minor #37267 [SecurityBundle] Run functional tests for the authentica…

…tor system (wouterj) This PR was merged into the 5.1 branch. Discussion ---------- [SecurityBundle] Run functional tests for the authenticator system | Q | A | ------------- | --- | Branch? | 5.1 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - <s>Includes #37261 until it's merged.</s> This runs all relevant functional tests in the security bundle for both the traditional and the authenticator system. This will hopefully avoid breaking more code in further releases. deps=high builds will be green once this has been merged up into master. --- During the functional tests, some inconsistencies were fixed. Three tests revealed larger inconsistencies that couldn't be fixed easily. These are not run for the new system as of now, we need to investigate further how to proceed with them. I'll create a separate issue/discussion for these: * `Symfony\Bundle\SecurityBundle\Tests\Functional\FirewallEntryPointTest::testItUsesTheConfiguredEntryPointWhenUsingUnknownCredentials` * `Symfony\Bundle\SecurityBundle\Tests\Functional\CsrfFormLoginTest::testFormLoginWithInvalidCsrfToken` * `Symfony\Bundle\SecurityBundle\Tests\Functional\SecurityRoutingIntegrationTest::testSecurityConfigurationForExpression` Commits ------- 49639ca [Security] Run functional tests also for the authenticator system
symfony · Jun 13, 2020 · a89cc6b · a89cc6b
2 parents 080eef0 + 49639ca
commit a89cc6b
Show file tree

Hide file tree

Showing 34 changed files with 337 additions and 174 deletions.
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AbstractWebTestCase.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AbstractWebTestCase.php
@@ -33,6 +33,12 @@ public static function tearDownAfterClass(): void
         static::deleteTmpDir();
     }
 
+    public function provideSecuritySystems()
+    {
+        yield [['enable_authenticator_manager' => true]];
+        yield [['enable_authenticator_manager' => false]];
+    }
+
     protected static function deleteTmpDir()
     {
         if (!file_exists($dir = sys_get_temp_dir().'/'.static::getVarDir())) {
@@ -61,9 +67,10 @@ protected static function createKernel(array $options = []): KernelInterface
         return new $class(
             static::getVarDir(),
             $options['test_case'],
-            isset($options['root_config']) ? $options['root_config'] : 'config.yml',
-            isset($options['environment']) ? $options['environment'] : strtolower(static::getVarDir().$options['test_case']),
-            isset($options['debug']) ? $options['debug'] : false
+            $options['root_config'] ?? 'config.yml',
+            $options['environment'] ?? strtolower(static::getVarDir().$options['test_case']),
+            $options['debug'] ?? false,
+            $options['enable_authenticator_manager'] ?? false
         );
     }
 

diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticationCommencingTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticationCommencingTest.php
@@ -13,11 +13,20 @@
 
 class AuthenticationCommencingTest extends AbstractWebTestCase
 {
-    public function testAuthenticationIsCommencingIfAccessDeniedExceptionIsWrapped()
+    /**
+     * @dataProvider provideClientOptions
+     */
+    public function testAuthenticationIsCommencingIfAccessDeniedExceptionIsWrapped(array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'config.yml']);
+        $client = $this->createClient($options);
 
         $client->request('GET', '/secure-but-not-covered-by-access-control');
         $this->assertRedirect($client->getResponse(), '/login');
     }
+
+    public function provideClientOptions()
+    {
+        yield [['test_case' => 'StandardFormLogin', 'root_config' => 'config.yml', 'enable_authenticator_manager' => true]];
+        yield [['test_case' => 'StandardFormLogin', 'root_config' => 'legacy_config.yml', 'enable_authenticator_manager' => false]];
+    }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/ClearRememberMeTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/ClearRememberMeTest.php
@@ -19,9 +19,12 @@
 
 class ClearRememberMeTest extends AbstractWebTestCase
 {
-    public function testUserChangeClearsCookie()
+    /**
+     * @dataProvider provideClientOptions
+     */
+    public function testUserChangeClearsCookie(array $options)
     {
-        $client = $this->createClient(['test_case' => 'ClearRememberMe', 'root_config' => 'config.yml']);
+        $client = $this->createClient($options);
 
