticatorHandler,
$this->authenticationManager,
'my_firewall',
array($authenticator1, $authenticator2),
[$authenticator1, $authenticator2],
$this->logger
);
@@ -112,39 +129,44 @@ class GuardAuthenticationListenerTest extends TestCase
public function testHandleSuccessWithRememberMe()
{
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticateToken = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
$authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticateToken = $this->getMockBuilder(TokenInterface::class)->getMock();
$providerKey = 'my_firewall_with_rememberme';
$authenticator
->expects($this->once())
->method('supports')
->with($this->equalTo($this->request))
->willReturn(true);
$authenticator
->expects($this->once())
->method('getCredentials')
->with($this->equalTo($this->request))
->will($this->returnValue(array('username' => 'anything_not_empty')));
->willReturn(['username' => 'anything_not_empty']);
$this->authenticationManager
->expects($this->once())
->method('authenticate')
->will($this->returnValue($authenticateToken));
->willReturn($authenticateToken);
$successResponse = new Response('Success!');
$this->guardAuthenticatorHandler
->expects($this->once())
->method('handleAuthenticationSuccess')
->will($this->returnValue($successResponse));
->willReturn($successResponse);
$listener = new GuardAuthenticationListener(
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
array($authenticator),
[$authenticator],
$this->logger
);
$listener->setRememberMeServices($this->rememberMeServices);
$authenticator->expects($this->once())
->method('supportsRememberMe')
->will($this->returnValue(true));
->willReturn(true);
// should be called - we do have a success Response
$this->rememberMeServices
->expects($this->once())
@@ -155,14 +177,18 @@ class GuardAuthenticationListenerTest extends TestCase
public function testHandleCatchesAuthenticationException()
{
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$providerKey = 'my_firewall2';
$authException = new AuthenticationException('Get outta here crazy user with a bad password!');
$authenticator
->expects($this->once())
->method('supports')
->willReturn(true);
$authenticator
->expects($this->once())
->method('getCredentials')
->will($this->throwException($authException));
->willThrowException($authException);
// this is not called
$this->authenticationManager
@@ -178,27 +204,73 @@ class GuardAuthenticationListenerTest extends TestCase
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
array($authenticator),
[$authenticator],
$this->logger
);
$listener->handle($this->event);
}
public function testReturnNullToSkipAuth()
/**
* @dataProvider exceptionsToHide
*/
public function testHandleHidesInvalidUserExceptions(AuthenticationException $exceptionToHide)
{
$authenticatorA = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticatorB = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticator = $this->createMock(AuthenticatorInterface::class);
$providerKey = 'my_firewall2';
$authenticator
->expects($this->once())
->method('supports')
->willReturn(true);
$authenticator
->expects($this->once())
->method('getCredentials')
->willReturn(['username' => 'robin', 'password' => 'hood']);
$this->authenticationManager
->expects($this->once())
->method('authenticate')
->willThrowException($exceptionToHide);
$this->guardAuthenticatorHandler
->expects($this->once())
->method('handleAuthenticationFailure')
->with($this->callback(function ($e) use ($exceptionToHide) {
return $e instanceof BadCredentialsException && $exceptionToHide === $e->getPrevious();
}), $this->request, $authenticator, $providerKey);
$listener = new GuardAuthenticationListener(
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
[$authenticator],
$this->logger
);
$listener->handle($this->event);
}
public function exceptionsToHide()
{
return [
[new UsernameNotFoundException()],
[new LockedException()],
];
}
/**
* @group legacy
*/
public function testLegacyInterfaceNullCredentials()
{
$authenticatorA = $this->getMockBuilder(GuardAuthenticatorInterface::class)->getMock();
$providerKey = 'my_firewall3';
$authenticatorA
->expects($this->once())
->method('getCredentials')
->will($this->returnValue(null));
$authenticatorB
->expects($this->once())
->method('getCredentials')
->will($this->returnValue(null));
->willReturn(null);
// this is not called
$this->authenticationManager
@@ -213,7 +285,184 @@ class GuardAuthenticationListenerTest extends TestCase
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
array($authenticatorA, $authenticatorB),
[$authenticatorA],
$this->logger
);
$listener->handle($this->event);
}
/**
* @group legacy
*/
public function testLegacyInterfaceKeepsWorking()
{
$authenticator = $this->getMockBuilder(GuardAuthenticatorInterface::class)->getMock();
$authenticateToken = $this->getMockBuilder(TokenInterface::class)->getMock();
$providerKey = 'my_firewall';
$credentials = ['username' => 'weaverryan', 'password' => 'all_your_base'];
$authenticator
->expects($this->once())
->method('getCredentials')
->with($this->equalTo($this->request))
->willReturn($credentials);
// a clone of the token that should be created internally
