Fix tests
This commit is contained in:
parent
cc7409502a
commit
d1a0342e1e
@ -109,10 +109,9 @@ class FormLoginTest extends AbstractWebTestCase
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @dataProvider provideInvalidCredentials
|
|
||||||
* @group time-sensitive
|
* @group time-sensitive
|
||||||
*/
|
*/
|
||||||
public function testLoginThrottling(string $username, string $password, int $attemptIndex)
|
public function testLoginThrottling()
|
||||||
{
|
{
|
||||||
if (!class_exists(LoginThrottlingListener::class)) {
|
if (!class_exists(LoginThrottlingListener::class)) {
|
||||||
$this->markTestSkipped('Login throttling requires symfony/security-http:^5.2');
|
$this->markTestSkipped('Login throttling requires symfony/security-http:^5.2');
|
||||||
@ -120,33 +119,38 @@ class FormLoginTest extends AbstractWebTestCase
|
|||||||
|
|
||||||
$client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'login_throttling.yml', 'enable_authenticator_manager' => true]);
|
$client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'login_throttling.yml', 'enable_authenticator_manager' => true]);
|
||||||
|
|
||||||
|
$attempts = [
|
||||||
|
['johannes', 'wrong'],
|
||||||
|
['johannes', 'also_wrong'],
|
||||||
|
['wrong', 'wrong'],
|
||||||
|
['johannes', 'wrong_again'],
|
||||||
|
];
|
||||||
|
foreach ($attempts as $i => $attempt) {
|
||||||
$form = $client->request('GET', '/login')->selectButton('login')->form();
|
$form = $client->request('GET', '/login')->selectButton('login')->form();
|
||||||
$form['_username'] = $username;
|
$form['_username'] = $attempt[0];
|
||||||
$form['_password'] = $password;
|
$form['_password'] = $attempt[1];
|
||||||
$client->submit($form);
|
$client->submit($form);
|
||||||
|
|
||||||
$text = $client->followRedirect()->text(null, true);
|
$text = $client->followRedirect()->text(null, true);
|
||||||
if (1 === $attemptIndex) {
|
switch ($i) {
|
||||||
// First attempt : Invalid credentials (OK)
|
case 0: // First attempt : Invalid credentials (OK)
|
||||||
$this->assertStringMatchesFormat('%sInvalid credentials%s', $text);
|
$this->assertStringContainsString('Invalid credentials', $text, 'Invalid response on 1st attempt');
|
||||||
} elseif (2 === $attemptIndex) {
|
|
||||||
// Second attempt : login throttling !
|
|
||||||
$this->assertStringMatchesFormat('%sToo many failed login attempts, please try again in 8 minutes%s', $text);
|
|
||||||
} elseif (3 === $attemptIndex) {
|
|
||||||
// Third attempt with unexisting username
|
|
||||||
$this->assertStringMatchesFormat('%sUsername could not be found.%s', $text);
|
|
||||||
} elseif (4 === $attemptIndex) {
|
|
||||||
// Fourth attempt : still login throttling !
|
|
||||||
$this->assertStringMatchesFormat('%sToo many failed login attempts, please try again in 8 minutes%s', $text);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public function provideInvalidCredentials()
|
break;
|
||||||
{
|
case 1: // Second attempt : login throttling !
|
||||||
yield 'invalid_password' => ['johannes', 'wrong', 1];
|
$this->assertStringContainsString('Too many failed login attempts, please try again in 8 minutes.', $text, 'Invalid response on 2nd attempt');
|
||||||
yield 'invalid_password_again' => ['johannes', 'also_wrong', 2];
|
|
||||||
yield 'invalid_username' => ['wrong', 'wrong', 3];
|
break;
|
||||||
yield 'invalid_password_again_bis' => ['johannes', 'wrong_again', 4];
|
case 2: // Third attempt with unexisting username
|
||||||
|
$this->assertStringContainsString('Username could not be found.', $text, 'Invalid response on 3rd attempt');
|
||||||
|
|
||||||
|
break;
|
||||||
|
case 3: // Fourth attempt : still login throttling !
|
||||||
|
$this->assertStringContainsString('Too many failed login attempts, please try again in 8 minutes.', $text, 'Invalid response on 4th attempt');
|
||||||
|
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function provideClientOptions()
|
public function provideClientOptions()
|
||||||
|
@ -10,3 +10,4 @@ security:
|
|||||||
default:
|
default:
|
||||||
login_throttling:
|
login_throttling:
|
||||||
max_attempts: 1
|
max_attempts: 1
|
||||||
|
interval: '8 minutes'
|
||||||
|
Reference in New Issue
Block a user