You are here

Home » API reference » Bakery Single Sign-On System 8.2

MainSiteCookiesTest.php in Bakery Single Sign-On System 8.2

Namespace

Drupal\Tests\bakery\Functional

File

tests/src/Functional/MainSiteCookiesTest.php
View source 
<?php

namespace Drupal\Tests\bakery\Functional;

use Drupal\bakery\Cookies\ChocolateChip;
use Drupal\Component\Render\FormattableMarkup;
use Drupal\Core\Url;
class MainSiteCookiesTest extends MainSiteTestBase {
  protected $defaultTheme = 'stark';
  public function testLogin() {
    $cookie_name = ChocolateChip::getName();

    // Give me the errors...
    $this
      ->config('system.logging')
      ->set('error_level', 'verbose');
    $account = $this
      ->createUser([
      'access user profiles',
    ]);
    $assert_session = $this
      ->assertSession();

    // Miss-matched username should not log in.
    $this
      ->bakeCookie(new ChocolateChip($account
      ->getAccountName() . 'bad', $account
      ->getEmail(), $account
      ->getInitialEmail(), '1'));
    $this
      ->drupalGet('');
    $assert_session
      ->responseNotContains($account
      ->getAccountName());

    // Miss-matched email shouldn't log in.
    $this
      ->bakeCookie(new ChocolateChip($account
      ->getAccountName(), 'bad' . $account
      ->getEmail(), $account
      ->getInitialEmail(), '1'));
    $this
      ->drupalGet('');
    $assert_session
      ->responseNotContains($account
      ->getAccountName());

    // Even valid cookies don't log a use in.
    $this
      ->bakeCookie(new ChocolateChip($account
      ->getAccountName(), $account
      ->getEmail(), $account
      ->getInitialEmail(), '1'));
    $this
      ->drupalGet('');
    $assert_session
      ->responseNotContains($account
      ->getAccountName());
    $this
      ->eatCookie($cookie_name);
    $this
      ->drupalLogin($account);

    // Username mismatch should kill the session.
    $this
      ->bakeCookie(new ChocolateChip($account
      ->getAccountName() . 'bad', $account
      ->getEmail(), $account
      ->getInitialEmail(), '1'));
    $this
      ->drupalGet('');
    $assert_session
      ->responseNotContains($account
      ->getAccountName());

    // Cleanup logged in user stuff. Basically reset state like drupalLogout.
    $this
      ->eatCookie($cookie_name);
    $this
      ->drupalLogout();
    $this
      ->drupalGet(Url::fromRoute('user.login'));
    $this
      ->submitForm([
      'name' => $account
        ->getAccountName(),
      'pass' => $account->passRaw . 'badpass',
    ], 'Log in');
    $account->sessionId = $this
      ->getSession()
      ->getCookie(\Drupal::service('session_configuration')
      ->getOptions(\Drupal::request())['name']);
    $this
      ->assertFalse($this
      ->drupalUserIsLoggedIn($account), new FormattableMarkup('User %name successfully logged in.', [
      '%name' => $account
        ->getAccountName(),
    ]));
    $assert_session
      ->assert($this
      ->getSession()
      ->getCookie($cookie_name) === null, 'Cookie is set but should not be.');
    $this
      ->drupalLogin($account);
    $assert_session
      ->cookieExists($cookie_name);
    $this
      ->assertCookieTastesGood($this
      ->getSession()
      ->getCookie($cookie_name), $cookie_name);

    // Without bakery cookie, user gets logged back out.
    $this
      ->eatCookie($cookie_name);
    $this
      ->drupalGet('');
    $assert_session
      ->responseNotContains($account
      ->getAccountName());

    /**
     * Test redirects...
     */
    $this
      ->drupalGet(Url::fromRoute('user.login', [], [
      'query' => [
        'bd' => urlencode('https://www.google.org/'),
      ],
    ]));
    $this
      ->submitForm([
      'name' => $account
        ->getAccountName(),
      'pass' => $account->passRaw . 'badpass',
    ], 'Log in');
    $account->sessionId = $this
      ->getSession()
      ->getCookie(\Drupal::service('session_configuration')
      ->getOptions(\Drupal::request())['name']);
    $this
      ->assertFalse($this
      ->drupalUserIsLoggedIn($account), new FormattableMarkup('User %name successfully logged in.', [
      '%name' => $account
        ->getAccountName(),
    ]));
    $assert_session
      ->assert($this
      ->getSession()
      ->getCookie($cookie_name) === null, 'Cookie is set but should not be.');
    $this
      ->drupalGet(Url::fromRoute('user.login', [], [
      'query' => [
        'bd' => urlencode('https://www.google.org/'),
      ],
    ]));
    $this
      ->submitForm([
      'name' => $account
        ->getAccountName(),
      'pass' => $account->passRaw,
    ], 'Log in');
    $account->sessionId = $this
      ->getSession()
      ->getCookie(\Drupal::service('session_configuration')
      ->getOptions(\Drupal::request())['name']);
    $this
      ->drupalGet('');
    $assert_session
      ->cookieExists($cookie_name);
    $this
      ->assertCookieTastesGood($this
      ->getSession()
      ->getCookie($cookie_name), $cookie_name);
    $assert_session
      ->responseContains($account
      ->getAccountName());
  }

}

Classes

Namesort descending Description
MainSiteCookiesTest