$uniqueGuardKey = 'my_firewall_0';
$nonAuthedToken = new PreAuthenticationGuardToken($credentials, $uniqueGuardKey);
$this->authenticationManager
->expects($this->once())
->method('authenticate')
->with($this->equalTo($nonAuthedToken))
->willReturn($authenticateToken);
$this->guardAuthenticatorHandler
->expects($this->once())
->method('authenticateWithToken')
->with($authenticateToken, $this->request);
$this->guardAuthenticatorHandler
->expects($this->once())
->method('handleAuthenticationSuccess')
->with($authenticateToken, $this->request, $authenticator, $providerKey);
$listener = new GuardAuthenticationListener(
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
[$authenticator],
$this->logger
);
$listener->setRememberMeServices($this->rememberMeServices);
// should never be called - our handleAuthenticationSuccess() does not return a Response
$this->rememberMeServices
->expects($this->never())
->method('loginSuccess');
$listener->handle($this->event);
}
/**
* @group legacy
*/
public function testReturnNullToSkipAuth()
{
$authenticatorA = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticatorB = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$providerKey = 'my_firewall3';
$authenticatorA
->expects($this->once())
->method('getCredentials')
->willReturn(null);
$authenticatorB
->expects($this->once())
->method('getCredentials')
->willReturn(null);
// this is not called
$this->authenticationManager
->expects($this->never())
->method('authenticate');
$this->guardAuthenticatorHandler
->expects($this->never())
->method('handleAuthenticationSuccess');
$listener = new GuardAuthenticationListener(
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
[$authenticatorA, $authenticatorB],
$this->logger
);
$listener->handle($this->event);
}
public function testSupportsReturnFalseSkipAuth()
{
$authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$providerKey = 'my_firewall4';
$authenticator
->expects($this->once())
->method('supports')
->willReturn(false);
// this is not called
$authenticator
->expects($this->never())
->method('getCredentials');
$listener = new GuardAuthenticationListener(
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
[$authenticator],
$this->logger
);
$listener->handle($this->event);
}
public function testReturnNullFromGetCredentials()
{
$this->expectException('UnexpectedValueException');
$authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$providerKey = 'my_firewall4';
$authenticator
->expects($this->once())
->method('supports')
->willReturn(true);
// this will raise exception
$authenticator
->expects($this->once())
->method('getCredentials')
->willReturn(null);
$listener = new GuardAuthenticationListener(
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
[$authenticator],
$this->logger
);
$listener->handle($this->event);
}
/**
* @group legacy
* @expectedDeprecation Returning null from "%s::getCredentials()" is deprecated since Symfony 3.4 and will throw an \UnexpectedValueException in 4.0. Return false from "%s::supports()" instead.
*/
public function testReturnNullFromGetCredentialsTriggersForAbstractGuardAuthenticatorInstances()
{
$authenticator = $this->getMockBuilder(AbstractGuardAuthenticator::class)->getMock();
$providerKey = 'my_firewall4';
$authenticator
->expects($this->once())
->method('supports')
->willReturn(true);
// this will raise exception
$authenticator
->expects($this->once())
->method('getCredentials')
->willReturn(null);
$listener = new GuardAuthenticationListener(
$this->guardAuthenticatorHandler,
$this->authenticationManager,
$providerKey,
[$authenticator],
$this->logger
);
@@ -230,16 +479,16 @@ class GuardAuthenticationListenerTest extends TestCase
->disableOriginalConstructor()
->getMock();
$this->request = new Request(array(), array(), array(), array(), array(), array());
$this->request = new Request([], [], [], [], [], []);
$this->event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent')
->disableOriginalConstructor()
->setMethods(array('getRequest'))
->setMethods(['getRequest'])
->getMock();
$this->event
->expects($this->any())
->method('getRequest')
->will($this->returnValue($this->request));
->willReturn($this->request);
$this->logger = $this->getMockBuilder('Psr\Log\LoggerInterface')->getMock();
$this->rememberMeServices = $this->getMockBuilder('Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface')->getMock();
vendor/symfony/security/Guard/Tests/GuardAuthenticatorHandlerTest.php
Vendored
+82 -25
View File
@@ -14,8 +14,9 @@ namespace Symfony\Component\Security\Guard\Tests;
use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Guard\AuthenticatorInterface;
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use Symfony\Component\Security\Http\SecurityEvents;
@@ -25,6 +26,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
private $dispatcher;
private $token;
private $request;
private $sessionStrategy;
private $guardAuthenticator;
public function testAuthenticateWithToken()
@@ -52,7 +54,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
$this->guardAuthenticator->expects($this->once())
->method('onAuthenticationSuccess')