         $client->request('POST', '/login', [
             '_username' => 'johannes',
@@ -36,6 +39,12 @@ public function testUserChangeClearsCookie()
         $this->assertRedirect($client->getResponse(), '/login');
         $this->assertNull($cookieJar->get('REMEMBERME'));
     }
+
+    public function provideClientOptions()
+    {
+        yield [['test_case' => 'ClearRememberMe', 'root_config' => 'config.yml', 'enable_authenticator_manager' => true]];
+        yield [['test_case' => 'ClearRememberMe', 'root_config' => 'legacy_config.yml', 'enable_authenticator_manager' => false]];
+    }
 }
 
 class RememberMeFooController

diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/CsrfFormLoginTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/CsrfFormLoginTest.php
@@ -14,11 +14,11 @@
 class CsrfFormLoginTest extends AbstractWebTestCase
 {
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLoginAndLogoutWithCsrfTokens($config)
+    public function testFormLoginAndLogoutWithCsrfTokens($options)
     {
-        $client = $this->createClient(['test_case' => 'CsrfFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $form = $client->request('GET', '/login')->selectButton('login')->form();
         $form['user_login[username]'] = 'johannes';
@@ -44,13 +44,17 @@ public function testFormLoginAndLogoutWithCsrfTokens($config)
     }
 
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLoginWithInvalidCsrfToken($config)
+    public function testFormLoginWithInvalidCsrfToken($options)
     {
-        $client = $this->createClient(['test_case' => 'CsrfFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $form = $client->request('GET', '/login')->selectButton('login')->form();
+        if ($options['enable_authenticator_manager'] ?? false) {
+            $form['user_login[username]'] = 'johannes';
+            $form['user_login[password]'] = 'test';
+        }
         $form['user_login[_token]'] = '';
         $client->submit($form);
 
@@ -61,11 +65,11 @@ public function testFormLoginWithInvalidCsrfToken($config)
     }
 
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLoginWithCustomTargetPath($config)
+    public function testFormLoginWithCustomTargetPath($options)
     {
-        $client = $this->createClient(['test_case' => 'CsrfFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $form = $client->request('GET', '/login')->selectButton('login')->form();
         $form['user_login[username]'] = 'johannes';
@@ -81,11 +85,11 @@ public function testFormLoginWithCustomTargetPath($config)
     }
 
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLoginRedirectsToProtectedResourceAfterLogin($config)
+    public function testFormLoginRedirectsToProtectedResourceAfterLogin($options)
     {
-        $client = $this->createClient(['test_case' => 'CsrfFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $client->request('GET', '/protected-resource');
         $this->assertRedirect($client->getResponse(), '/login');
@@ -101,11 +105,11 @@ public function testFormLoginRedirectsToProtectedResourceAfterLogin($config)
         $this->assertStringContainsString('You\'re browsing to path "/protected-resource".', $text);
     }
 
-    public function getConfigs()
+    public function provideClientOptions()
     {
-        return [
-            ['config.yml'],
-            ['routes_as_path.yml'],
-        ];
+        yield [['test_case' => 'CsrfFormLogin', 'root_config' => 'config.yml', 'enable_authenticator_manager' => true]];
+        yield [['test_case' => 'CsrfFormLogin', 'root_config' => 'legacy_config.yml', 'enable_authenticator_manager' => false]];
+        yield [['test_case' => 'CsrfFormLogin', 'root_config' => 'routes_as_path.yml', 'enable_authenticator_manager' => true]];
+        yield [['test_case' => 'CsrfFormLogin', 'root_config' => 'legacy_routes_as_path.yml', 'enable_authenticator_manager' => false]];
     }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/FirewallEntryPointTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/FirewallEntryPointTest.php
@@ -31,9 +31,12 @@ public function testItUsesTheConfiguredEntryPointWhenUsingUnknownCredentials()
         );
     }
 
-    public function testItUsesTheConfiguredEntryPointFromTheExceptionListenerWithFormLoginAndNoCredentials()
+    /**
+     * @dataProvider provideSecuritySystems
+     */
+    public function testItUsesTheConfiguredEntryPointFromTheExceptionListenerWithFormLoginAndNoCredentials(array $options)
     {
-        $client = $this->createClient(['test_case' => 'FirewallEntryPoint', 'root_config' => 'config_form_login.yml']);
+        $client = $this->createClient($options + ['test_case' => 'FirewallEntryPoint', 'root_config' => 'config_form_login.yml']);
 
         $client->request('GET', '/secure/resource');
 

diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/FormLoginTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/FormLoginTest.php
@@ -14,11 +14,11 @@
 class FormLoginTest extends AbstractWebTestCase
 {
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLogin($config)
+    public function testFormLogin(array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $form = $client->request('GET', '/login')->selectButton('login')->form();
         $form['_username'] = 'johannes';
@@ -33,11 +33,11 @@ public function testFormLogin($config)
     }
 
