You are here

Home » API reference » reCAPTCHA 7.2 » recaptcha.test » ReCaptchaBasicTest

public function ReCaptchaBasicTest::testReCaptchaOnLoginForm in reCAPTCHA 7.2

Same name and namespace in other branches
  1. 6.2 recaptcha.test \ReCaptchaBasicTest::testReCaptchaOnLoginForm()

Testing the protection of the user login form.

File

./recaptcha.test, line 92
Tests for reCAPTCHA module.

Class

ReCaptchaBasicTest
@file Tests for reCAPTCHA module.

Code

public function testReCaptchaOnLoginForm() {
  global $language;
  $site_key = $this
    ->randomName(40);
  $secret_key = $this
    ->randomName(40);
  $grecaptcha = '<div class="g-recaptcha" data-sitekey="' . $site_key . '" data-theme="light" data-type="image"></div>';

  // Test if login works.
  $this
    ->drupalLogin($this->normal_user);
  $this
    ->drupalLogout();
  $this
    ->drupalGet('user');
  $this
    ->assertNoRaw($grecaptcha, '[testReCaptchaOnLoginForm]: reCAPTCHA is not shown on form.');

  // Enable 'captcha/Math' CAPTCHA on login form.
  captcha_set_form_id_setting('user_login', 'captcha/Math');
  $this
    ->drupalGet('user');
  $this
    ->assertNoRaw($grecaptcha, '[testReCaptchaOnLoginForm]: reCAPTCHA is not shown on form.');

  // Enable 'recaptcha/reCAPTCHA' on login form.
  captcha_set_form_id_setting('user_login', 'recaptcha/reCAPTCHA');
  $result = captcha_get_form_id_setting('user_login');
  $this
    ->assertNotNull($result, 'A configuration has been found for CAPTCHA point: user_login', 'reCAPTCHA');
  $this
    ->assertEqual($result->module, 'recaptcha', 'reCAPTCHA module configured for CAPTCHA point: user_login', 'reCAPTCHA');
  $this
    ->assertEqual($result->captcha_type, 'reCAPTCHA', 'reCAPTCHA type has been configured for CAPTCHA point: user_login', 'reCAPTCHA');

  // Check if a Math CAPTCHA is still shown on the login form. The site key
  // and security key have not yet configured for reCAPTCHA. The module need
  // to fall back to math captcha.
  $this
    ->drupalGet('user');
  $this
    ->assertRaw(t('Math question'), '[testReCaptchaOnLoginForm]: Math CAPTCHA is shown on form.');

  // Configure site key and security key to show reCAPTCHA and no fall back.
  variable_set('recaptcha_site_key', $site_key);
  variable_set('recaptcha_secret_key', $secret_key);

  // Check if there is a reCAPTCHA on the login form.
  $this
    ->drupalGet('user');
  $this
    ->assertRaw($grecaptcha, '[testReCaptchaOnLoginForm]: reCAPTCHA is shown on form.');
  $this
    ->assertRaw('<script src="https://www.google.com/recaptcha/api.js?hl=' . $language->language . '" async="async" defer="defer"></script>', '[testReCaptchaOnLoginForm]: reCAPTCHA is shown on form.');
  $this
    ->assertNoRaw($grecaptcha . '<noscript>', '[testReCaptchaOnLoginForm]: NoScript code is not enabled for the reCAPTCHA.');

  // Test if the fall back url is properly build and noscript code added.
  variable_set('recaptcha_noscript', 1);
  $this
    ->drupalGet('user');
  $this
    ->assertRaw($grecaptcha . '<noscript>', '[testReCaptchaOnLoginForm]: NoScript for reCAPTCHA is shown on form.');
  $this
    ->assertRaw('https://www.google.com/recaptcha/api/fallback?k=' . $site_key . '&amp;hl=' . $language->language, '[testReCaptchaOnLoginForm]: Fallback URL with IFRAME has been found.');

  // Check if there is a reCAPTCHA with global url on the login form.
  variable_set('recaptcha_use_globally', 1);
  $this
    ->drupalGet('user/login');
  $this
    ->assertRaw('<script src="https://www.recaptcha.net/recaptcha/api.js?hl=' . $language->language . '" async="async" defer="defer"></script>', '[testReCaptchaOnLoginForm]: Global reCAPTCHA is shown on form.');
  $this
    ->assertRaw('https://www.recaptcha.net/recaptcha/api/fallback?k=' . $site_key . '&amp;hl=' . $language->language, '[testReCaptchaOnLoginForm]: Global fallback URL with IFRAME has been found.');

  // Check that data-size attribute does not exists.
  variable_set('recaptcha_size', '');
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-size=:size]', array(
    ':class' => 'g-recaptcha',
    ':size' => 'small',
  ));
  $this
    ->assertFalse(!empty($element), 'Tag contains no data-size attribute.');

  // Check that data-size attribute exists.
  variable_set('recaptcha_size', 'small');
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-size=:size]', array(
    ':class' => 'g-recaptcha',
    ':size' => 'small',
  ));
  $this
    ->assertTrue(!empty($element), 'Tag contains data-size attribute and value.');

  // Check that data-tabindex attribute does not exists.
  variable_set('recaptcha_tabindex', 0);
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-tabindex=:index]', array(
    ':class' => 'g-recaptcha',
    ':index' => 0,
  ));
  $this
    ->assertFalse(!empty($element), 'Tag contains no data-tabindex attribute.');

  // Check that data-tabindex attribute exists.
  variable_set('recaptcha_tabindex', 5);
  $this
    ->drupalGet('user');
  $element = $this
    ->xpath('//div[@class=:class and @data-tabindex=:index]', array(
    ':class' => 'g-recaptcha',
    ':index' => 5,
  ));
  $this
    ->assertTrue(!empty($element), 'Tag contains data-tabindex attribute and value.');

  // Try to log in, which should fail.
  $edit['name'] = $this->normal_user->name;
  $edit['pass'] = $this->normal_user->pass_raw;
  $edit['captcha_response'] = '?';
  $this
    ->drupalPost('user', $edit, t('Log in'));

  // Check for error message.
  $this
    ->assertText(t('The answer you entered for the CAPTCHA was not correct.'), 'CAPTCHA should block user login form', 'reCAPTCHA');

  // And make sure that user is not logged in: check for name and password
  // fields on ?q=user.
  $this
    ->drupalGet('user');
  $this
    ->assertField('name', t('Username field found.'), 'reCAPTCHA');
  $this
    ->assertField('pass', t('Password field found.'), 'reCAPTCHA');
}