->with($this->request, $this->token, $providerKey)
->will($this->returnValue($response));
->willReturn($response);
$handler = new GuardAuthenticatorHandler($this->tokenStorage, $this->dispatcher);
$actualResponse = $handler->handleAuthenticationSuccess($this->token, $this->request, $this->guardAuthenticator, $providerKey);
@@ -71,7 +73,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
$this->guardAuthenticator->expects($this->once())
->method('onAuthenticationFailure')
->with($this->request, $authException)
->will($this->returnValue($response));
->willReturn($response);
$handler = new GuardAuthenticatorHandler($this->tokenStorage, $this->dispatcher);
$actualResponse = $handler->handleAuthenticationFailure($authException, $this->request, $this->guardAuthenticator, 'firewall_provider_key');
@@ -81,21 +83,9 @@ class GuardAuthenticatorHandlerTest extends TestCase
/**
* @dataProvider getTokenClearingTests
*/
public function testHandleAuthenticationClearsToken($tokenClass, $tokenProviderKey, $actualProviderKey, $shouldTokenBeCleared)
public function testHandleAuthenticationClearsToken($tokenProviderKey, $actualProviderKey)
{
$token = $this->getMockBuilder($tokenClass)
->disableOriginalConstructor()
->getMock();
$token->expects($this->any())
->method('getProviderKey')
->will($this->returnValue($tokenProviderKey));
// make the $token be the current token
$this->tokenStorage->expects($this->once())
->method('getToken')
->will($this->returnValue($token));
$this->tokenStorage->expects($shouldTokenBeCleared ? $this->once() : $this->never())
$this->tokenStorage->expects($this->never())
->method('setToken')
->with(null);
$authException = new AuthenticationException('Bad password!');
@@ -104,7 +94,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
$this->guardAuthenticator->expects($this->once())
->method('onAuthenticationFailure')
->with($this->request, $authException)
->will($this->returnValue($response));
->willReturn($response);
$handler = new GuardAuthenticatorHandler($this->tokenStorage, $this->dispatcher);
$actualResponse = $handler->handleAuthenticationFailure($authException, $this->request, $this->guardAuthenticator, $actualProviderKey);
@@ -113,22 +103,79 @@ class GuardAuthenticatorHandlerTest extends TestCase
public function getTokenClearingTests()
{
$tests = array();
// correct token class and matching firewall => clear the token
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'the_firewall_key', true);
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'different_key', false);
$tests[] = array('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', 'the_firewall_key', 'the_firewall_key', false);
$tests = [];
// matching firewall => clear the token
$tests[] = ['the_firewall_key', 'the_firewall_key'];
$tests[] = ['the_firewall_key', 'different_key'];
$tests[] = ['the_firewall_key', 'the_firewall_key'];
return $tests;
}
public function testNoFailureIfSessionStrategyNotPassed()
{
$this->configurePreviousSession();
$this->tokenStorage->expects($this->once())
->method('setToken')
->with($this->token);
$handler = new GuardAuthenticatorHandler($this->tokenStorage, $this->dispatcher);
$handler->authenticateWithToken($this->token, $this->request);
}
public function testSessionStrategyIsCalled()
{
$this->configurePreviousSession();
$this->sessionStrategy->expects($this->once())
->method('onAuthentication')
->with($this->request, $this->token);
$handler = new GuardAuthenticatorHandler($this->tokenStorage, $this->dispatcher);
$handler->setSessionAuthenticationStrategy($this->sessionStrategy);
$handler->authenticateWithToken($this->token, $this->request);
}
public function testSessionStrategyIsNotCalledWhenStateless()
{
$this->configurePreviousSession();
$this->sessionStrategy->expects($this->never())
->method('onAuthentication');
$handler = new GuardAuthenticatorHandler($this->tokenStorage, $this->dispatcher, ['some_provider_key']);
$handler->setSessionAuthenticationStrategy($this->sessionStrategy);
$handler->authenticateWithToken($this->token, $this->request, 'some_provider_key');
}
/**
* @requires function \Symfony\Component\HttpFoundation\Request::setSessionFactory
*/
public function testSessionIsNotInstantiatedOnStatelessFirewall()
{
$sessionFactory = $this->getMockBuilder(\stdClass::class)
->setMethods(['__invoke'])
->getMock();
$sessionFactory->expects($this->never())
->method('__invoke');
$this->request->setSessionFactory($sessionFactory);
$handler = new GuardAuthenticatorHandler($this->tokenStorage, $this->dispatcher, ['stateless_provider_key']);
$handler->setSessionAuthenticationStrategy($this->sessionStrategy);
$handler->authenticateWithToken($this->token, $this->request, 'stateless_provider_key');
}
protected function setUp()
{
$this->tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();
$this->dispatcher = $this->getMockBuilder('Symfony\Component\EventDispatcher\EventDispatcherInterface')->getMock();
$this->token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
$this->request = new Request(array(), array(), array(), array(), array(), array());
$this->guardAuthenticator = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$this->request = new Request([], [], [], [], [], []);