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLogout($config)
+    public function testFormLogout(array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $form = $client->request('GET', '/login')->selectButton('login')->form();
         $form['_username'] = 'johannes';
@@ -66,11 +66,11 @@ public function testFormLogout($config)
     }
 
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLoginWithCustomTargetPath($config)
+    public function testFormLoginWithCustomTargetPath(array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $form = $client->request('GET', '/login')->selectButton('login')->form();
         $form['_username'] = 'johannes';
@@ -86,11 +86,11 @@ public function testFormLoginWithCustomTargetPath($config)
     }
 
     /**
-     * @dataProvider getConfigs
+     * @dataProvider provideClientOptions
      */
-    public function testFormLoginRedirectsToProtectedResourceAfterLogin($config)
+    public function testFormLoginRedirectsToProtectedResourceAfterLogin(array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => $config]);
+        $client = $this->createClient($options);
 
         $client->request('GET', '/protected_resource');
         $this->assertRedirect($client->getResponse(), '/login');
@@ -106,11 +106,11 @@ public function testFormLoginRedirectsToProtectedResourceAfterLogin($config)
         $this->assertStringContainsString('You\'re browsing to path "/protected_resource".', $text);
     }
 
-    public function getConfigs()
+    public function provideClientOptions()
     {
-        return [
-            ['config.yml'],
-            ['routes_as_path.yml'],
-        ];
+        yield [['test_case' => 'StandardFormLogin', 'root_config' => 'config.yml', 'enable_authenticator_manager' => true]];
+        yield [['test_case' => 'StandardFormLogin', 'root_config' => 'legacy_config.yml', 'enable_authenticator_manager' => false]];
+        yield [['test_case' => 'StandardFormLogin', 'root_config' => 'routes_as_path.yml', 'enable_authenticator_manager' => true]];
+        yield [['test_case' => 'StandardFormLogin', 'root_config' => 'legacy_routes_as_path.yml', 'enable_authenticator_manager' => false]];
     }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/JsonLoginTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/JsonLoginTest.php
@@ -18,9 +18,12 @@
  */
 class JsonLoginTest extends AbstractWebTestCase
 {
-    public function testDefaultJsonLoginSuccess()
+    /**
+     * @dataProvider provideSecuritySystems
+     */
+    public function testDefaultJsonLoginSuccess(array $options)
     {
-        $client = $this->createClient(['test_case' => 'JsonLogin', 'root_config' => 'config.yml']);
+        $client = $this->createClient($options + ['test_case' => 'JsonLogin', 'root_config' => 'config.yml']);
         $client->request('POST', '/chk', [], [], ['CONTENT_TYPE' => 'application/json'], '{"user": {"login": "dunglas", "password": "foo"}}');
         $response = $client->getResponse();
 
@@ -29,9 +32,12 @@ public function testDefaultJsonLoginSuccess()
         $this->assertSame(['message' => 'Welcome @dunglas!'], json_decode($response->getContent(), true));
     }
 
-    public function testDefaultJsonLoginFailure()
+    /**
+     * @dataProvider provideSecuritySystems
+     */
+    public function testDefaultJsonLoginFailure(array $options)
     {
-        $client = $this->createClient(['test_case' => 'JsonLogin', 'root_config' => 'config.yml']);
+        $client = $this->createClient($options + ['test_case' => 'JsonLogin', 'root_config' => 'config.yml']);
         $client->request('POST', '/chk', [], [], ['CONTENT_TYPE' => 'application/json'], '{"user": {"login": "dunglas", "password": "bad"}}');
         $response = $client->getResponse();
 
@@ -40,9 +46,12 @@ public function testDefaultJsonLoginFailure()
         $this->assertSame(['error' => 'Invalid credentials.'], json_decode($response->getContent(), true));
     }
 
-    public function testCustomJsonLoginSuccess()
+    /**
+     * @dataProvider provideSecuritySystems
+     */
+    public function testCustomJsonLoginSuccess(array $options)
     {
-        $client = $this->createClient(['test_case' => 'JsonLogin', 'root_config' => 'custom_handlers.yml']);
+        $client = $this->createClient($options + ['test_case' => 'JsonLogin', 'root_config' => 'custom_handlers.yml']);
         $client->request('POST', '/chk', [], [], ['CONTENT_TYPE' => 'application/json'], '{"user": {"login": "dunglas", "password": "foo"}}');
         $response = $client->getResponse();
 
@@ -51,9 +60,12 @@ public function testCustomJsonLoginSuccess()
         $this->assertSame(['message' => 'Good game @dunglas!'], json_decode($response->getContent(), true));
     }
 
