|
15 | 15 | use Symfony\Component\HttpFoundation\Request; |
16 | 16 | use Symfony\Component\HttpFoundation\Response; |
17 | 17 | use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; |
| 18 | +use Symfony\Component\Security\Http\HttpUtils; |
18 | 19 |
|
19 | 20 | class DefaultAuthenticationSuccessHandlerTest extends TestCase |
20 | 21 | { |
21 | | - private $httpUtils = null; |
22 | | - private $token = null; |
23 | | - |
24 | | - protected function setUp() |
25 | | - { |
26 | | - $this->httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock(); |
27 | | - $this->token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); |
28 | | - } |
29 | | - |
30 | | - public function testRequestIsRedirected() |
31 | | - { |
32 | | - $request = Request::create('/'); |
33 | | - $response = $this->expectRedirectResponse($request, '/'); |
34 | | - |
35 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
36 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
37 | | - |
38 | | - $this->assertSame($response, $result); |
39 | | - } |
40 | | - |
41 | | - public function testDefaultTargetPathCanBeForced() |
42 | | - { |
43 | | - $options = array( |
44 | | - 'always_use_default_target_path' => true, |
45 | | - 'default_target_path' => '/dashboard', |
46 | | - ); |
47 | | - |
48 | | - $request = Request::create('/'); |
49 | | - $response = $this->expectRedirectResponse($request, '/dashboard'); |
50 | | - |
51 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
52 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
53 | | - |
54 | | - $this->assertSame($response, $result); |
55 | | - } |
56 | | - |
57 | | - public function testTargetPathIsPassedWithRequest() |
58 | | - { |
59 | | - $request = Request::create('/?_target_path=/dashboard'); |
60 | | - $response = $this->expectRedirectResponse($request, '/dashboard'); |
61 | | - |
62 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
63 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
64 | | - |
65 | | - $this->assertSame($response, $result); |
66 | | - } |
67 | | - |
68 | | - public function testTargetPathParameterIsCustomised() |
| 22 | + /** |
| 23 | + * @dataProvider getRequestRedirections |
| 24 | + */ |
| 25 | + public function testRequestRedirections(Request $request, $options, $redirectedUrl) |
69 | 26 | { |
70 | | - $options = array('target_path_parameter' => '_my_target_path'); |
71 | | - $request = Request::create('/?_my_target_path=/dashboard'); |
72 | | - $response = $this->expectRedirectResponse($request, '/dashboard'); |
73 | | - |
74 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
75 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
76 | | - |
77 | | - $this->assertSame($response, $result); |
| 27 | + $httpUtils = new HttpUtils(); |
| 28 | + $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); |
| 29 | + $handler = new DefaultAuthenticationSuccessHandler($httpUtils, $options); |
| 30 | + if ($request->hasSession()) { |
| 31 | + $handler->setProviderKey('admin'); |
| 32 | + } |
| 33 | + $this->assertSame('http://localhost'.$redirectedUrl, $handler->onAuthenticationSuccess($request, $token)->getTargetUrl()); |
78 | 34 | } |
79 | 35 |
|
80 | | - public function testTargetPathIsTakenFromTheSession() |
| 36 | + public function getRequestRedirections() |
81 | 37 | { |
82 | 38 | $session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock(); |
83 | | - $session->expects($this->once()) |
84 | | - ->method('get')->with('_security.admin.target_path') |
85 | | - ->will($this->returnValue('/admin/dashboard')); |
86 | | - $session->expects($this->once()) |
87 | | - ->method('remove')->with('_security.admin.target_path'); |
88 | | - |
89 | | - $request = Request::create('/?_my_target_path=/dashboard'); |
90 | | - $request->setSession($session); |
91 | | - $response = $this->expectRedirectResponse($request, '/admin/dashboard'); |
92 | | - |
93 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
94 | | - $handler->setProviderKey('admin'); |
95 | | - |
96 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
97 | | - |
98 | | - $this->assertSame($response, $result); |
99 | | - } |
100 | | - |
101 | | - public function testTargetPathIsPassedAsReferer() |
102 | | - { |
103 | | - $options = array('use_referer' => true); |
104 | | - $request = Request::create('/'); |