$this->sessionStrategy = $this->getMockBuilder('Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface')->getMock();
$this->guardAuthenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
}
protected function tearDown()
@@ -139,4 +186,14 @@ class GuardAuthenticatorHandlerTest extends TestCase
$this->request = null;
$this->guardAuthenticator = null;
}
private function configurePreviousSession()
{
$session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock();
$session->expects($this->any())
->method('getName')
->willReturn('test_session_name');
$this->request->setSession($session);
$this->request->cookies->set('test_session_name', 'session_cookie_val');
}
}
vendor/symfony/security/Guard/Tests/Provider/GuardAuthenticationProviderTest.php
Vendored
+120 -26
View File
@@ -12,8 +12,12 @@
namespace Symfony\Component\Security\Guard\Tests\Provider;
use PHPUnit\Framework\TestCase;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Guard\AuthenticatorInterface;
use Symfony\Component\Security\Guard\Provider\GuardAuthenticationProvider;
use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
/**
* @author Ryan Weaver <weaverryan@gmail.com>
@@ -28,24 +32,24 @@ class GuardAuthenticationProviderTest extends TestCase
{
$providerKey = 'my_cool_firewall';
$authenticatorA = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticatorB = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticatorC = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticators = array($authenticatorA, $authenticatorB, $authenticatorC);
$authenticatorA = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticatorB = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticatorC = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticators = [$authenticatorA, $authenticatorB, $authenticatorC];
// called 2 times - for authenticator A and B (stops on B because of match)
$this->preAuthenticationToken->expects($this->exactly(2))
->method('getGuardProviderKey')
// it will return the "1" index, which will match authenticatorB
->will($this->returnValue('my_cool_firewall_1'));
->willReturn('my_cool_firewall_1');
$enteredCredentials = array(
$enteredCredentials = [
'username' => '_weaverryan_test_user',
'password' => 'guard_auth_ftw',
);
];
$this->preAuthenticationToken->expects($this->atLeastOnce())
->method('getCredentials')
->will($this->returnValue($enteredCredentials));
->willReturn($enteredCredentials);
// authenticators A and C are never called
$authenticatorA->expects($this->never())
@@ -53,22 +57,22 @@ class GuardAuthenticationProviderTest extends TestCase
$authenticatorC->expects($this->never())
->method('getUser');
$mockedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$mockedUser = $this->getMockBuilder(UserInterface::class)->getMock();
$authenticatorB->expects($this->once())
->method('getUser')
->with($enteredCredentials, $this->userProvider)
->will($this->returnValue($mockedUser));
->willReturn($mockedUser);
// checkCredentials is called
$authenticatorB->expects($this->once())
->method('checkCredentials')
->with($enteredCredentials, $mockedUser)
// authentication works!
->will($this->returnValue(true));
$authedToken = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
->willReturn(true);
$authedToken = $this->getMockBuilder(GuardTokenInterface::class)->getMock();
$authenticatorB->expects($this->once())
->method('createAuthenticatedToken')
->with($mockedUser, $providerKey)
->will($this->returnValue($authedToken));
->willReturn($authedToken);
// user checker should be called
$this->userChecker->expects($this->once())
@@ -84,53 +88,143 @@ class GuardAuthenticationProviderTest extends TestCase
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
* @group legacy
*/
public function testLegacyAuthenticate()
{
$providerKey = 'my_cool_firewall';
$authenticatorA = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticatorB = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticatorC = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticators = [$authenticatorA, $authenticatorB, $authenticatorC];
// called 2 times - for authenticator A and B (stops on B because of match)
$this->preAuthenticationToken->expects($this->exactly(2))
->method('getGuardProviderKey')
// it will return the "1" index, which will match authenticatorB
->willReturn('my_cool_firewall_1');
$enteredCredentials = [
'username' => '_weaverryan_test_user',
'password' => 'guard_auth_ftw',
];
$this->preAuthenticationToken->expects($this->atLeastOnce())
->method('getCredentials')
->willReturn($enteredCredentials);
// authenticators A and C are never called
$authenticatorA->expects($this->never())
->method('getUser');
$authenticatorC->expects($this->never())
->method('getUser');
$mockedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$authenticatorB->expects($this->once())
->method('getUser')
->with($enteredCredentials, $this->userProvider)
->willReturn($mockedUser);
// checkCredentials is called
$authenticatorB->expects($this->once())
->method('checkCredentials')
->with($enteredCredentials, $mockedUser)
// authentication works!
