[Security] added unit tests for the Authentication sub-namespace

src/Symfony/Component/Security/Authentication/AuthenticationProviderManager.php

@@ -37,7 +37,7 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
     public function __construct(array $providers = array(), $eraseCredentials = true)
     {
         $this->setProviders($providers);
-        $this->eraseCredentials = $eraseCredentials;
+        $this->eraseCredentials = (Boolean) $eraseCredentials;
     }
 
     /**
@@ -60,7 +60,7 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
             try {
                 $result = $provider->authenticate($token);
             } catch (AccountStatusException $e) {
-                $e->setToken($token);
+                $e->setExtraInformation($token);
 
                 throw $e;
             } catch (AuthenticationException $e) {
@@ -69,7 +69,7 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
         }
 
         if (null !== $result) {
-            if ($this->eraseCredentials) {
+            if (true === $this->eraseCredentials) {
                 $result->eraseCredentials();
             }
 
@@ -80,7 +80,7 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
             $lastException = new ProviderNotFoundException(sprintf('No Authentication Provider found for token of class "%s".', get_class($token)));
         }
 
-        $lastException->setToken($token);
+        $lastException->setExtraInformation($token);
 
         throw $lastException;
     }

src/Symfony/Component/Security/Authentication/Provider/DaoAuthenticationProvider.php

@@ -39,9 +39,9 @@ class DaoAuthenticationProvider extends UserAuthenticationProvider
      * @param AccountCheckerInterface  $accountChecker  An AccountCheckerInterface instance
      * @param PasswordEncoderInterface $passwordEncoder A PasswordEncoderInterface instance
      */
-    public function __construct(UserProviderInterface $userProvider, AccountCheckerInterface $accountChecker, PasswordEncoderInterface $passwordEncoder = null)
+    public function __construct(UserProviderInterface $userProvider, AccountCheckerInterface $accountChecker, PasswordEncoderInterface $passwordEncoder = null, $hideUserNotFoundExceptions = true)
     {
-        parent::__construct($accountChecker);
+        parent::__construct($accountChecker, $hideUserNotFoundExceptions);
 
         if (null === $passwordEncoder) {
             $passwordEncoder = new PlaintextPasswordEncoder();

src/Symfony/Component/Security/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php

@@ -53,7 +53,7 @@ class PreAuthenticatedAuthenticationProvider implements AuthenticationProviderIn
              return null;
          }
 
-        if (null === $token->getUser()) {
+        if (!$user = $token->getUser()) {
             throw new BadCredentialsException('No pre-authenticated principal found in request.');
         }
 /*
@@ -61,7 +61,7 @@ class PreAuthenticatedAuthenticationProvider implements AuthenticationProviderIn
             throw new BadCredentialsException('No pre-authenticated credentials found in request.');
         }
 */
-        $user = $this->userProvider->loadUserByUsername($token->getUser());
+        $user = $this->userProvider->loadUserByUsername($user);
 
         $this->accountChecker->checkPostAuth($user);
 

src/Symfony/Component/Security/Authentication/Token/PreAuthenticatedToken.php

@@ -23,8 +23,8 @@ class PreAuthenticatedToken extends Token
      */
     public function __construct($user, $credentials, array $roles = null)
     {
+        parent::__construct(null === $roles ? array() : $roles);
         if (null !== $roles) {
-            parent::__construct($roles);
             $this->setAuthenticated(true);
         }
 

src/Symfony/Component/Security/Authentication/Token/Token.php

@@ -42,6 +42,8 @@ abstract class Token implements TokenInterface
             }
             $this->addRole($role);
         }
+        $this->authenticated = false;
+        $this->immutable = false;
     }
 
     /**
@@ -107,7 +109,7 @@ abstract class Token implements TokenInterface
     }
 
     /**
-     * Removes sensitive information from the token.
+     * {@inheritdoc}
      */
     public function eraseCredentials()
     {

src/Symfony/Component/Security/Authentication/Token/TokenInterface.php

@@ -66,4 +66,9 @@ interface TokenInterface extends \Serializable
      * @param Boolean $isAuthenticated The authenticated flag
      */
     function setAuthenticated($isAuthenticated);
+
+    /**
+     * Removes sensitive information from the token.
+     */
+    function eraseCredentials();
 }

tests/Symfony/Tests/Component/Security/Authentication/AuthenticationProviderManagerTest.php

