public function CasSubscriberTest::testForcedLoginPaths in CAS 8
Test that the CasSubscriber properly forces CAS authentication as expected.
File
- tests/
src/ Functional/ CasSubscriberTest.php, line 30
Class
- CasSubscriberTest
- Tests the CAS forced login controller.
Namespace
Drupal\Tests\cas\FunctionalCode
public function testForcedLoginPaths() {
global $base_path;
$admin = $this
->drupalCreateUser([
'administer account settings',
]);
$this
->drupalLogin($admin);
// Create some dummy nodes so we have some content paths to work with
// when triggering forced auth paths.
$this
->drupalCreateContentType([
'type' => 'page',
'name' => 'Basic page',
]);
$this
->drupalCreateNode();
$this
->drupalCreateNode();
$this
->drupalCreateNode([
'path' => [
[
'alias' => '/my/path',
],
],
]);
// Configure CAS with forced auth enabled for some of our node paths.
$edit = [
'server[hostname]' => 'fakecasserver.localhost',
'server[path]' => '/auth',
'forced_login[enabled]' => TRUE,
'forced_login[paths][pages]' => "/node/2\n/my/path",
];
$this
->drupalPostForm('/admin/config/people/cas', $edit, 'Save configuration');
$config = $this
->config('cas.settings');
$this
->assertTrue($config
->get('forced_login.enabled'));
$this
->assertEquals("/node/2\n/my/path", $config
->get('forced_login.paths')['pages']);
$this
->drupalLogout();
$this
->disableRedirects();
$this
->prepareRequest();
$session = $this
->getSession();
// Our forced login subscriber should not intervene when viewing node/1.
$session
->visit($this
->buildUrl('node/1', [
'absolute' => TRUE,
]));
$this
->assertEquals(200, $session
->getStatusCode());
// But for node/2 and the node/3 path alias, we should be redirected to
// the CAS server to login with the proper service URL appended as a query
// string parameter.
$session
->visit($this
->buildUrl('node/2', [
'absolute' => TRUE,
]));
$this
->assertEquals(302, $session
->getStatusCode());
$expected_redirect_url = 'https://fakecasserver.localhost/auth/login?' . UrlHelper::buildQuery([
'service' => $this
->buildServiceUrlWithParams([
'destination' => $base_path . 'node/2',
]),
]);
$this
->assertEquals($expected_redirect_url, $session
->getResponseHeader('Location'));
// For the node/3 path alias, also test that query params, including the
// destination param, are preserved.
$session
->visit($this
->buildUrl('my/path', [
'absolute' => TRUE,
'query' => [
'foo' => 'bar',
'destination' => '/some/other/path',
],
]));
$this
->assertEquals(302, $session
->getStatusCode());
$expected_redirect_url = 'https://fakecasserver.localhost/auth/login?' . UrlHelper::buildQuery([
'service' => $this
->buildServiceUrlWithParams([
'destination' => $base_path . 'my/path?destination=%2Fsome%2Fother%2Fpath&foo=bar',
]),
]);
$this
->assertEquals($expected_redirect_url, $session
->getResponseHeader('Location'));
// When we are already logged in, we should not be redirected to the CAS
// server when hitting a forced login path.
$this
->enabledRedirects();
$this
->drupalLogin($admin);
$session
->visit($this
->buildUrl('node/2', [
'absolute' => TRUE,
]));
$this
->assertEquals(200, $session
->getStatusCode());
}