|
12 | 12 | namespace Symfony\Component\Security\Http\Tests\Authentication; |
13 | 13 |
|
14 | 14 | use PHPUnit\Framework\TestCase; |
15 | | -use Symfony\Component\HttpFoundation\Response; |
| 15 | +use Symfony\Component\HttpFoundation\Request; |
16 | 16 | use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; |
| 17 | +use Symfony\Component\Security\Http\HttpUtils; |
17 | 18 |
|
18 | 19 | class DefaultAuthenticationSuccessHandlerTest extends TestCase |
19 | 20 | { |
20 | | - private $httpUtils = null; |
21 | | - |
22 | | - private $request = null; |
23 | | - |
24 | | - private $token = null; |
25 | | - |
26 | | - protected function setUp() |
| 21 | + /** |
| 22 | + * @dataProvider getRequestRedirections |
| 23 | + */ |
| 24 | + public function testRequestRedirections(Request $request, $options, $redirectedUrl) |
27 | 25 | { |
28 | | - $this->httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock(); |
29 | | - $this->request = $this->getMockBuilder('Symfony\Component\HttpFoundation\Request')->getMock(); |
30 | | - $this->request->headers = $this->getMockBuilder('Symfony\Component\HttpFoundation\HeaderBag')->getMock(); |
31 | | - $this->token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); |
| 26 | + $urlGenerator = $this->getMockBuilder('Symfony\Component\Routing\Generator\UrlGeneratorInterface')->getMock(); |
| 27 | + $urlGenerator->expects($this->any())->method('generate')->will($this->returnValue('http://localhost/login')); |
| 28 | + $httpUtils = new HttpUtils($urlGenerator); |
| 29 | + $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); |
| 30 | + $handler = new DefaultAuthenticationSuccessHandler($httpUtils, $options); |
| 31 | + if ($request->hasSession()) { |
| 32 | + $handler->setProviderKey('admin'); |
| 33 | + } |
| 34 | + $this->assertSame('http://localhost'.$redirectedUrl, $handler->onAuthenticationSuccess($request, $token)->getTargetUrl()); |
32 | 35 | } |
33 | 36 |
|
34 | | - public function testRequestIsRedirected() |
35 | | - { |
36 | | - $response = $this->expectRedirectResponse('/'); |
37 | | - |
38 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
39 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
40 | | - |
41 | | - $this->assertSame($response, $result); |
42 | | - } |
43 | | - |
44 | | - public function testDefaultTargetPathCanBeForced() |
45 | | - { |
46 | | - $options = array( |
47 | | - 'always_use_default_target_path' => true, |
48 | | - 'default_target_path' => '/dashboard', |
49 | | - ); |
50 | | - |
51 | | - $response = $this->expectRedirectResponse('/dashboard'); |
52 | | - |
53 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
54 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
55 | | - |
56 | | - $this->assertSame($response, $result); |
57 | | - } |
58 | | - |
59 | | - public function testTargetPathIsPassedWithRequest() |
60 | | - { |
61 | | - $this->request->expects($this->once()) |
62 | | - ->method('get')->with('_target_path') |
63 | | - ->will($this->returnValue('/dashboard')); |
64 | | - |
65 | | - $response = $this->expectRedirectResponse('/dashboard'); |
66 | | - |
67 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
68 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
69 | | - |
70 | | - $this->assertSame($response, $result); |
71 | | - } |
72 | | - |
73 | | - public function testTargetPathIsPassedAsNestedParameterWithRequest() |
74 | | - { |
75 | | - $this->request->expects($this->once()) |
76 | | - ->method('get')->with('_target_path') |
77 | | - ->will($this->returnValue(array('value' => '/dashboard'))); |
78 | | - |
79 | | - $response = $this->expectRedirectResponse('/dashboard'); |
80 | | - |
81 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array('target_path_parameter' => '_target_path[value]')); |
82 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
83 | | - |
84 | | - $this->assertSame($response, $result); |
85 | | - } |
86 | | - |
87 | | - public function testTargetPathParameterIsCustomised() |
88 | | - { |
89 | | - $options = array('target_path_parameter' => '_my_target_path'); |
90 | | - |
91 | | - $this->request->expects($this->once()) |
92 | | - ->method('get')->with('_my_target_path') |
93 | | - ->will($this->returnValue('/dashboard')); |
94 | | - |
95 | | - $response = $this->expectRedirectResponse('/dashboard'); |
96 | | - |
97 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
98 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
99 | | - |
100 | | - $this->assertSame($response, $result); |
101 | | - } |
102 | | - |
103 | | - public function testTargetPathIsTakenFromTheSession() |
| 37 | + public function getRequestRedirections() |
104 | 38 | { |
105 | 39 | $session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock(); |
106 | | - $session->expects($this->once()) |
107 | | - ->method('get')->with('_security.admin.target_path') |
108 | | - ->will($this->returnValue('/admin/dashboard')); |
109 | | - $session->expects($this->once()) |
110 | | - ->method('remove')->with('_security.admin.target_path'); |
111 | | - |
112 | | - $this->request->expects($this->any()) |
113 | | - ->method('getSession') |
114 | | - ->will($this->returnValue($session)); |
115 | | - |
116 | | - $response = $this->expectRedirectResponse('/admin/dashboard'); |
