Checks token authentication.

Checks user preauth. Improve functional test.
symfony · norberttech · Jul 5, 2014 · Jul 5, 2014 · Jul 5, 2014 · Jul 5, 2014
commit 38608152432778108df9833e8f0bca6c78c733dd
diff --git a/.../SecurityBundle/Tests/Functional/Bundle/LoginManagerBundle/Controller/LoginController.php b/.../SecurityBundle/Tests/Functional/Bundle/LoginManagerBundle/Controller/LoginController.php
@@ -13,13 +13,12 @@
 
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\DependencyInjection\ContainerAware;
-use Symfony\Component\Security\Core\User\User;
 
 class LoginController extends ContainerAware
 {
     public function loginAction()
     {
-        $user = new User('norzechowicz', 'password123');
+        $user = $this->container->get('security.user.provider.concrete.in_memory')->loadUserByUsername('norzechowicz');
         $this->container->get('security.login_manager')->loginUser('secured_area', $user);
 
         return new Response();

diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LoginManagerTestCase.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LoginManagerTestCase.php
@@ -19,7 +19,14 @@ class LoginManagerTestCase extends WebTestCase
     public function testLoginUserInController()
     {
         $client = $this->createClient(array('test_case' => 'LoginManager'));
-        $client->insulate();
+
+        // Avoid to follow redirects. If we follow this redirect, the user
+        // will be logged in automatically
+        $client->setMaxRedirects(-1);
+        $client->request('GET', '/secured/index');
+        $this->assertRedirect($client->getResponse(), '/login');
+
+        // Access to '/login' route to login the user automatically
         $client->request('GET', '/login');
         $client->request('GET', '/secured/index');
         $this->assertEquals('Secured area', $client->getResponse()->getContent());

diff --git a/src/Symfony/Component/Security/Http/Login/LoginManager.php b/src/Symfony/Component/Security/Http/Login/LoginManager.php
@@ -19,6 +19,7 @@
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Http\RememberMe\RememberMeServicesResolverInterface;
 use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
 
 class LoginManager
 {
@@ -70,9 +71,14 @@ public function __construct(SecurityContextInterface $securityContext, UserCheck
      */
     public function loginUser($firewallName, UserInterface $user, Response $response = null)
     {
+        $this->userChecker->checkPreAuth($user);
         $this->userChecker->checkPostAuth($user);
         $token = $this->createToken($firewallName, $user);
 
+        if (!$token->isAuthenticated()) {
+            throw new AuthenticationException("Unauthenticated token");
+        }
+
         $request = $this->requestStack->getMasterRequest();
         if (null !== $request) {
             $this->sessionAuthenticationStrategy->onAuthentication($request, $token);

diff --git a/src/Symfony/Component/Security/Http/Tests/Login/LoginManagerTest.php b/src/Symfony/Component/Security/Http/Tests/Login/LoginManagerTest.php
@@ -63,7 +63,7 @@ public function setUp()
     public function testLoginWithoutRequest()
     {
         $loginManager = $this->createLoginManager();
-        $user = new User('norzechowicz', 'password123');
+        $user = new User('norzechowicz', 'password123', array('ROLE_USER'));
 
         $this->userChecker->expects($this->once())
             ->method('checkPostAuth')
@@ -83,7 +83,7 @@ public function testLoginWithoutRequest()
     public function testLoginWithRequest()
     {
         $loginManager = $this->createLoginManager();
-        $user = new User('norzechowicz', 'password123');
+        $user = new User('norzechowicz', 'password123', array('ROLE_USER'));
 
         $this->userChecker->expects($this->once())
             ->method('checkPostAuth')
@@ -110,7 +110,7 @@ public function testLoginWithRequest()
     public function testLoginWithRequestResponseAndRememberMeServices()
     {
         $loginManager = $this->createLoginManager();
-        $user = new User('norzechowicz', 'password123');
+        $user = new User('norzechowicz', 'password123', array('ROLE_USER'));
 
         $this->userChecker->expects($this->once())
             ->method('checkPostAuth')
@@ -144,6 +144,17 @@ public function testLoginWithRequestResponseAndRememberMeServices()
         $loginManager->loginUser(self::FIREWALL_NAME, $user, Response::create());
     }
 
+    /**
+     * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
+     */
+    public function testLoginShouldFailWithoutAuthenticatedToken()
+    {
+        $loginManager = $this->createLoginManager();
+        $user = new User('norzechowicz', 'password123');
+
+        $loginManager->loginUser(self::FIREWALL_NAME, $user);
+    }
+
     /**
      * @return LoginManager
      */