public function BasicAuthTest::testBasicAuth in Zircon Profile 8.0
Same name and namespace in other branches
- 8 core/modules/basic_auth/src/Tests/Authentication/BasicAuthTest.php \Drupal\basic_auth\Tests\Authentication\BasicAuthTest::testBasicAuth()
Test http basic authentication.
File
- core/
modules/ basic_auth/ src/ Tests/ Authentication/ BasicAuthTest.php, line 35 - Contains \Drupal\basic_auth\Tests\Authentication\BasicAuthTest.
Class
- BasicAuthTest
- Tests for BasicAuth authentication provider.
Namespace
Drupal\basic_auth\Tests\AuthenticationCode
public function testBasicAuth() {
// Enable page caching.
$config = $this
->config('system.performance');
$config
->set('cache.page.max_age', 300);
$config
->save();
$account = $this
->drupalCreateUser();
$url = Url::fromRoute('router_test.11');
$this
->basicAuthGet($url, $account
->getUsername(), $account->pass_raw);
$this
->assertText($account
->getUsername(), 'Account name is displayed.');
$this
->assertResponse('200', 'HTTP response is OK');
$this
->curlClose();
$this
->assertFalse($this
->drupalGetHeader('X-Drupal-Cache'));
$this
->assertIdentical(strpos($this
->drupalGetHeader('Cache-Control'), 'public'), FALSE, 'Cache-Control is not set to public');
$this
->basicAuthGet($url, $account
->getUsername(), $this
->randomMachineName());
$this
->assertNoText($account
->getUsername(), 'Bad basic auth credentials do not authenticate the user.');
$this
->assertResponse('403', 'Access is not granted.');
$this
->curlClose();
$this
->drupalGet($url);
$this
->assertEqual($this
->drupalGetHeader('WWW-Authenticate'), SafeMarkup::format('Basic realm="@realm"', [
'@realm' => \Drupal::config('system.site')
->get('name'),
]));
$this
->assertResponse('401', 'Not authenticated on the route that allows only basic_auth. Prompt to authenticate received.');
$this
->drupalGet('admin');
$this
->assertResponse('403', 'No authentication prompt for routes not explicitly defining authentication providers.');
$account = $this
->drupalCreateUser(array(
'access administration pages',
));
$this
->basicAuthGet(Url::fromRoute('system.admin'), $account
->getUsername(), $account->pass_raw);
$this
->assertNoLink('Log out', 'User is not logged in');
$this
->assertResponse('403', 'No basic authentication for routes not explicitly defining authentication providers.');
$this
->curlClose();
// Ensure that pages already in the page cache aren't returned from page
// cache if basic auth credentials are provided.
$url = Url::fromRoute('router_test.10');
$this
->drupalGet($url);
$this
->assertEqual($this
->drupalGetHeader('X-Drupal-Cache'), 'MISS');
$this
->basicAuthGet($url, $account
->getUsername(), $account->pass_raw);
$this
->assertFalse($this
->drupalGetHeader('X-Drupal-Cache'));
$this
->assertIdentical(strpos($this
->drupalGetHeader('Cache-Control'), 'public'), FALSE, 'No page cache response when requesting a cached page with basic auth credentials.');
}