protected function setUp()
{
$this->client = static::createClient();
$this->client->followRedirects(true);
$this->crawler = $this->client->request('GET', self::LOGIN_URL);
$this->loginForm = $this->crawler->selectButton(self::LOGIN_BUTTON)->form();
}
/**
* test login
*/
public function testLoginSuccess()
{
$data = array('username' => 'user', 'password' => 'password');
$this->client->request('POST', $this->getUrl('api_login_check'), $data);
$this->assertJsonResponse($this->client->getResponse(), 200);
$response = json_decode($this->client->getResponse()->getContent(), true);
$this->assertArrayHasKey('token', $response);
// check token from query string work
$client = static::createClient();
$client->request('HEAD', $this->getUrl('api_ping', array($this->queryParameterName => $response['token'])));
$this->assertJsonResponse($client->getResponse(), 200, false);
// check token work
$client = static::createClient();
$client->setServerParameter('HTTP_Authorization', sprintf('%s %s', $this->authorizationHeaderPrefix, $response['token']));
$client->request('HEAD', $this->getUrl('api_ping'));
$this->assertJsonResponse($client->getResponse(), 200, false);
// check token works several times, as long as it is valid
$client = static::createClient();
$client->setServerParameter('HTTP_Authorization', sprintf('%s %s', $this->authorizationHeaderPrefix, $response['token']));
$client->request('HEAD', $this->getUrl('api_ping'));
$this->assertJsonResponse($client->getResponse(), 200, false);
// check a bad token does not work
$client = static::createClient();
$client->setServerParameter('HTTP_Authorization', sprintf('%s %s', $this->authorizationHeaderPrefix, $response['token'] . 'changed'));
$client->request('HEAD', $this->getUrl('api_ping'));
$this->assertJsonResponse($client->getResponse(), 401, false);
// check error if no authorization header
$client = static::createClient();
$client->request('HEAD', $this->getUrl('api_ping'));
$this->assertJsonResponse($client->getResponse(), 401, false);
}
protected function makeRequest($method, $uri, $annotationOptions = array())
{
$this->getClient($annotationOptions);
$this->client->request($method, $uri, array(), array(), $this->requestOptions);
$response = $this->client->getResponse();
return $response;
}
/**
* Do login with username
*
* @param string $username
*/
private function doLogin($username = '******')
{
$crawler = $this->client->request('GET', $this->getUrl('fos_user_security_login', array()));
$form = $crawler->selectButton('_submit')->form(array('_username' => $username, '_password' => 'qwerty'));
$this->client->submit($form);
$this->assertTrue($this->client->getResponse()->isRedirect());
$this->client->followRedirects();
}
/**
* @param string $method
* @param string $url
* @param array|null $content
*/
private function sendRequest($method, $url, $content = null)
{
$header = array('HTTP_ACCEPT' => 'application/json');
if ($method == 'POST') {
$header['CONTENT_TYPE'] = 'application/json';
}
$this->client->request($method, $url, array(), array(), $header, json_encode($content));
}
/**
* test login
*/
public function testLoginSuccess()
{
$data = array('username' => 'user', 'password' => 'password');
$this->client->request('POST', $this->getUrl('login_check'), $data);
$this->assertJsonResponse($this->client->getResponse(), 200);
$response = json_decode($this->client->getResponse()->getContent(), true);
$this->assertArrayHasKey('token', $response);
$this->assertArrayHasKey('data', $response);
}
/**
* @param string $uri
* @param string $responseType
*/
public function navigateToPageAndAssertSuccess($uri, $responseType = null)
{
$this->client->request('GET', $uri);
$this->assertTrue($this->client->getResponse()->isSuccessful(), 'Navigation to ' . $uri . ' did not trigger a successful response.');
if (null !== $responseType) {
$responseTypeIsTheOneExpected = $this->client->getResponse()->headers->contains('Content-Type', $responseType);