-    public function testCustomJsonLoginFailure()
+    /**
+     * @dataProvider provideSecuritySystems
+     */
+    public function testCustomJsonLoginFailure(array $options)
     {
-        $client = $this->createClient(['test_case' => 'JsonLogin', 'root_config' => 'custom_handlers.yml']);
+        $client = $this->createClient($options + ['test_case' => 'JsonLogin', 'root_config' => 'custom_handlers.yml']);
         $client->request('POST', '/chk', [], [], ['CONTENT_TYPE' => 'application/json'], '{"user": {"login": "dunglas", "password": "bad"}}');
         $response = $client->getResponse();
 
@@ -62,9 +74,12 @@ public function testCustomJsonLoginFailure()
         $this->assertSame(['message' => 'Something went wrong'], json_decode($response->getContent(), true));
     }
 
-    public function testDefaultJsonLoginBadRequest()
+    /**
+     * @dataProvider provideSecuritySystems
+     */
+    public function testDefaultJsonLoginBadRequest(array $options)
     {
-        $client = $this->createClient(['test_case' => 'JsonLogin', 'root_config' => 'config.yml']);
+        $client = $this->createClient($options + ['test_case' => 'JsonLogin', 'root_config' => 'config.yml']);
         $client->request('POST', '/chk', [], [], ['CONTENT_TYPE' => 'application/json'], 'Not a json content');
         $response = $client->getResponse();
 

diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LocalizedRoutesAsPathTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LocalizedRoutesAsPathTest.php
@@ -14,11 +14,11 @@
 class LocalizedRoutesAsPathTest extends AbstractWebTestCase
 {
     /**
-     * @dataProvider getLocales
+     * @dataProvider getLocalesAndClientConfig
      */
-    public function testLoginLogoutProcedure($locale)
+    public function testLoginLogoutProcedure($locale, array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'localized_routes.yml']);
+        $client = $this->createClient(['test_case' => 'StandardFormLogin'] + $options);
 
         $crawler = $client->request('GET', '/'.$locale.'/login');
         $form = $crawler->selectButton('login')->form();
@@ -36,11 +36,11 @@ public function testLoginLogoutProcedure($locale)
 
     /**
      * @group issue-32995
-     * @dataProvider getLocales
+     * @dataProvider getLocalesAndClientConfig
      */
-    public function testLoginFailureWithLocalizedFailurePath($locale)
+    public function testLoginFailureWithLocalizedFailurePath($locale, array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'localized_form_failure_handler.yml']);
+        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => ($options['enable_authenticator_manager'] ? '' : 'legacy_').'localized_form_failure_handler.yml'] + $options);
 
         $crawler = $client->request('GET', '/'.$locale.'/login');
         $form = $crawler->selectButton('login')->form();
@@ -52,29 +52,32 @@ public function testLoginFailureWithLocalizedFailurePath($locale)
     }
 
     /**
-     * @dataProvider getLocales
+     * @dataProvider getLocalesAndClientConfig
      */
-    public function testAccessRestrictedResource($locale)
+    public function testAccessRestrictedResource($locale, array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'localized_routes.yml']);
+        $client = $this->createClient(['test_case' => 'StandardFormLogin'] + $options);
 
         $client->request('GET', '/'.$locale.'/secure/');
         $this->assertRedirect($client->getResponse(), '/'.$locale.'/login');
     }
 
     /**
-     * @dataProvider getLocales
+     * @dataProvider getLocalesAndClientConfig
      */
-    public function testAccessRestrictedResourceWithForward($locale)
+    public function testAccessRestrictedResourceWithForward($locale, array $options)
     {
-        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'localized_routes_with_forward.yml']);
+        $client = $this->createClient(['test_case' => 'StandardFormLogin', 'root_config' => 'localized_routes_with_forward.yml'] + $options);
 
         $crawler = $client->request('GET', '/'.$locale.'/secure/');
         $this->assertCount(1, $crawler->selectButton('login'), (string) $client->getResponse());
     }
 
-    public function getLocales()
+    public function getLocalesAndClientConfig()
     {
-        return [['en'], ['de']];
+        yield ['en', ['enable_authenticator_manager' => true, 'root_config' => 'localized_routes.yml']];
+        yield ['en', ['enable_authenticator_manager' => false, 'root_config' => 'legacy_localized_routes.yml']];
+        yield ['de', ['enable_authenticator_manager' => true, 'root_config' => 'localized_routes.yml']];
+        yield ['de', ['enable_authenticator_manager' => false, 'root_config' => 'legacy_localized_routes.yml']];
     }
 }