annotate core/modules/rest/tests/src/Functional/BasicAuthResourceTestTrait.php @ 19:fa3358dc1485 tip

Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents 129ea1e6d783
children
rev   line source
Chris@0 1 <?php
Chris@0 2
Chris@0 3 namespace Drupal\Tests\rest\Functional;
Chris@0 4
Chris@0 5 use Drupal\Core\Url;
Chris@0 6 use Psr\Http\Message\ResponseInterface;
Chris@0 7
Chris@0 8 /**
Chris@0 9 * Trait for ResourceTestBase subclasses testing $auth=basic_auth.
Chris@0 10 *
Chris@0 11 * Characteristics:
Chris@0 12 * - Every request must send an Authorization header.
Chris@0 13 * - When accessing a URI that requires authentication without being
Chris@0 14 * authenticated, a 401 response must be sent.
Chris@0 15 * - Because every request must send an authorization, there is no danger of
Chris@0 16 * CSRF attacks.
Chris@0 17 */
Chris@0 18 trait BasicAuthResourceTestTrait {
Chris@0 19
Chris@0 20 /**
Chris@0 21 * {@inheritdoc}
Chris@0 22 */
Chris@0 23 protected function getAuthenticationRequestOptions($method) {
Chris@0 24 return [
Chris@0 25 'headers' => [
Chris@0 26 'Authorization' => 'Basic ' . base64_encode($this->account->name->value . ':' . $this->account->passRaw),
Chris@0 27 ],
Chris@0 28 ];
Chris@0 29 }
Chris@0 30
Chris@0 31 /**
Chris@0 32 * {@inheritdoc}
Chris@0 33 */
Chris@14 34 protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
Chris@17 35 if ($method !== 'GET') {
Chris@17 36 return $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response);
Chris@17 37 }
Chris@17 38
Chris@14 39 $expected_page_cache_header_value = $method === 'GET' ? 'MISS' : FALSE;
Chris@17 40 $expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
Chris@17 41 ->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE))
Chris@17 42 // @see \Drupal\basic_auth\Authentication\Provider\BasicAuth::challengeException()
Chris@17 43 ->addCacheableDependency($this->config('system.site'))
Chris@17 44 // @see \Drupal\Core\EventSubscriber\AnonymousUserResponseSubscriber::onRespond()
Chris@17 45 ->addCacheTags(['config:user.role.anonymous']);
Chris@17 46 // Only add the 'user.roles:anonymous' cache context if its parent cache
Chris@17 47 // context is not already present.
Chris@17 48 if (!in_array('user.roles', $expected_cacheability->getCacheContexts(), TRUE)) {
Chris@17 49 $expected_cacheability->addCacheContexts(['user.roles:anonymous']);
Chris@17 50 }
Chris@17 51 $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response, $expected_cacheability->getCacheTags(), $expected_cacheability->getCacheContexts(), $expected_page_cache_header_value, FALSE);
Chris@0 52 }
Chris@0 53
Chris@0 54 /**
Chris@0 55 * {@inheritdoc}
Chris@0 56 */
Chris@12 57 protected function assertAuthenticationEdgeCases($method, Url $url, array $request_options) {
Chris@12 58 }
Chris@0 59
Chris@0 60 }