2011-01-25 19:28:26 +00:00
|
|
|
<?php
|
|
|
|
|
2011-05-31 09:57:06 +01:00
|
|
|
/*
|
|
|
|
* This file is part of the Symfony framework.
|
|
|
|
*
|
|
|
|
* (c) Fabien Potencier <fabien@symfony.com>
|
|
|
|
*
|
|
|
|
* This source file is subject to the MIT license that is bundled
|
|
|
|
* with this source code in the file LICENSE.
|
|
|
|
*/
|
|
|
|
|
2011-01-26 20:34:11 +00:00
|
|
|
namespace Symfony\Tests\Component\Security\Http\RememberMe;
|
2011-01-25 19:28:26 +00:00
|
|
|
|
2011-03-10 20:27:42 +00:00
|
|
|
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
|
|
|
|
|
2011-01-26 20:34:11 +00:00
|
|
|
use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
|
|
|
|
use Symfony\Component\Security\Core\Authentication\Token\Token;
|
|
|
|
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
|
|
|
|
use Symfony\Component\Security\Core\Authentication\RememberMe\PersistentToken;
|
2011-01-25 19:28:26 +00:00
|
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
|
|
use Symfony\Component\HttpFoundation\Response;
|
2011-07-11 21:54:08 +01:00
|
|
|
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
|
2011-01-26 20:34:11 +00:00
|
|
|
use Symfony\Component\Security\Http\RememberMe\TokenBasedRememberMeServices;
|
|
|
|
use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
|
|
|
|
use Symfony\Component\Security\Core\Exception\CookieTheftException;
|
2011-01-25 19:28:26 +00:00
|
|
|
|
|
|
|
class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
|
|
|
|
{
|
|
|
|
public function testAutoLoginReturnsNullWhenNoCookie()
|
|
|
|
{
|
|
|
|
$service = $this->getService(null, array('name' => 'foo'));
|
|
|
|
|
|
|
|
$this->assertNull($service->autoLogin(new Request()));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testAutoLoginThrowsExceptionOnInvalidCookie()
|
|
|
|
{
|
2011-03-10 20:27:42 +00:00
|
|
|
$service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => false, 'remember_me_parameter' => 'foo'));
|
2011-01-25 19:28:26 +00:00
|
|
|
$request = new Request;
|
|
|
|
$request->request->set('foo', 'true');
|
|
|
|
$request->cookies->set('foo', 'foo');
|
|
|
|
|
2011-03-10 20:27:42 +00:00
|
|
|
$this->assertNull($service->autoLogin($request));
|
|
|
|
$this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared());
|
2011-01-25 19:28:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testAutoLoginThrowsExceptionOnNonExistentUser()
|
|
|
|
{
|
|
|
|
$userProvider = $this->getProvider();
|
2011-03-10 20:27:42 +00:00
|
|
|
$service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600));
|
2011-01-25 19:28:26 +00:00
|
|
|
$request = new Request;
|
|
|
|
$request->cookies->set('foo', $this->getCookie('fooclass', 'foouser', time()+3600, 'foopass'));
|
|
|
|
|
|
|
|
$userProvider
|
|
|
|
->expects($this->once())
|
|
|
|
->method('loadUserByUsername')
|
|
|
|
->will($this->throwException(new UsernameNotFoundException('user not found')))
|
|
|
|
;
|
|
|
|
|
2011-03-10 20:27:42 +00:00
|
|
|
$this->assertNull($service->autoLogin($request));
|
|
|
|
$this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared());
|
2011-01-25 19:28:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testAutoLoginDoesNotAcceptCookieWithInvalidHash()
|
|
|
|
{
|
|
|
|
$userProvider = $this->getProvider();
|
2011-03-10 20:27:42 +00:00
|
|
|
$service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600));
|
2011-01-25 19:28:26 +00:00
|
|
|
$request = new Request;
|
|
|
|
$request->cookies->set('foo', base64_encode('class:'.base64_encode('foouser').':123456789:fooHash'));
|
|
|
|
|
2011-03-07 17:17:46 +00:00
|
|
|
$user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
|
2011-01-25 19:28:26 +00:00
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getPassword')
|
|
|
|
->will($this->returnValue('foopass'))
|
|
|
|
;
|
|
|
|
|
|
|
|
$userProvider
|
|
|
|
->expects($this->once())
|
|
|
|
->method('loadUserByUsername')
|
|
|
|
->with($this->equalTo('foouser'))
|
|
|
|
->will($this->returnValue($user))
|
|
|
|
;
|
|
|
|
|
2011-03-10 20:27:42 +00:00
|
|
|