$this->assertTrue($responseTypeIsTheOneExpected, 'The content type of the response was not ' . $responseType . '. The header provided was: ' . var_export($this->client->getResponse()->headers, true));
}
}
public function testDoRequest()
{
$client = new Client(new TestHttpKernel());
$client->request('GET', '/');
$this->assertEquals('Request: /', $client->getResponse()->getContent(), '->doRequest() uses the request handler to make the request');
$client->request('GET', 'http://www.example.com/');
$this->assertEquals('Request: /', $client->getResponse()->getContent(), '->doRequest() uses the request handler to make the request');
$this->assertEquals('www.example.com', $client->getRequest()->getHost(), '->doRequest() uses the request handler to make the request');
}
public function logInBackend($username = '******', $password = '******')
{
if ($this->um->isAuthenticated() === false) {
$this->client->request('GET', '/' . $this->api['backend'] . '/user/login/?username='******'&password='******'CONTENT_TYPE' => 'application/json']);
$response = $this->client->getResponse();
$content = $response->getContent();
$result = json_decode($content, true);
if ($result['status'] !== true) {
throw new \LogicException('Authentication failed.');
}
}
return $this->um->isAuthenticated();
}
public function logInFrontend($username = '******', $password = '******')
{
if ($this->um->isAuthenticated() === false) {
$data = ['username' => $username, 'password' => $password];
$this->client->request('POST', '/' . $this->api['frontend'] . '/user/login/', [], [], ['CONTENT_TYPE' => 'application/json'], json_encode($data));
$response = $this->client->getResponse();
$content = $response->getContent();
$result = json_decode($content, true);
if ($result['status'] !== true) {
throw new \LogicException('Authentication failed.');
}
}
return $this->um->isAuthenticated();
}
/**
* Отображение ошибки при ответе
*/
public function testTicketReplyErrors()
{
$crawler = $this->client->request('GET', '/ticket/6/show?_locale=ru');
$form = $crawler->selectButton('Message[submit]')->form();
$crawler = $this->client->submit($form);
static::assertGreaterThan(0, $crawler->filter('html:contains("Заполните поле Сообщение или загрузите изображение")')->count());
}
public function testListBucket()
{
$this->authorize();
$listUrl = $this->urlGenerator->generate('list', ['bucket' => 'foo']);
$listBuckets = new Result(['Buckets' => [['Name' => 'foo', 'CreationDate' => '2014-08-01T14:00:00.000Z'], ['Name' => 'bar', 'CreationDate' => '2014-07-31T20:30:40.000Z']]]);
$listObjects = new Result(['Contents' => [['Key' => 'baz', 'ETag' => '"' . md5('baz') . '"', 'LastModified' => '2014-09-10T11:12:13.000Z', 'Size' => 1024], ['Key' => 'qux', 'ETag' => '"' . md5('qux') . '"', 'LastModified' => '2014-09-11T21:22:23.000Z', 'Size' => 2048], ['Key' => 'quxx', 'ETag' => '"' . md5('quxx') . '"', 'LastModified' => '2014-09-12T00:00:00.000Z', 'Size' => 512]], 'IsTruncated' => false]);
$this->s3ClientMock->expects($this->once())->method('listBuckets')->willReturn($listBuckets);
$this->s3ClientMock->expects($this->once())->method('listObjects')->willReturn($listObjects);
$crawler = $this->client->request('GET', $listUrl);
$this->assertTrue($this->client->getResponse()->isOk());
// buckets
$list = $crawler->filter('#list-bucket li');
$active = $list->filter('.active');
$this->assertCount(count($listBuckets['Buckets']), $list);
$this->assertCount(1, $active);
$this->assertEquals($list->eq(0), $active);
$urlGenerator = $this->urlGenerator;
$list->each(function (Crawler $bucket, $index) use($urlGenerator, $listBuckets) {
$link = $bucket->filter('a');
$expectedName = $listBuckets['Buckets'][$index]['Name'];
$this->assertEquals($expectedName, $link->text());
$this->assertEquals($urlGenerator->generate('list', ['bucket' => $expectedName]), $link->attr('href'));
});
// objects
$list = $crawler->filter('#list-object tbody tr');
$this->assertCount(count($listObjects['Contents']), $list);
