/** * @test */ public function updateCredentialsIgnoresAnythingOtherThanPostRequests() { $arguments = array(); $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['username'] = '******'; $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['password'] = '******'; $request = Request::create(new Uri('http://robertlemke.com/login'), 'POST', $arguments); $actionRequest = $request->createActionRequest(); $token = new UsernamePassword(); $token->updateCredentials($actionRequest); $this->assertEquals(array('username' => 'TYPO3.Flow', 'password' => 'verysecurepassword'), $token->getCredentials()); $request = Request::create(new Uri('http://robertlemke.com/login'), 'GET', $arguments); $actionRequest = $request->createActionRequest(); $token = new UsernamePassword(); $token->updateCredentials($actionRequest); $this->assertEquals(array('username' => '', 'password' => ''), $token->getCredentials()); }
/** * @test */ public function updateCredentialsIgnoresAnythingOtherThanPostRequests() { $arguments = array(); $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['username'] = '******'; $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['password'] = '******'; $this->mockHttpRequest->expects($this->atLeastOnce())->method('getMethod')->will($this->returnValue('POST')); $this->mockActionRequest->expects($this->atLeastOnce())->method('getInternalArguments')->will($this->returnValue($arguments)); $this->token->updateCredentials($this->mockActionRequest); $this->assertEquals(array('username' => 'TYPO3.Flow', 'password' => 'verysecurepassword'), $this->token->getCredentials()); $secondToken = new UsernamePassword(); $secondMockActionRequest = $this->getMockBuilder(\TYPO3\Flow\Mvc\ActionRequest::class)->disableOriginalConstructor()->getMock(); /** @var ActionRequest|\PHPUnit_Framework_MockObject_MockObject $secondMockActionRequest */ $secondMockHttpRequest = $this->getMockBuilder(\TYPO3\Flow\Http\Request::class)->disableOriginalConstructor()->getMock(); $secondMockActionRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($secondMockHttpRequest)); $secondMockHttpRequest->expects($this->atLeastOnce())->method('getMethod')->will($this->returnValue('GET')); $secondToken->updateCredentials($secondMockActionRequest); $this->assertEquals(array('username' => '', 'password' => ''), $secondToken->getCredentials()); }