$this->assertNull($service->autoLogin($request));
|
|
|
|
$this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared());
|
2011-01-25 19:28:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testAutoLoginDoesNotAcceptAnExpiredCookie()
|
|
|
|
{
|
|
|
|
$userProvider = $this->getProvider();
|
2011-03-10 20:27:42 +00:00
|
|
|
$service = $this->getService($userProvider, array('name' => 'foo', 'path' => null, 'domain' => null, 'always_remember_me' => true, 'lifetime' => 3600));
|
2011-01-25 19:28:26 +00:00
|
|
|
$request = new Request;
|
|
|
|
$request->cookies->set('foo', $this->getCookie('fooclass', 'foouser', time() - 1, 'foopass'));
|
|
|
|
|
2011-03-07 17:17:46 +00:00
|
|
|
$user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
|
2011-01-25 19:28:26 +00:00
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getPassword')
|
|
|
|
->will($this->returnValue('foopass'))
|
|
|
|
;
|
|
|
|
|
|
|
|
$userProvider
|
|
|
|
->expects($this->once())
|
|
|
|
->method('loadUserByUsername')
|
|
|
|
->with($this->equalTo('foouser'))
|
|
|
|
->will($this->returnValue($user))
|
|
|
|
;
|
|
|
|
|
2011-03-10 20:27:42 +00:00
|
|
|
$this->assertNull($service->autoLogin($request));
|
|
|
|
$this->assertTrue($request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME)->isCleared());
|
2011-01-25 19:28:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testAutoLogin()
|
|
|
|
{
|
2011-03-07 17:17:46 +00:00
|
|
|
$user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
|
2011-01-25 19:28:26 +00:00
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getRoles')
|
|
|
|
->will($this->returnValue(array('ROLE_FOO')))
|
|
|
|
;
|
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getPassword')
|
|
|
|
->will($this->returnValue('foopass'))
|
|
|
|
;
|
|
|
|
|
|
|
|
$userProvider = $this->getProvider();
|
|
|
|
$userProvider
|
|
|
|
->expects($this->once())
|
|
|
|
->method('loadUserByUsername')
|
|
|
|
->with($this->equalTo('foouser'))
|
|
|
|
->will($this->returnValue($user))
|
|
|
|
;
|
|
|
|
|
|
|
|
$service = $this->getService($userProvider, array('name' => 'foo', 'always_remember_me' => true, 'lifetime' => 3600));
|
|
|
|
$request = new Request;
|
|
|
|
$request->cookies->set('foo', $this->getCookie('fooclass', 'foouser', time()+3600, 'foopass'));
|
|
|
|
|
|
|
|
$returnedToken = $service->autoLogin($request);
|
|
|
|
|
2011-01-26 20:34:11 +00:00
|
|
|
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', $returnedToken);
|
2011-01-25 19:28:26 +00:00
|
|
|
$this->assertSame($user, $returnedToken->getUser());
|
|
|
|
$this->assertEquals('fookey', $returnedToken->getKey());
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLogout()
|
|
|
|
{
|
|
|
|
$service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null));
|
|
|
|
$request = new Request();
|
|
|
|
$response = new Response();
|
2011-01-26 20:34:11 +00:00
|
|
|
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
|
2011-01-25 19:28:26 +00:00
|
|
|
|
|
|
|
$service->logout($request, $response, $token);
|
|
|
|
|
2011-03-10 20:27:42 +00:00
|
|
|
$cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME);
|
2011-01-25 19:28:26 +00:00
|
|
|
$this->assertTrue($cookie->isCleared());
|
|
|
|
$this->assertNull($cookie->getPath());
|
|
|
|
$this->assertNull($cookie->getDomain());
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginFail()
|
|
|
|
{
|
|
|
|
$service = $this->getService(null, array('name' => 'foo', 'path' => '/foo', 'domain' => 'foodomain.foo'));
|
|
|
|
$request = new Request();
|
|
|
|
$response = new Response();
|
|
|
|
|
|
|
|
$service->loginFail($request, $response);
|
|
|
|
|
2011-03-10 20:27:42 +00:00
|
|
|
$cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME);
|
2011-01-25 19:28:26 +00:00
|
|
|
$this->assertTrue($cookie->isCleared());
|
|
|
|
$this->assertEquals('/foo', $cookie->getPath());
|
|
|
|
$this->assertEquals('foodomain.foo', $cookie->getDomain());
|
|
|
|
}
|
|
|
|
|
2011-03-07 17:17:46 +00:00
|
|
|
public function testLoginSuccessIgnoresTokensWhichDoNotContainAnUserInterfaceImplementation()
