Skip to content

Documented simulating an authentication by manual token creation. #2468

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Apr 17, 2013
Merged

Documented simulating an authentication by manual token creation. #2468

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions cookbook/testing/index.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ Testing
:maxdepth: 2

http_authentication
simulating_authentication
insulating_clients
profiling
doctrine
Expand Down
61 changes: 61 additions & 0 deletions cookbook/testing/simulating_authentication.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
.. index::
single: Tests; Simulating authentication

How to simulate Authentication with a token in a Functional Test
================================================================

Authenticating requests in functional tests might slow down the suite.
It could become an issue especially when ``form_login`` is used, since
it requires additional requests to fill in and submit the form.

One of the solutions is to configure your firewall to use ``http_basic`` in
the test environment as explained in
:doc:`/cookbook/testing/http_authentication`.
Another way would be creating a token yourself and storing it in a session.
While doing this you have to make sure that appropriate cookie is sent
with a request. Following example demonstrates this technique::

// src/Acme/DemoBundle/Tests/Controller/DemoControllerTest.php
namespace Acme\DemoBundle\Tests\Controller;

use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
use Symfony\Component\BrowserKit\Cookie;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;

class DemoControllerTest extends WebTestCase
{
private $client = null;

public function setUp()
{
$this->client = static::createClient();
}

public function testSecuredHello()
{
$this->logIn();

$this->client->request('GET', '/demo/secured/hello/Fabien');

$this->assertTrue($this->client->getResponse()->isSuccessful());
$this->assertGreaterThan(0, $crawler->filter('html:contains("Hello Fabien")')->count());
}

private function logIn()
{
$session = $this->client->getContainer()->get('session');

$firewall = 'secured_area';
$token = new UsernamePasswordToken('admin', null, $firewall, array('ROLE_ADMIN'));
$session->set('_security_'.$firewall, serialize($token));
$session->save();

$cookie = new Cookie($session->getName(), $session->getId());
$this->client->getCookieJar()->set($cookie);
}
}

.. note::

Technique described in :doc:`/cookbook/testing/http_authentication`.
is cleaner and therefore preferred way.