@@ -0,0 +1,143 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Tests\Component\Security\Authentication;
+
+use Symfony\Component\Security\Authentication\AuthenticationProviderManager;
+use Symfony\Component\Security\Exception\ProviderNotFoundException;
+use Symfony\Component\Security\Exception\AuthenticationException;
+use Symfony\Component\Security\Exception\AccountStatusException;
+use Symfony\Component\Security\Authentication\Token\UsernamePasswordToken;
+
+class AuthenticationProviderManagerTest extends \PHPUnit_Framework_TestCase
+{
+    public function testProviderAccessors()
+    {
+        $manager = new AuthenticationProviderManager();
+        $manager->addProvider($provider = $this->getMock('Symfony\Component\Security\Authentication\Provider\AuthenticationProviderInterface'));
+        $this->assertSame(array($provider), $manager->getProviders());
+
+        $manager->setProviders($providers = array($this->getMock('Symfony\Component\Security\Authentication\Provider\AuthenticationProviderInterface')));
+        $this->assertSame($providers, $manager->getProviders());
+    }
+
+    /**
+     * @expectedException LogicException
+     */
+    public function testAuthenticateWithoutProviders()
+    {
+        $manager = new AuthenticationProviderManager();
+        $manager->authenticate($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+    }
+
+    public function testAuthenticateWhenNoProviderSupportsToken()
+    {
+        $manager = new AuthenticationProviderManager(array(
+            $this->getAuthenticationProvider(false),
+        ));
+
+        try {
+            $manager->authenticate($token = $this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+            $this->fail();
+        } catch (ProviderNotFoundException $e) {
+            $this->assertSame($token, $e->getExtraInformation());
+        }
+    }
+
+    public function testAuthenticateWhenProviderReturnsAccountStatusException()
+    {
+        $manager = new AuthenticationProviderManager(array(
+            $this->getAuthenticationProvider(true, null, 'Symfony\Component\Security\Exception\AccountStatusException'),
+        ));
+
+        try {
+            $manager->authenticate($token = $this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+            $this->fail();
+        } catch (AccountStatusException $e) {
+            $this->assertSame($token, $e->getExtraInformation());
+        }
+    }
+
+    public function testAuthenticateWhenProviderReturnsAuthenticationException()
+    {
+        $manager = new AuthenticationProviderManager(array(
+            $this->getAuthenticationProvider(true, null, 'Symfony\Component\Security\Exception\AuthenticationException'),
+        ));
+
+        try {
+            $manager->authenticate($token = $this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+            $this->fail();
+        } catch (AuthenticationException $e) {
+            $this->assertSame($token, $e->getExtraInformation());
+        }
+    }
+
+    public function testAuthenticateWhenOneReturnsAuthenticationExceptionButNotAll()
+    {
+        $manager = new AuthenticationProviderManager(array(
+            $this->getAuthenticationProvider(true, null, 'Symfony\Component\Security\Exception\AuthenticationException'),
+            $this->getAuthenticationProvider(true, $expected = $this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface')),
+        ));
+
+        $token = $manager->authenticate($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+        $this->assertSame($expected, $token);
+    }
+
+    public function testAuthenticateReturnsTokenForTheLastMatch()
+    {
+        $manager = new AuthenticationProviderManager(array(
+            $this->getAuthenticationProvider(true, $this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface')),
+            $this->getAuthenticationProvider(true, $expected = $this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface')),
+        ));
+
+        $token = $manager->authenticate($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+        $this->assertSame($expected, $token);
+    }
+
+    public function testEraseCredentialFlag()
+    {
+        $manager = new AuthenticationProviderManager(array(
+            $this->getAuthenticationProvider(true, $token = new UsernamePasswordToken('foo', 'bar')),
+        ));
+
+        $token = $manager->authenticate($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+        $this->assertEquals('', $token->getCredentials());
+
+        $manager = new AuthenticationProviderManager(array(
+            $this->getAuthenticationProvider(true, $token = new UsernamePasswordToken('foo', 'bar')),
+        ), false);
+
+        $token = $manager->authenticate($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface'));
+        $this->assertEquals('bar', $token->getCredentials());
+    }
+
+    protected function getAuthenticationProvider($supports, $token = null, $exception = null)
+    {
+        $provider = $this->getMock('Symfony\Component\Security\Authentication\Provider\AuthenticationProviderInterface');
+        $provider->expects($this->once())
+                 ->method('supports')
+                 ->will($this->returnValue($supports))
+        ;
+
+        if (null !== $token) {
+            $provider->expects($this->once())
+                     ->method('authenticate')
+                     ->will($this->returnValue($token))
+            ;
+        } elseif (null !== $exception) {
+            $provider->expects($this->once())
+                     ->method('authenticate')
+                     ->will($this->throwException($this->getMock($exception, null, array(), '', false)))
+            ;
+        }
+
+        return $provider;
+    }
+}

tests/Symfony/Tests/Component/Security/Authentication/Provider/AnonymousAuthenticationProviderTest.php

