You are here

Home » API reference » Key auth 8 » KeyAuthTest.php » KeyAuthTest

public function KeyAuthTest::testKeyAuth in Key auth 8

Test key authentication and related settings.

File

tests/src/Functional/KeyAuthTest.php, line 197

Class

KeyAuthTest
Tests for key authentication provider.

Namespace

Drupal\Tests\key_auth\Functional

Code

public function testKeyAuth() {

  // Enable page caching.
  $config = $this
    ->config('system.performance');
  $config
    ->set('cache.page.max_age', 300);
  $config
    ->save();

  // Enable both key detection methods.
  $this->keyAuthConfig
    ->set('detection_methods', [
    KeyAuth::DETECTION_METHOD_HEADER,
    KeyAuth::DETECTION_METHOD_QUERY,
  ])
    ->save();

  // Load the parameter name.
  $param_name = $this->keyAuthConfig
    ->get('param_name');

  // Check the test page while not authenticated.
  $this
    ->keyAuthRequest(NULL, NULL, 403);

  // Create a user that can use key authentication.
  $user = $this
    ->drupalCreateUser([
    'use key authentication',
  ]);

  // Assign the user a key.
  $user
    ->set('api_key', $this->keyAuth
    ->generateKey())
    ->save();

  // Test the authentication via query.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_QUERY, $param_name, 200, $user->api_key->value, $user);

  // Test the authentication via header.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_HEADER, $param_name, 200, $user->api_key->value, $user);

  // Test the authentication via query with the wrong key.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_QUERY, $param_name, 403, $this->keyAuth
    ->generateKey(), $user);

  // Test the authentication via header with the wrong key.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_HEADER, $param_name, 403, $this->keyAuth
    ->generateKey(), $user);

  // Disable both detection methods.
  $this->keyAuthConfig
    ->set('detection_methods', [])
    ->save();

  // Test the authentication via query.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_QUERY, $param_name, 403, $user->api_key->value, $user);

  // Test the authentication via header.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_HEADER, $param_name, 403, $user->api_key->value, $user);

  // Re-enable both key detection methods.
  $this->keyAuthConfig
    ->set('detection_methods', [
    KeyAuth::DETECTION_METHOD_HEADER,
    KeyAuth::DETECTION_METHOD_QUERY,
  ])
    ->save();

  // Change the parameter name.
  $this->keyAuthConfig
    ->set('param_name', 'testauth')
    ->save();

  // Test the authentication via query using the new parameter name.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_QUERY, 'testauth', 200, $user->api_key->value, $user);

  // Test the authentication via header using the new parameter name.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_HEADER, 'testauth', 200, $user->api_key->value, $user);

  // Test the authentication via query using the old parameter name.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_QUERY, $param_name, 403, $user->api_key->value, $user);

  // Test the authentication via header using the old parameter name.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_HEADER, $param_name, 403, $user->api_key->value, $user);

  // Create a new user that cannot use key authentication.
  $user = $this
    ->drupalCreateUser([]);

  // Assign the user a key.
  $user
    ->set('api_key', $this->keyAuth
    ->generateKey())
    ->save();

  // Test the authentication via query.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_QUERY, 'testauth', 403, $user->api_key->value, $user);

  // Test the authentication via header.
  $this
    ->keyAuthRequest(KeyAuth::DETECTION_METHOD_HEADER, 'testauth', 403, $user->api_key->value, $user);
}