114 lines
3.5 KiB
PHP
114 lines
3.5 KiB
PHP
<?php
|
|
|
|
namespace App\Tests\Controller;
|
|
|
|
|
|
use App\Tests\Functional\AbstractFunctionalTest;
|
|
use PHPUnit\Framework\Attributes\Test;
|
|
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
|
|
|
|
class SecurityControllerTest extends AbstractFunctionalTest{
|
|
|
|
//region login tests
|
|
|
|
#[Test]
|
|
public function test_login_page_is_accessible(): void
|
|
{
|
|
$this->client->request('GET', '/login');
|
|
self::assertResponseIsSuccessful();
|
|
}
|
|
|
|
#[Test]
|
|
public function test_login_page_contains_login_form(): void
|
|
{
|
|
$this->client->request('GET', '/login');
|
|
$crawler = $this->client->getCrawler();
|
|
self::assertGreaterThanOrEqual(
|
|
0,
|
|
$crawler->filter('form[name="login_form"]')->count(),
|
|
'The login page does not contain a login form.'
|
|
);
|
|
}
|
|
|
|
#[Test]
|
|
public function test_login_with_invalid_credentials_shows_error(): void
|
|
{
|
|
$this->client->request('GET', '/login');
|
|
// dd($this->client->getResponse()->getContent());
|
|
$this->client->submitForm('Connexion', [
|
|
'_username' => 'l@l.com',
|
|
'_password' => 'invalid_password',
|
|
]);
|
|
|
|
self::assertResponseStatusCodeSame(302);
|
|
$crawler = $this->client->getCrawler();
|
|
self::assertGreaterThanOrEqual(
|
|
0,
|
|
$crawler->filter('.alert-danger')->count(),
|
|
|
|
);
|
|
}
|
|
|
|
// PHPLeague OAuth2 Server causes issues with functional tests involving authentication.
|
|
// #[Test]
|
|
// public function test_login_with_valid_credentials_redirects(): void
|
|
// {
|
|
// /** @var UserPasswordHasherInterface $passwordHasher */
|
|
// $passwordHasher = $this->client->getContainer()->get('security.user_password_hasher');
|
|
//
|
|
// $userEmail = 'user@email.com';
|
|
// $plainPassword = 'valid_password';
|
|
//
|
|
// $user = $this->createUser($userEmail);
|
|
//
|
|
// $hashedPassword = $passwordHasher->hashPassword($user, $plainPassword);
|
|
// $user->setPassword($hashedPassword);
|
|
// $organization = $this->createOrganization("orga");
|
|
// $uo = $this->createUOLink($user, $organization);
|
|
// $app = $this->createApp("app");
|
|
// $role = $this->createRole("USER");
|
|
// $uoa = $this->createUOALink($uo, $app, $role);
|
|
//
|
|
// $this->entityManager->persist($user);
|
|
// $this->entityManager->flush();
|
|
//
|
|
// // 3. Attempt login
|
|
// $this->client->request('GET', '/login');
|
|
//
|
|
// $this->client->submitForm('Connexion', [
|
|
// '_username' => $userEmail,
|
|
// '_password' => $plainPassword,
|
|
// ]);
|
|
//
|
|
// self::assertResponseRedirects('/application/');
|
|
// $this->client->followRedirect();
|
|
//
|
|
//
|
|
// self::assertResponseIsSuccessful();
|
|
// }
|
|
|
|
//endregion
|
|
|
|
//region logout tests
|
|
//
|
|
// #[Test]
|
|
// public function test_logout_redirects_to_login(): void
|
|
// {
|
|
// $user = $this->createUser('user@user.com');
|
|
// $this->client->loginUser($user);
|
|
// // 1. Generate a valid CSRF token for the 'logout' intent
|
|
// $container = $this->client->getContainer();
|
|
// $token = $container->get('security.csrf.token_manager')->getToken('logout')->getValue();
|
|
//
|
|
// // 2. Pass the token as a parameter named '_csrf_token'
|
|
// $this->client->request('POST', '/sso_logout', [
|
|
// '_csrf_token' => $token
|
|
// ]);
|
|
//
|
|
// $this->client->followRedirect();
|
|
//
|
|
// self::assertResponseRedirects('/login');
|
|
// self::assertResponseIsSuccessful();
|
|
// }
|
|
}
|