$list->each(function (Crawler $object, $index) use($listObjects) {
$link = $object->filter('td')->eq(0)->filter('a');
$expectedKey = $listObjects['Contents'][$index]['Key'];
$this->assertEquals($expectedKey, $link->text());
$this->assertEquals('http://foo.s3.amazonaws.com/' . $expectedKey, $link->attr('href'));
$this->assertEquals($listObjects['Contents'][$index]['Size'], $object->filter('td')->eq(1)->text());
});
}
public function testRememberMeAuthentication()
{
$app = $this->createApplication();
$client = new Client($app);
$client->request('get', '/');
$client->request('post', '/login_check', array('_username' => 'fabien', '_password' => 'foo', '_remember_me' => 'true'));
$client->followRedirect();
$this->assertEquals('AUTHENTICATED_FULLY', $client->getResponse()->getContent());
$this->assertNotNull($client->getCookiejar()->get('REMEMBERME'), 'The REMEMBERME cookie is set');
$client->getCookiejar()->expire('MOCKSESSID');
$client->request('get', '/');
$this->assertEquals('AUTHENTICATED_REMEMBERED', $client->getResponse()->getContent());
$client->request('get', '/logout');
$client->followRedirect();
$this->assertNull($client->getCookiejar()->get('REMEMBERME'), 'The REMEMBERME cookie has been removed');
}
protected function execute($method = 'GET', $url, $parameters = array(), $files = array())
{
foreach ($this->headers as $header => $val) {
$header = str_replace('-', '_', strtoupper($header));
$this->client->setServerParameter("HTTP_{$header}", $val);
# Issue #827 - symfony foundation requires 'CONTENT_TYPE' without HTTP_
if ($this->isFunctional and $header == 'CONTENT_TYPE') {
$this->client->setServerParameter($header, $val);
}
}
// allow full url to be requested
$url = (strpos($url, '://') === false ? $this->config['url'] : '') . $url;
$parameters = $this->encodeApplicationJson($method, $parameters);
if (is_array($parameters) || $method == 'GET') {
if (!empty($parameters) && $method == 'GET') {
$url .= '?' . http_build_query($parameters);
}
if ($method == 'GET') {
$this->debugSection("Request", "{$method} {$url}");
} else {
$this->debugSection("Request", "{$method} {$url} " . json_encode($parameters));
}
$this->client->request($method, $url, $parameters, $files);
} else {
$this->debugSection("Request", "{$method} {$url} " . $parameters);
$this->client->request($method, $url, array(), $files, array(), $parameters);
}
$this->response = $this->client->getInternalResponse()->getContent();
$this->debugSection("Response", $this->response);
if (count($this->client->getInternalRequest()->getCookies())) {
$this->debugSection('Cookies', $this->client->getInternalRequest()->getCookies());
}
$this->debugSection("Headers", $this->client->getInternalResponse()->getHeaders());
$this->debugSection("Status", $this->client->getInternalResponse()->getStatus());
}
protected function execute($method = 'GET', $url, $parameters = array(), $files = array())
{
foreach ($this->headers as $header => $val) {
$this->client->setServerParameter("HTTP_{$header}", $val);
}
// allow full url to be requested
$url = (strpos($url, '://') === false ? $this->config['url'] : '') . $url;
if (is_array($parameters) || $parameters instanceof \ArrayAccess) {
$parameters = $this->scalarizeArray($parameters);
if (array_key_exists('Content-Type', $this->headers) && $this->headers['Content-Type'] === 'application/json' && $method != 'GET') {
$parameters = json_encode($parameters);
}
}
if (is_array($parameters) || $method == 'GET') {
if ($method == 'GET' && !empty($parameters)) {
$url .= '?' . http_build_query($parameters);
$this->debugSection("Request", "{$method} {$url}");
} else {
$this->debugSection("Request", "{$method} {$url}?" . http_build_query($parameters));
}
$this->client->request($method, $url, $parameters, $files);
} else {
$this->debugSection("Request", "{$method} {$url} " . $parameters);
$this->client->request($method, $url, array(), $files, array(), $parameters);
}
$this->response = $this->client->getResponse()->getContent();
