Skip to content

[FrameworkBundle] Add login() and logout() to WebTestCase #35644

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Pierstoval wants to merge 1 commit into from
Closed

[FrameworkBundle] Add login() and logout() to WebTestCase #35644

Pierstoval wants to merge 1 commit into from

Conversation

@Pierstoval
Copy link
Contributor

@Pierstoval Pierstoval commented Feb 7, 2020
edited by nicolas-grekas
Loading

Q A
Branch? master
Bug fix? no
New feature? yes
Deprecations? no
Tickets #26839
License MIT
Doc PR TODO (will do)

Followup of #28065

As a side-note, the two added protected methods are supposed to be overriden by the developer if needed.

getLoginToken() might be overriden if the user wants to use a token different than the UsernamePasswordToken, like a PostAuthenticationGuardToken or any other kind of token that is available in its security config (like Oauth, SymfonyConnect, etc.). Someone might also use a PreAuthenticatedToken and use the AuthenticationManager to ->authenticate() it and retrieve the result.

authenticateToken() might be overriden in cases where setting a cookie has no effect, like when authentication is stateless or based on internal systems (when creating JWT tokens and use internal secrets to do so, or other cases I can't imagine).

The login() method returns the TokenInterface in case the user might need it for further use, such as directly retrieving the logged in User object for instance, in order to make more assertions if the current functional tests is doing actions on the User.

@nicolas-grekas nicolas-grekas added this to the next milestone Feb 7, 2020
@nicolas-grekas nicolas-grekas changed the title Add login and logout to WebTestCase [FrameworkBundle] Add login() and logout() to WebTestCase Feb 7, 2020
@nicolas-grekas nicolas-grekas mentioned this pull request Feb 7, 2020
Closed
@sstok
Copy link
Contributor

sstok commented Feb 8, 2020

Does this require the login_form authenticator is enabled in the firewall?

Given that the Guards are more recommended now a days, would it be easier to pass in a Request instance instead. And let guards handle the actual authentication? Or alternatively provide another method like loginWithGuard?

@Pierstoval
Copy link
Contributor Author

Pierstoval commented Feb 8, 2020

form_login is not necessary, since only a token is used. Actually, the only thing that is required is an authentication method compatible with the UsernamePasswordToken, which most listeners support already, and for other methods, the test case methods can be overriden

Pierstoval
Pierstoval commented Feb 9, 2020
View reviewed changes
src/Symfony/Bundle/FrameworkBundle/Test/WebTestCase.php
{
$config = sprintf('security.firewall.map.config.%s', $firewallName);

if (!$browser->getContainer()->has($config)) {
Copy link
Contributor Author

@Pierstoval Pierstoval Feb 9, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just tried it and this will always return false, since the security.firewall.map.config.* services are private.

I have a question: is there a way to make the $browser->getContainer() return the same container as static::$container so we can retrieve private services? I don't know the impact in performances or anything since I don't really understand how it is managed internally. @nicolas-grekas, any idea?

This would be transparent for the end user, and still make sure that anyone could retrieve any service from the client when the container is an instance of the TestContainer (and of course, there will be an additionnal check here)

Pierstoval added a commit to Orbitale/Compotes that referenced this pull request Feb 9, 2020
@Pierstoval
Add BrowserLoginTrait based on symfony/symfony#35644
e0eeae0
@fabpot
Copy link
Member

fabpot commented Mar 9, 2020

Closing in favor of #35997

@fabpot fabpot closed this Mar 9, 2020
@Pierstoval Pierstoval deleted the simplify-testing-protected-resources branch April 19, 2020 13:16
@nicolas-grekas nicolas-grekas modified the milestones: next, 5.1 May 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Yohann76 Yohann76 Yohann76 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Feature Status: Reviewed

Projects

None yet

Milestone

5.1

Development

Successfully merging this pull request may close these issues.

6 participants

@Pierstoval @sstok @fabpot @Yohann76 @nicolas-grekas @carsonbot