117 | | - |
118 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
119 | | - $handler->setProviderKey('admin'); |
120 | | - |
121 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
122 | | - |
123 | | - $this->assertSame($response, $result); |
124 | | - } |
125 | | - |
126 | | - public function testTargetPathIsPassedAsReferer() |
127 | | - { |
128 | | - $options = array('use_referer' => true); |
129 | | - |
130 | | - $this->request->headers->expects($this->once()) |
131 | | - ->method('get')->with('Referer') |
132 | | - ->will($this->returnValue('/dashboard')); |
133 | | - |
134 | | - $response = $this->expectRedirectResponse('/dashboard'); |
135 | | - |
136 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
137 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
138 | | - |
139 | | - $this->assertSame($response, $result); |
140 | | - } |
141 | | - |
142 | | - public function testRefererHasToBeDifferentThatLoginUrl() |
143 | | - { |
144 | | - $options = array('use_referer' => true); |
145 | | - |
146 | | - $this->request->headers->expects($this->any()) |
147 | | - ->method('get')->with('Referer') |
148 | | - ->will($this->returnValue('/login')); |
149 | | - |
150 | | - $this->httpUtils->expects($this->once()) |
151 | | - ->method('generateUri')->with($this->request, '/login') |
152 | | - ->will($this->returnValue('/login')); |
153 | | - |
154 | | - $response = $this->expectRedirectResponse('/'); |
155 | | - |
156 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); |
157 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
158 | | - |
159 | | - $this->assertSame($response, $result); |
160 | | - } |
161 | | - |
162 | | - public function testRefererTargetPathIsIgnoredByDefault() |
163 | | - { |
164 | | - $this->request->headers->expects($this->never())->method('get'); |
165 | | - |
166 | | - $response = $this->expectRedirectResponse('/'); |
167 | | - |
168 | | - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); |
169 | | - $result = $handler->onAuthenticationSuccess($this->request, $this->token); |
170 | | - |
171 | | - $this->assertSame($response, $result); |
172 | | - } |
173 | | - |
174 | | - private function expectRedirectResponse($path) |
175 | | - { |
176 | | - $response = new Response(); |
177 | | - $this->httpUtils->expects($this->once()) |
178 | | - ->method('createRedirectResponse') |
179 | | - ->with($this->request, $path) |
180 | | - ->will($this->returnValue($response)); |
181 | | - |
182 | | - return $response; |
| 40 | + $session->expects($this->once())->method('get')->with('_security.admin.target_path')->will($this->returnValue('/admin/dashboard')); |
| 41 | + $session->expects($this->once())->method('remove')->with('_security.admin.target_path'); |
| 42 | + $requestWithSession = Request::create('/'); |
| 43 | + $requestWithSession->setSession($session); |
| 44 | + |
| 45 | + return array( |
| 46 | + 'default' => array( |
| 47 | + Request::create('/'), |
| 48 | + array(), |
| 49 | + '/', |
| 50 | + ), |
| 51 | + 'forced target path' => array( |
| 52 | + Request::create('/'), |
| 53 | + array('always_use_default_target_path' => true, 'default_target_path' => '/dashboard'), |
| 54 | + '/dashboard', |
| 55 | + ), |
| 56 | + 'target path as query string' => array( |
| 57 | + Request::create('/?_target_path=/dashboard'), |
| 58 | + array(), |
| 59 | + '/dashboard', |
| 60 | + ), |
| 61 | + 'target path name as query string is customized' => array( |
| 62 | + Request::create('/?_my_target_path=/dashboard'), |
| 63 | + array('target_path_parameter' => '_my_target_path'), |
| 64 | + '/dashboard', |
| 65 | + ), |
| 66 | + 'target path name as query string is customized and nested' => array( |
| 67 | + Request::create('/?_target_path[value]=/dashboard'), |
| 68 | + array('target_path_parameter' => '_target_path[value]'), |
| 69 | + '/dashboard', |
| 70 | + ), |
| 71 | + 'target path in session' => array( |
| 72 | + $requestWithSession, |
| 73 | + array(), |
| 74 | + '/admin/dashboard', |
| 75 | + ), |
| 76 | + 'target path as referer' => array( |
| 77 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/dashboard')), |
| 78 | + array('use_referer' => true), |
| 79 | + '/dashboard', |
| 80 | + ), |
| 81 | + 'target path as referer is ignored if not configured' => array( |
| 82 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/dashboard')), |
| 83 | + array(), |
| 84 | + '/', |
| 85 | + ), |
| 86 | + 'target path should be different than login URL' => array( |
| 87 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login')), |
| 88 | + array('use_referer' => true, 'login_path' => '/login'), |
| 89 | + '/', |
| 90 | + ), |
| 91 | + 'target path should be different than login URL (query string does not matter)' => array( |
| 92 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login?t=1&p=2')), |
| 93 | + array('use_referer' => true, 'login_path' => '/login'), |
| 94 | + '/', |
| 95 | + ), |
| 96 | + 'target path should be different than login URL (login_path as a route)' => array( |
| 97 | + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login?t=1&p=2')), |
| 98 | + array('use_referer' => true, 'login_path' => 'login_route'), |
| 99 | + '/', |
| 100 | + ), |
| 101 | + ); |
183 | 102 | } |
184 | 103 | } |
0 commit comments