public function CasHelperTest::testGetMessage in CAS 8
Same name and namespace in other branches
- 2.x tests/src/Unit/Service/CasHelperTest.php \Drupal\Tests\cas\Unit\Service\CasHelperTest::testGetMessage()
Tests the message generator.
@covers ::getMessage
File
- tests/
src/ Unit/ Service/ CasHelperTest.php, line 167
Class
- CasHelperTest
- CasHelper unit tests.
Namespace
Drupal\Tests\cas\Unit\ServiceCode
public function testGetMessage() {
/** @var \Drupal\Core\Config\ConfigFactory $config_factory */
$config_factory = $this
->getConfigFactoryStub([
'cas.settings' => [
'arbitrary_message' => 'Use <a href="[cas:login-url]">CAS login</a>',
'messages' => [
'empty_message' => '',
'do_not_trust_user_input' => '<script>alert("Hacked!");</script>',
],
],
]);
$cas_helper = new CasHelper($config_factory, $this->loggerFactory, $this->token
->reveal());
$message = $cas_helper
->getMessage('arbitrary_message');
$this
->assertInstanceOf(FormattableMarkup::class, $message);
$this
->assertEquals('Use <a href="/caslogin">CAS login</a>', $message);
// Empty message.
$message = $cas_helper
->getMessage('messages.empty_message');
$this
->assertSame('', $message);
// Check hacker entered message.
$message = $cas_helper
->getMessage('messages.do_not_trust_user_input');
// Check that the dangerous tags were stripped-out.
$this
->assertEquals('alert("Hacked!");', $message);
}