->willReturn(true);
$authedToken = $this->getMockBuilder(GuardTokenInterface::class)->getMock();
$authenticatorB->expects($this->once())
->method('createAuthenticatedToken')
->with($mockedUser, $providerKey)
->willReturn($authedToken);
// user checker should be called
$this->userChecker->expects($this->once())
->method('checkPreAuth')
->with($mockedUser);
$this->userChecker->expects($this->once())
->method('checkPostAuth')
->with($mockedUser);
$provider = new GuardAuthenticationProvider($authenticators, $this->userProvider, $providerKey, $this->userChecker);
$actualAuthedToken = $provider->authenticate($this->preAuthenticationToken);
$this->assertSame($authedToken, $actualAuthedToken);
}
public function testCheckCredentialsReturningNonTrueFailsAuthentication()
{
$this->expectException('Symfony\Component\Security\Core\Exception\BadCredentialsException');
$providerKey = 'my_uncool_firewall';
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorInterface')->getMock();
$authenticator = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
// make sure the authenticator is used
$this->preAuthenticationToken->expects($this->any())
->method('getGuardProviderKey')
// the 0 index, to match the only authenticator
->will($this->returnValue('my_uncool_firewall_0'));
->willReturn('my_uncool_firewall_0');
$this->preAuthenticationToken->expects($this->atLeastOnce())
->method('getCredentials')
->will($this->returnValue('non-null-value'));
->willReturn('non-null-value');
$mockedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$authenticator->expects($this->once())
->method('getUser')
->will($this->returnValue($mockedUser));
->willReturn($mockedUser);
// checkCredentials is called
$authenticator->expects($this->once())
->method('checkCredentials')
// authentication fails :(
->will($this->returnValue(null));
->willReturn(null);
$provider = new GuardAuthenticationProvider(array($authenticator), $this->userProvider, $providerKey, $this->userChecker);
$provider = new GuardAuthenticationProvider([$authenticator], $this->userProvider, $providerKey, $this->userChecker);
$provider->authenticate($this->preAuthenticationToken);
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationExpiredException
*/
public function testGuardWithNoLongerAuthenticatedTriggersLogout()
{
$this->expectException('Symfony\Component\Security\Core\Exception\AuthenticationExpiredException');
$providerKey = 'my_firewall_abc';
// create a token and mark it as NOT authenticated anymore
// this mimics what would happen if a user "changed" between request
$mockedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$token = new PostAuthenticationGuardToken($mockedUser, $providerKey, array('ROLE_USER'));
$token = new PostAuthenticationGuardToken($mockedUser, $providerKey, ['ROLE_USER']);
$token->setAuthenticated(false);
$provider = new GuardAuthenticationProvider(array(), $this->userProvider, $providerKey, $this->userChecker);
$actualToken = $provider->authenticate($token);
$provider = new GuardAuthenticationProvider([], $this->userProvider, $providerKey, $this->userChecker);
$provider->authenticate($token);
}
public function testSupportsChecksGuardAuthenticatorsTokenOrigin()
{
$authenticatorA = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticatorB = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticators = [$authenticatorA, $authenticatorB];
$mockedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$provider = new GuardAuthenticationProvider($authenticators, $this->userProvider, 'first_firewall', $this->userChecker);
$token = new PreAuthenticationGuardToken($mockedUser, 'first_firewall_1');
$supports = $provider->supports($token);
$this->assertTrue($supports);
$token = new PreAuthenticationGuardToken($mockedUser, 'second_firewall_0');
$supports = $provider->supports($token);
$this->assertFalse($supports);
}
public function testAuthenticateFailsOnNonOriginatingToken()
{
$this->expectException('Symfony\Component\Security\Core\Exception\AuthenticationException');
$this->expectExceptionMessageMatches('/second_firewall_0/');
$authenticatorA = $this->getMockBuilder(AuthenticatorInterface::class)->getMock();
$authenticators = [$authenticatorA];
$mockedUser = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$provider = new GuardAuthenticationProvider($authenticators, $this->userProvider, 'first_firewall', $this->userChecker);
$token = new PreAuthenticationGuardToken($mockedUser, 'second_firewall_0');
$provider->authenticate($token);
}
protected function setUp()