0

I want to prepare simple function test in PHPUnit for my symfony 2 project: authenticate user and display some page without redirecting to login form. I use LDAP user provider (IMAG\LdapBundle\Provider\LdapUserProvider). My firewalls configuration in security.yml:

firewalls:
    secured_area:
        pattern: ^/
        provider: ldap
        imag_ldap:
            login_path:   /login
        logout:
            path:   /logout
            target: /

In my test controller I have following methods:

protected function createClientWithAuthentication($firewallName, array $options = array(), array $server = array())
{
    $client = $this->createClient($options, $server);
    $client->getCookieJar()->set(new \Symfony\Component\BrowserKit\Cookie(session_name(), true));
    $user = $this->getCurrentUser($client);
    $token = new UsernamePasswordToken($user, null, $firewallName, $user->getRoles());
    $client->getContainer()->get('session')->set('_security_' . $firewallName, serialize($token));
    return $client;
}

protected function getCurrentUser($client) {
    $userProvider = $client->getContainer()->get('imag_ldap.security.user.provider');
    $user = $userProvider->loadUserByUsername('my.login');
    return $user;
}

Then I have simple test:

public function testProfile()
{
    $c = $this->createClientWithAuthentication('secured_area');
    $c->request('GET', '/profile');
    $this->assertEquals($c->getResponse()->getStatusCode(), 200);
}

Test fails:

Failed asserting that 200 matches expected 302.

I digged it and I found out that I receive complete user from user provider (all fields are properly filled). But response is redirecting to localhost/login page.

Please tell me what else I can test... where is the place where decision is made if login page should (or not) be displayed?

Paweł Buczkowski
  • 49
  • 5
  • have a look at this question for disabling the firewall while testing: http://stackoverflow.com/questions/11675495/disable-security-firewall-in-test-environment-on-symfony2 – Joshua Sep 09 '15 at 09:32
  • another idea if you need authentication: use `http_basic` authentication in your `dev` firewall which is easier to fill in: http://symfony.com/doc/current/cookbook/testing/http_authentication.html – Joshua Sep 09 '15 at 09:34

1 Answers1

1

I have WebTestCase base class that creates a authorized client. You can adapt it to your purpose ...

class BaseWebTestCase extends WebTestCase{

    protected $client;

    protected function setUp(){
        $this->client=$this->createAuthorizedClient();
    }

    /**
     * @return \Symfony\Bundle\FrameworkBundle\Client
     */
    protected function createAuthorizedClient()
    {
        $client = static::createClient();
        $container = $client->getContainer();

        /** @var Person $user */
        $user=$container->get("netnotes.cust.person")->getRepository()->getSuperAdmin();


        $session = $container->get('session');
        /** @var $userManager \FOS\UserBundle\Doctrine\UserManager */
        $userManager = $container->get('fos_user.user_manager');

        /** @var $loginManager \FOS\UserBundle\Security\LoginManager */
        $loginManager = $container->get('fos_user.security.login_manager');
        $firewallName = $container->getParameter('fos_user.firewall_name');


        $user = $userManager->findUserBy(array('username' => $user->getUsername()));
        $loginManager->loginUser($firewallName, $user);

        // save the login token into the session and put it in a cookie
        $container->get('session')->set('_security_' . $firewallName,
            serialize($container->get('security.context')->getToken()));
        $container->get('session')->save();
        $client->getCookieJar()->set(new Cookie($session->getName(), $session->getId()));

        return $client;
    }


}
David Marko
  • 2,477
  • 3
  • 27
  • 58