105 | | - $request->headers->set('Referer', '/dashboard'); |
106 | | - $response = $this->expectRedirectResponse($request, '/dashboard'); |
107 | | - |
108 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
109 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
110 | | - |
111 | | - $this->assertSame($response, $result); |
112 | | - } |
113 | | - |
114 | | - public function testRefererHasToBeDifferentThatLoginUrl() |
115 | | - { |
116 | | - $options = array('use_referer' => true); |
117 | | - $request = Request::create('/'); |
118 | | - $request->headers->set('Referer', '/login'); |
119 | | - $this->httpUtils->expects($this->once()) |
120 | | - ->method('generateUri')->with($request, '/login') |
121 | | - ->will($this->returnValue('/login')); |
122 | | - |
123 | | - $response = $this->expectRedirectResponse($request, '/'); |
124 | | - |
125 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
126 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
127 | | - |
128 | | - $this->assertSame($response, $result); |
129 | | - } |
130 | | - |
131 | | - public function testRefererTargetPathIsIgnoredByDefault() |
132 | | - { |
133 | | - $request = Request::create('/'); |
134 | | - $response = $this->expectRedirectResponse($request, '/'); |
135 | | - |
136 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
137 | | - $result = $handler->onAuthenticationSuccess($request, $this->token); |
138 | | - |
139 | | - $this->assertSame($response, $result); |
140 | | - } |
141 | | - |
142 | | - private function expectRedirectResponse(Request $request, $path) |
143 | | - { |
144 | | - $response = new Response(); |
145 | | - $this->httpUtils->expects($this->once()) |
146 | | - ->method('createRedirectResponse') |
147 | | - ->with($request, $path) |
148 | | - ->will($this->returnValue($response)); |
149 | | - |
150 | | - return $response; |
| 39 | + $session->expects($this->once())->method('get')->with('_security.admin.target_path')->will($this->returnValue('/admin/dashboard')); |
| 40 | + $session->expects($this->once())->method('remove')->with('_security.admin.target_path'); |
| 41 | + $requestWithSession = Request::create('/'); |
| 42 | + $requestWithSession->setSession($session); |
| 43 | + |
| 44 | + return array( |
| 45 | + 'default' => array( |
| 46 | + Request::create('/'), |
| 47 | + array(), |
| 48 | + '/', |
| 49 | + ), |
| 50 | + 'forced target path' => array( |
| 51 | + Request::create('/'), |
| 52 | + array('always_use_default_target_path' => true, 'default_target_path' => '/dashboard'), |
| 53 | + '/dashboard', |
| 54 | + ), |
| 55 | + 'target path as query string' => array( |
| 56 | + Request::create('/?_target_path=/dashboard'), |
| 57 | + array(), |
| 58 | + '/dashboard', |
| 59 | + ), |
| 60 | + 'target path name as query string is customized' => array( |
| 61 | + Request::create('/?_my_target_path=/dashboard'), |
| 62 | + array('target_path_parameter' => '_my_target_path'), |
| 63 | + '/dashboard', |
| 64 | + ), |
| 65 | + 'target path name as query string is customized and nested' => array( |
| 66 | + Request::create('/?_target_path[value]=/dashboard'), |
| 67 | + array('target_path_parameter' => '_target_path[value]'), |
| 68 | + '/dashboard', |
| 69 | + ), |
| 70 | + 'target path in session' => array( |
| 71 | + $requestWithSession, |
| 72 | + array(), |
| 73 | + '/admin/dashboard', |
| 74 | + ), |
| 75 | + 'target path as referer' => array( |
| 76 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/dashboard')), |
| 77 | + array('use_referer' => true), |
| 78 | + '/dashboard', |
| 79 | + ), |
| 80 | + 'target path as referer is ignored if not configured' => array( |
| 81 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/dashboard')), |
| 82 | + array(), |
| 83 | + '/', |
| 84 | + ), |
| 85 | + 'target path should be different than login URL' => array( |
| 86 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login')), |
| 87 | + array('use_referer' => true, 'login_path' => '/login'), |
| 88 | + '/', |
| 89 | + ), |
| 90 | + 'target path should be different than login URL (query string does not matter)' => array( |
| 91 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login?t=1&p=2')), |
| 92 | + array('use_referer' => true, 'login_path' => '/login'), |
| 93 | + '/', |
| 94 | + ), |
| 95 | + ); |
151 | 96 | } |
152 | 97 | } |
0 commit comments