|
2011-01-25 19:28:26 +00:00
|
|
|
{
|
|
|
|
$service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true));
|
|
|
|
$request = new Request;
|
|
|
|
$response = new Response;
|
2011-01-26 20:34:11 +00:00
|
|
|
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
|
2011-01-25 19:28:26 +00:00
|
|
|
$token
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getUser')
|
|
|
|
->will($this->returnValue('foo'))
|
|
|
|
;
|
|
|
|
|
2011-07-11 21:54:08 +01:00
|
|
|
$cookies = $response->headers->getCookies();
|
|
|
|
$this->assertEquals(0, count($cookies));
|
2011-01-25 19:28:26 +00:00
|
|
|
|
|
|
|
$service->loginSuccess($request, $response, $token);
|
|
|
|
|
2011-07-11 21:54:08 +01:00
|
|
|
$cookies = $response->headers->getCookies();
|
|
|
|
$this->assertEquals(0, count($cookies));
|
2011-01-25 19:28:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginSuccess()
|
|
|
|
{
|
|
|
|
$service = $this->getService(null, array('name' => 'foo', 'domain' => 'myfoodomain.foo', 'path' => '/foo/path', 'secure' => true, 'httponly' => true, 'lifetime' => 3600, 'always_remember_me' => true));
|
|
|
|
$request = new Request;
|
|
|
|
$response = new Response;
|
|
|
|
|
2011-01-26 20:34:11 +00:00
|
|
|
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
|
2011-03-07 17:17:46 +00:00
|
|
|
$user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
|
2011-01-25 19:28:26 +00:00
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getPassword')
|
|
|
|
->will($this->returnValue('foopass'))
|
|
|
|
;
|
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getUsername')
|
|
|
|
->will($this->returnValue('foouser'))
|
|
|
|
;
|
|
|
|
$token
|
|
|
|
->expects($this->atLeastOnce())
|
|
|
|
->method('getUser')
|
|
|
|
->will($this->returnValue($user))
|
|
|
|
;
|
|
|
|
|
2011-07-11 21:54:08 +01:00
|
|
|
$cookies = $response->headers->getCookies();
|
|
|
|
$this->assertEquals(0, count($cookies));
|
2011-01-25 19:28:26 +00:00
|
|
|
|
|
|
|
$service->loginSuccess($request, $response, $token);
|
|
|
|
|
2011-07-11 21:54:08 +01:00
|
|
|
$cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
|
|
|
|
$cookie = $cookies['myfoodomain.foo']['/foo/path']['foo'];
|
2011-01-25 19:28:26 +00:00
|
|
|
$this->assertFalse($cookie->isCleared());
|
|
|
|
$this->assertTrue($cookie->isSecure());
|
2011-03-03 13:52:53 +00:00
|
|
|
$this->assertTrue($cookie->isHttpOnly());
|
2011-04-13 19:09:04 +01:00
|
|
|
$this->assertTrue($cookie->getExpiresTime() > time() + 3590 && $cookie->getExpiresTime() < time() + 3610);
|
2011-01-25 19:28:26 +00:00
|
|
|
$this->assertEquals('myfoodomain.foo', $cookie->getDomain());
|
|
|
|
$this->assertEquals('/foo/path', $cookie->getPath());
|
|
|
|
}
|
|
|
|
|
|
|
|
protected function getCookie($class, $username, $expires, $password)
|
|
|
|
{
|
|
|
|
$service = $this->getService();
|
|
|
|
$r = new \ReflectionMethod($service, 'generateCookieValue');
|
|
|
|
$r->setAccessible(true);
|
|
|
|
|
|
|
|
return $r->invoke($service, $class, $username, $expires, $password);
|
|
|
|
}
|
|
|
|
|
|
|
|
protected function encodeCookie(array $parts)
|
|
|
|
{
|
|
|
|
$service = $this->getService();
|
|
|
|
$r = new \ReflectionMethod($service, 'encodeCookie');
|
|
|
|
$r->setAccessible(true);
|
|
|
|
|
|
|
|
return $r->invoke($service, $parts);
|
|
|
|
}
|
|
|
|
|
|
|
|
protected function getService($userProvider = null, $options = array(), $logger = null)
|
|
|
|
{
|
|
|
|
if (null === $userProvider) {
|
|
|
|
$userProvider = $this->getProvider();
|
|
|
|
}
|
|
|
|
|
|
|
|
$service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);
|
|
|
|
|
|
|
|
return $service;
|
|
|
|
}
|
|
|
|
|
|
|
|
protected function getProvider()
|
|
|
|
{
|
2011-01-26 20:34:11 +00:00
|
|
|
$provider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');
|
2011-01-25 19:28:26 +00:00
|
|
|
$provider
|
|
|
|
->expects($this->any())
|
|
|
|
->method('supportsClass')
|
|
|
|
->will($this->returnValue(true))
|
|
|
|
;
|
|
|
|
|
|
|
|
return $provider;
|
|
|
|
}
|
|
|
|
}
|