* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Security\Http\Tests\Firewall; use PHPUnit\Framework\TestCase; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Http\Firewall\ExceptionListener; use Symfony\Component\Security\Http\HttpUtils; class ExceptionListenerTest extends TestCase { /** * @dataProvider getAuthenticationExceptionProvider */ public function testAuthenticationExceptionWithoutEntryPoint(\Exception $exception, \Exception $eventException = null) { $event = $this->createEvent($exception); $listener = $this->createExceptionListener(); $listener->onKernelException($event); $this->assertNull($event->getResponse()); $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()); } /** * @dataProvider getAuthenticationExceptionProvider */ public function testAuthenticationExceptionWithEntryPoint(\Exception $exception) { $event = $this->createEvent($exception); $response = new Response('Forbidden', 403); $listener = $this->createExceptionListener(null, null, null, $this->createEntryPoint($response)); $listener->onKernelException($event); $this->assertTrue($event->isAllowingCustomResponseCode()); $this->assertEquals('Forbidden', $event->getResponse()->getContent()); $this->assertEquals(403, $event->getResponse()->getStatusCode()); $this->assertSame($exception, $event->getException()); } public function getAuthenticationExceptionProvider() { return array( array(new AuthenticationException()), array(new \LogicException('random', 0, $e = new AuthenticationException()), $e), array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AuthenticationException())), $e), array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AccessDeniedException())), $e), array(new AuthenticationException('random', 0, new \LogicException())), ); } public function testExceptionWhenEntryPointReturnsBadValue() { $event = $this->createEvent(new AuthenticationException()); $entryPoint = $this->getMockBuilder('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')->getMock(); $entryPoint->expects($this->once())->method('start')->will($this->returnValue('NOT A RESPONSE')); $listener = $this->createExceptionListener(null, null, null, $entryPoint); $listener->onKernelException($event); // the exception has been replaced by our LogicException $this->assertInstanceOf('LogicException', $event->getException()); $this->assertStringEndsWith('start() method must return a Response object (string returned)', $event->getException()->getMessage()); } /** * @dataProvider getAccessDeniedExceptionProvider */ public function testAccessDeniedExceptionFullFledgedAndWithoutAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null) { $event = $this->createEvent($exception); $listener = $this->createExceptionListener(null, $this->createTrustResolver(true)); $listener->onKernelException($event); $this->assertNull($event->getResponse()); $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); } /** * @dataProvider getAccessDeniedExceptionProvider */ public function testAccessDeniedExceptionFullFledgedAndWithoutAccessDeniedHandlerAndWithErrorPage(\Exception $exception, \Exception $eventException = null) { $kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(); $kernel->expects($this->once())->method('handle')->will($this->returnValue(new Response('Unauthorized', 401))); $event = $this->createEvent($exception, $kernel); $httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock(); $httpUtils->expects($this->once())->method('createRequest')->will($this->returnValue(Request::create('/error'))); $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), $httpUtils, null, '/error'); $listener->onKernelException($event); $this->assertTrue($event->isAllowingCustomResponseCode()); $this->assertEquals('Unauthorized', $event->getResponse()->getContent()); $this->assertEquals(401, $event->getResponse()->getStatusCode()); $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); } /** * @dataProvider getAccessDeniedExceptionProvider */ public function testAccessDeniedExceptionFullFledgedAndWithAccessDeniedHandlerAndWithoutErrorPage(\Exception $exception, \Exception $eventException = null) { $event = $this->createEvent($exception); $accessDeniedHandler = $this->getMockBuilder('Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface')->getMock(); $accessDeniedHandler->expects($this->once())->method('handle')->will($this->returnValue(new Response('error'))); $listener = $this->createExceptionListener(null, $this->createTrustResolver(true), null, null, null, $accessDeniedHandler); $listener->onKernelException($event); $this->assertEquals('error', $event->getResponse()->getContent()); $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); } /** * @dataProvider getAccessDeniedExceptionProvider */ public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \Exception $eventException = null) { $event = $this->createEvent($exception); $tokenStorage = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock(); $tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock())); $listener = $this->createExceptionListener($tokenStorage, $this->createTrustResolver(false), null, $this->createEntryPoint()); $listener->onKernelException($event); $this->assertEquals('OK', $event->getResponse()->getContent()); $this->assertSame(null === $eventException ? $exception : $eventException, $event->getException()->getPrevious()); } public function getAccessDeniedExceptionProvider() { return array( array(new AccessDeniedException()), array(new \LogicException('random', 0, $e = new AccessDeniedException()), $e), array(new \LogicException('random', 0, $e = new AccessDeniedException('embed', new AccessDeniedException())), $e), array(new \LogicException('random', 0, $e = new AccessDeniedException('embed', new AuthenticationException())), $e), array(new AccessDeniedException('random', new \LogicException())), ); } private function createEntryPoint(Response $response = null) { $entryPoint = $this->getMockBuilder('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')->getMock(); $entryPoint->expects($this->once())->method('start')->will($this->returnValue($response ?: new Response('OK'))); return $entryPoint; } private function createTrustResolver($fullFledged) { $trustResolver = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface')->getMock(); $trustResolver->expects($this->once())->method('isFullFledged')->will($this->returnValue($fullFledged)); return $trustResolver; } private function createEvent(\Exception $exception, $kernel = null) { if (null === $kernel) { $kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(); } return new GetResponseForExceptionEvent($kernel, Request::create('/'), HttpKernelInterface::MASTER_REQUEST, $exception); } private function createExceptionListener(TokenStorageInterface $tokenStorage = null, AuthenticationTrustResolverInterface $trustResolver = null, HttpUtils $httpUtils = null, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null) { return new ExceptionListener( $tokenStorage ?: $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock(), $trustResolver ?: $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface')->getMock(), $httpUtils ?: $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock(), 'key', $authenticationEntryPoint, $errorPage, $accessDeniedHandler ); } } __halt_compiler();----SIGNATURE:----q+E6uwyBIR4z09C4RQFiKr8AAiVm47lbaZEBh5dhkGL+pctsEeU1MJXZGO/gJkpwB0nGj5BkLEK+nI38wLlNDyfqsRFyN1qKUS1xHNcl1FOcbTERgqVxmuPxscJyiUe/zQk/yDVKdSrznnDbxvfiBxueE8Yvt7PbMj0ocZDjTdfEaIDeIemGV5+faZ4lJ9LTyvb04nz2MHqjE1d7t7bM8ZvyoIGEvL14z2j/6QrrMRRfrU9wLcnYdOy1Re1IbRcj2/uFw08ki2nCmZHVQWeOrBOjziRA13XhEp5wnUGjnqzM0BDg0WtcxWnHu7wsME3MlUo/GGvCSVD08PuGI8JgEvURRV1P4e1q+azgYZBFoArvXSKK6MUqHzFcLALGyjdJQf4YndzEaJjiwnS8OyZgwqaOQESXi2Jn0jwTDk25wVRGsCiELaAZt1a2j+vSbHFbhnODDSbpyIQJPFhK20XRIGtmFEUiME62Z7YaWSUblg8m+yH7iQHYmC+MAAcwoqQ/C9yvcyjdSJt9Y4Vdu4AwQipjWwOWz5AEpzkuUK9JqLIwAcCI238/2oj2WGgVE+HsoSBYspTiQdgf6E+Typ2/lqfRrixI26XvEUqC/fv4LBJDDpWwFy1XfS0XP7qJUcTc0lLsy6k4dCmc/OGfuRopzkxEKZrqq7VLo6zLDcZG6Nc=----ATTACHMENT:----MzM0ODgzMTE1NDk0Mjg3MiAyNzM1NDIxNjQwMzUxOTQxIDI4MTEwMDE5NzM5Njc0MDI=