diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix tests

Browse Source
This commit is contained in:
Wouter de Jong 2021-03-02 14:27:07 +01:00
parent cc7409502a
commit d1a0342e1e
2 changed files with 32 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/Symfony/Bundle/SecurityBundle/Tests/Functional/FormLoginTest.php
View File

@ -109,10 +109,9 @@ class FormLoginTest extends AbstractWebTestCase
} }
/** /**
* @dataProvider provideInvalidCredentials
* @group time-sensitive * @group time-sensitive
*/ */
public function testLoginThrottling(string $username, string $password, int $attemptIndex) public function testLoginThrottling()
{ {
if (!class_exists(LoginThrottlingListener::class)) { if (!class_exists(LoginThrottlingListener::class)) {
$this->markTestSkipped('Login throttling requires symfony/security-http:^5.2'); $this->markTestSkipped('Login throttling requires symfony/security-http:^5.2');
@ -120,33 +119,38 @@ class FormLoginTest extends AbstractWebTestCase
$client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'login_throttling.yml', 'enable_authenticator_manager' => true]); $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'login_throttling.yml', 'enable_authenticator_manager' => true]);
$attempts = [
['johannes', 'wrong'],
['johannes', 'also_wrong'],
['wrong', 'wrong'],
['johannes', 'wrong_again'],
];
foreach ($attempts as $i => $attempt) {
$form = $client->request('GET', '/login')->selectButton('login')->form(); $form = $client->request('GET', '/login')->selectButton('login')->form();
$form['_username'] = $username; $form['_username'] = $attempt[0];
$form['_password'] = $password; $form['_password'] = $attempt[1];
$client->submit($form); $client->submit($form);
$text = $client->followRedirect()->text(null, true); $text = $client->followRedirect()->text(null, true);
if (1 === $attemptIndex) { switch ($i) {
// First attempt : Invalid credentials (OK) case 0: // First attempt : Invalid credentials (OK)
$this->assertStringMatchesFormat('%sInvalid credentials%s', $text); $this->assertStringContainsString('Invalid credentials', $text, 'Invalid response on 1st attempt');
} elseif (2 === $attemptIndex) {
// Second attempt : login throttling !
$this->assertStringMatchesFormat('%sToo many failed login attempts, please try again in 8 minutes%s', $text);
} elseif (3 === $attemptIndex) {
// Third attempt with unexisting username
$this->assertStringMatchesFormat('%sUsername could not be found.%s', $text);
} elseif (4 === $attemptIndex) {
// Fourth attempt : still login throttling !
$this->assertStringMatchesFormat('%sToo many failed login attempts, please try again in 8 minutes%s', $text);
}
}
public function provideInvalidCredentials() break;
{ case 1: // Second attempt : login throttling !
yield 'invalid_password' => ['johannes', 'wrong', 1]; $this->assertStringContainsString('Too many failed login attempts, please try again in 8 minutes.', $text, 'Invalid response on 2nd attempt');
yield 'invalid_password_again' => ['johannes', 'also_wrong', 2];
yield 'invalid_username' => ['wrong', 'wrong', 3]; break;
yield 'invalid_password_again_bis' => ['johannes', 'wrong_again', 4]; case 2: // Third attempt with unexisting username
$this->assertStringContainsString('Username could not be found.', $text, 'Invalid response on 3rd attempt');
break;
case 3: // Fourth attempt : still login throttling !
$this->assertStringContainsString('Too many failed login attempts, please try again in 8 minutes.', $text, 'Invalid response on 4th attempt');
break;
}
}
} }
public function provideClientOptions() public function provideClientOptions()

1
src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/login_throttling.yml
View File

@ -10,3 +10,4 @@ security:
default: default:
login_throttling: login_throttling:
max_attempts: 1 max_attempts: 1
interval: '8 minutes'