@@ -0,0 +1,65 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Tests\Component\Security\Authentication\Provider;
+
+use Symfony\Component\Security\Authentication\Provider\AnonymousAuthenticationProvider;
+
+class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
+{
+    public function testSupports()
+    {
+        $provider = $this->getProvider('foo');
+
+        $this->assertTrue($provider->supports($this->getSupportedToken('foo')));
+        $this->assertFalse($provider->supports($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface')));
+    }
+
+    public function testAuthenticateWhenTokenIsNotSupported()
+    {
+        $provider = $this->getProvider('foo');
+
+        $this->assertNull($provider->authenticate($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface')));
+    }
+
+    /**
+     * @expectedException Symfony\Component\Security\Exception\BadCredentialsException
+     */
+    public function testAuthenticateWhenKeyIsNotValid()
+    {
+        $provider = $this->getProvider('foo');
+
+        $this->assertNull($provider->authenticate($this->getSupportedToken('bar')));
+    }
+
+    public function testAuthenticate()
+    {
+        $provider = $this->getProvider('foo');
+        $token = $this->getSupportedToken('foo');
+
+        $this->assertSame($token, $provider->authenticate($token));
+    }
+
+    protected function getSupportedToken($key)
+    {
+        $token = $this->getMock('Symfony\Component\Security\Authentication\Token\AnonymousToken', array('getKey'), array(), '', false);
+        $token->expects($this->any())
+              ->method('getKey')
+              ->will($this->returnValue($key))
+        ;
+
+        return $token;
+    }
+
+    protected function getProvider($key)
+    {
+        return new AnonymousAuthenticationProvider($key);
+    }
+}

tests/Symfony/Tests/Component/Security/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php

@@ -0,0 +1,106 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Tests\Component\Security\Authentication\Provider;
+
+use Symfony\Component\Security\Authentication\Provider\PreAuthenticatedAuthenticationProvider;
+
+class PreAuthenticatedAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
+{
+    public function testSupports()
+    {
+        $provider = $this->getProvider();
+
+        $this->assertTrue($provider->supports($this->getSupportedToken()));
+        $this->assertFalse($provider->supports($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface')));
+    }
+
+    public function testAuthenticateWhenTokenIsNotSupported()
+    {
+        $provider = $this->getProvider();
+
+        $this->assertNull($provider->authenticate($this->getMock('Symfony\Component\Security\Authentication\Token\TokenInterface')));
+    }
+
+    /**
+     * @expectedException Symfony\Component\Security\Exception\BadCredentialsException
+     */
+    public function testAuthenticateWhenNoUserIsSet()
+    {
+        $provider = $this->getProvider();
+        $provider->authenticate($this->getSupportedToken(''));
+    }
+
+    public function testAuthenticate()
+    {
+        $user = $this->getMock('Symfony\Component\Security\User\AccountInterface');
+        $provider = $this->getProvider($user);
+
+        $token = $provider->authenticate($this->getSupportedToken('fabien', 'pass'));
+        $this->assertInstanceOf('Symfony\Component\Security\Authentication\Token\PreAuthenticatedToken', $token);
+        $this->assertEquals('pass', $token->getCredentials());
+        $this->assertEquals(array(), $token->getRoles());
+        $this->assertSame($user, $token->getUser());
+    }
+
+    /**
+     * @expectedException Symfony\Component\Security\Exception\LockedException
+     */
+    public function testAuthenticateWhenAccountCheckerThrowsException()
+    {
+        $user = $this->getMock('Symfony\Component\Security\User\AccountInterface');
+
+        $userChecker = $this->getMock('Symfony\Component\Security\User\AccountCheckerInterface');
+        $userChecker->expects($this->once())
+                    ->method('checkPostAuth')
+                    ->will($this->throwException($this->getMock('Symfony\Component\Security\Exception\LockedException', null, array(), '', false)))
+        ;
+
+        $provider = $this->getProvider($user, $userChecker);
+
+        $provider->authenticate($this->getSupportedToken('fabien'));
+    }
+
+    protected function getSupportedToken($user = false, $credentials = false)
+    {
+        $token = $this->getMock('Symfony\Component\Security\Authentication\Token\PreAuthenticatedToken', array('getUser', 'getCredentials'), array(), '', false);
+        if (false !== $user) {
+            $token->expects($this->once())
+                  ->method('getUser')
+                  ->will($this->returnValue($user))
+            ;
+        }
+        if (false !== $credentials) {
+            $token->expects($this->once())
+                  ->method('getCredentials')
+                  ->will($this->returnValue($credentials))
+            ;
+        }
+
+        return $token;
+    }
+
+    protected function getProvider($user = false, $userChecker = false)
+    {
+        $userProvider = $this->getMock('Symfony\Component\Security\User\UserProviderInterface');
+        if (false !== $user) {
+            $userProvider->expects($this->once())
+                         ->method('loadUserByUsername')
+                         ->will($this->returnValue($user))
+            ;
+        }
+
+        if (false === $userChecker) {
+            $userChecker = $this->getMock('Symfony\Component\Security\User\AccountCheckerInterface');
+        }
+
+        return new PreAuthenticatedAuthenticationProvider($userProvider, $userChecker);
+    }
+}

tests/Symfony/Tests/Component/Security/Authentication/Token/AnonymousTokenTest.php