$this->debugSection("Response", $this->response);
}
/**
* test login
*
* @covers UserController::postUserTokenAction
* @group authentication
*/
public function testLoginSuccess()
{
$data = array('username' => 'admin', 'password' => 'pass');
$this->client->request('POST', $this->getUrl($this->loginRoute), $data);
$this->assertJsonResponse($this->client->getResponse(), 200);
$response = json_decode($this->client->getResponse()->getContent(), true);
$this->assertArrayHasKey('token', $response);
$this->assertArrayHasKey('user', $response);
$this->assertArrayHasKey('id', $response['user']);
$this->assertArrayHasKey('firstName', $response['user']);
$this->assertArrayHasKey('lastName', $response['user']);
$this->checkTokenInQueryString($response['token']);
$this->checkTokenInHeaders($response['token']);
$this->checkTokenMultipleTimes($response['token']);
$this->checkBadToken($response['token']);
$this->checkNoToken($response['token']);
}
public function testWithRoutesThatDoNotUseSession()
{
$app = new Application();
$app['exception_handler']->disable();
$app->get('/', function () {
return 'A welcome page.';
});
$app->get('/robots.txt', function () {
return 'Informations for robots.';
});
$app = $this->sessionify($app);
$client = new Client($app);
$client->request('GET', '/');
$this->assertEquals('A welcome page.', $client->getResponse()->getContent());
$client->request('GET', '/robots.txt');
$this->assertEquals('Informations for robots.', $client->getResponse()->getContent());
}
public function testCget()
{
$this->client->request('GET', '/api/operators');
$this->assertEquals(200, $this->client->getResponse()->getStatusCode());
$response = json_decode($this->client->getResponse()->getContent());
$this->assertNotEmpty($response);
$this->assertEquals(3, count($response->_embedded->items));
}
public function testWithRoutesThatDoesNotUseSession()
{
$app = new Application();
$app->register(new SessionServiceProvider(), array('session.test' => true));
$app->get('/', function () {
return 'A welcome page.';
});
$app->get('/robots.txt', function () {
return 'Informations for robots.';
});
$app['debug'] = true;
$app['exception_handler']->disable();
$client = new Client($app);
$client->request('get', '/');
$this->assertEquals('A welcome page.', $client->getResponse()->getContent());
$client->request('get', '/robots.txt');
$this->assertEquals('Informations for robots.', $client->getResponse()->getContent());
}
public function testDoesNotReturn401IfValidToken()
{
$this->register('chain');
$jwt = JWT::encode(['sub' => 'John'], 'secret', 'HS256');
$client = new Client($this->app);
$client->request('GET', '/?jwt=' . $jwt);
$response = $client->getResponse();
$this->assertEquals(200, $response->getStatusCode());
}
/**
* @dataProvider provideData
*/
public function testValidJsonData($label, $data, $expectedResponse)
{
$this->app['aiv.input'] = new \AIV\Input\SymfonyRequest\JSONInput();
$client = new Client($this->app, []);
$label = 'Test Case: ' . $label;
$client->request('POST', '/', [], [], [], json_encode(['test-name' => $data]));
$response = $client->getResponse();
$this->assertTrue($response->isOk(), $label);
$this->assertContains($expectedResponse, $response->getContent(), $label);
}
private function request($accept)
{
$app = new Application(Application::ENV_TEST);
$app['dispatcher']->addSubscriber(new ContentNegotiationSubscriber($app['negotiator'], $app['phraseanet.content-negotiation.priorities']));
$app->get('/content/negociation', function () {
return '';
});
$client = new Client($app);
$client->request('GET', '/content/negociation', array(), array(), array('HTTP_Accept' => $accept));
return $client->getResponse();
}
/**
* @dataProvider provideExceptionsAndCode
*/
public function testError($exception, $code)
{
$app = new Application('test');
$app['dispatcher']->addSubscriber(new ApiExceptionHandlerSubscriber($app));
$app->get('/', function () use($exception) {
throw $exception;
});
$client = new Client($app);
$client->request('GET', '/');
$this->assertEquals($code, $client->getResponse()->getStatusCode());
}
public function testHttpAuthentication()
{
$app = $this->createApplication('http');
$client = new Client($app);
$client->request('get', '/');
$this->assertEquals(401, $client->getResponse()->getStatusCode());
$this->assertEquals('Basic realm="Secured"', $client->getResponse()->headers->get('www-authenticate'));
$client->request('get', '/', array(), array(), array('PHP_AUTH_USER' => 'dennis', 'PHP_AUTH_PW' => 'foo'));
$this->assertEquals('dennisAUTHENTICATED', $client->getResponse()->getContent());
$client->request('get', '/admin');
$this->assertEquals(403, $client->getResponse()->getStatusCode());
$client->restart();
$client->request('get', '/');
$this->assertEquals(401, $client->getResponse()->getStatusCode());
$this->assertEquals('Basic realm="Secured"', $client->getResponse()->headers->get('www-authenticate'));
$client->request('get', '/', array(), array(), array('PHP_AUTH_USER' => 'admin', 'PHP_AUTH_PW' => 'foo'));
$this->assertEquals('adminAUTHENTICATEDADMIN', $client->getResponse()->getContent());
$client->request('get', '/admin');
$this->assertEquals('admin', $client->getResponse()->getContent());
}
private function request($accept)
{
$app = new Application('test');
$app['dispatcher']->addSubscriber(new ContentNegotiationSubscriber($app));
$app->get('/content/negociation', function () {
return '';
});
$client = new Client($app);
$client->request('GET', '/content/negociation', array(), array(), array('HTTP_Accept' => $accept));
return $client->getResponse();
}
/**
* @dataProvider provideExceptionsAndCode
*/
public function testErrorOnOtherRoutes($exception, $code, $contentType)
{
$app = new Application('test');
unset($app['exception_handler']);
$app['dispatcher']->addSubscriber(new ApiOauth2ErrorsSubscriber(PhraseaExceptionHandler::register(), $this->createTranslatorMock()));
$app->get('/', function () use($exception) {
throw $exception;
});
$client = new Client($app);
$this->setExpectedException(get_class($exception));
$client->request('GET', '/');
}
public function testItCanBeDisabled()
{
$app = new Application();
$app['exception_handler'] = new PhraseaExceptionHandlerSubscriber(PhraseaExceptionHandler::register());
$app->get('/', function () {
throw new \Exception();
});
$app['exception_handler']->disable();
$client = new Client($app);
$this->setExpectedException('\\Exception');
$client->request('GET', '/');
}
public function testGetVariants()
{
$preferred = null;
$app = new Application();
$app->register(new BadFaithServiceProvider());
$app->get('/', function (Application $app) use(&$preferred) {
$preferred = $app['bad-faith']->headerLists['accept_language']->getPreferred();
});
$client = new Client($app, array());
$client->request('GET', '/', array(), array(), array('HTTP_ACCEPT_ENCODING' => 'gzip,deflate,sdch', 'HTTP_ACCEPT_LANGUAGE' => 'de-DE,en;q=0.8'));
$this->assertEquals('de-DE', $preferred->pref);
}
/**
* @param array $conf
* @param string $method
* @param array $extraHeaders
*
* @return \Symfony\Component\HttpFoundation\Response
*/
private function request(array $conf, $method = 'GET', array $extraHeaders = [])
{
$app = new Application('test');
$app['phraseanet.configuration']['api_cors'] = $conf;
$app['dispatcher']->addSubscriber(new ApiCorsSubscriber($app));
$app->get('/api/v1/test-route', function () {
return '';
});
$client = new Client($app);
$client->request($method, '/api/v1/test-route', [], [], array_merge($extraHeaders, ['HTTP_Origin' => $this->origin]));
return $client->getResponse();
}
public function testNoHeaderNoRedirection()
{
$app = new Application();
unset($app['exception_handler']);
$app['dispatcher']->addSubscriber(new FirewallSubscriber());
$app->get('/', function () {
throw new HttpException(500);
});
$client = new Client($app);
$this->setExpectedException('Symfony\\Component\\HttpKernel\\Exception\\HttpException');
$client->request('GET', '/');
}