@@ -0,0 +1,44 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Tests\Component\Security\Authentication\Token;
+
+use Symfony\Component\Security\Authentication\Token\AnonymousToken;
+use Symfony\Component\Security\Role\Role;
+
+class AnonymousTokenTest extends \PHPUnit_Framework_TestCase
+{
+    public function testConstructor()
+    {
+        $token = new AnonymousToken('foo', 'bar');
+        $this->assertTrue($token->isAuthenticated());
+
+        $token = new AnonymousToken('foo', 'bar', array('ROLE_FOO'));
+        $this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles());
+    }
+
+    public function testGetKey()
+    {
+        $token = new AnonymousToken('foo', 'bar');
+        $this->assertEquals('foo', $token->getKey());
+    }
+
+    public function testGetCredentials()
+    {
+        $token = new AnonymousToken('foo', 'bar');
+        $this->assertEquals('', $token->getCredentials());
+    }
+
+    public function testGetUser()
+    {
+        $token = new AnonymousToken('foo', 'bar');
+        $this->assertEquals('bar', $token->getUser());
+    }
+}

tests/Symfony/Tests/Component/Security/Authentication/Token/PreAuthenticatedTokenTest.php

@@ -0,0 +1,46 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Tests\Component\Security\Authentication\Token;
+
+use Symfony\Component\Security\Authentication\Token\PreAuthenticatedToken;
+use Symfony\Component\Security\Role\Role;
+
+class PreAuthenticatedTokenTest extends \PHPUnit_Framework_TestCase
+{
+    public function testConstructor()
+    {
+        $token = new PreAuthenticatedToken('foo', 'bar');
+        $this->assertFalse($token->isAuthenticated());
+
+        $token = new PreAuthenticatedToken('foo', 'bar', array('ROLE_FOO'));
+        $this->assertTrue($token->isAuthenticated());
+        $this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles());
+    }
+
+    public function testGetCredentials()
+    {
+        $token = new PreAuthenticatedToken('foo', 'bar');
+        $this->assertEquals('bar', $token->getCredentials());
+    }
+
+    public function testGetUser()
+    {
+        $token = new PreAuthenticatedToken('foo', 'bar');
+        $this->assertEquals('foo', $token->getUser());
+    }
+
+    public function testEraseCredentials()
+    {
+        $token = new PreAuthenticatedToken('foo', 'bar');
+        $token->eraseCredentials();
+        $this->assertEquals('', $token->getCredentials());
+    }
+}

tests/Symfony/Tests/Component/Security/Authentication/Token/TokenTest.php

@@ -0,0 +1,82 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Tests\Component\Security\Authentication\Token;
+
+use Symfony\Component\Security\Authentication\Token\Token as BaseToken;
+use Symfony\Component\Security\Role\Role;
+
+class Token extends BaseToken
+{
+}
+
+class TokenTest extends \PHPUnit_Framework_TestCase
+{
+    /**
+     * @covers Symfony\Component\Security\Authentication\Token\Token::__construct
+     */
+    public function testConstructor()
+    {
+        $token = new Token(array('ROLE_FOO'));
+        $this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles());
+
+        $token = new Token(array(new Role('ROLE_FOO')));
+        $this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles());
+
+        $token = new Token(array(new Role('ROLE_FOO'), 'ROLE_BAR'));
+        $this->assertEquals(array(new Role('ROLE_FOO'), new Role('ROLE_BAR')), $token->getRoles());
+    }
+
+    /**
+     * @covers Symfony\Component\Security\Authentication\Token\Token::addRole
+     * @covers Symfony\Component\Security\Authentication\Token\Token::getRoles
+     */
+    public function testAddRole()
+    {
+        $token = new Token();
+        $token->addRole(new Role('ROLE_FOO'));
+        $this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles());
+
+        $token->addRole(new Role('ROLE_BAR'));
+        $this->assertEquals(array(new Role('ROLE_FOO'), new Role('ROLE_BAR')), $token->getRoles());
+    }
+
+    /**
+     * @covers Symfony\Component\Security\Authentication\Token\Token::isAuthenticated
+     * @covers Symfony\Component\Security\Authentication\Token\Token::setAuthenticated
+     */
+    public function testAuthenticatedFlag()
+    {
+        $token = new Token();
+        $this->assertFalse($token->isAuthenticated());
+
+        $token->setAuthenticated(true);
+        $this->assertTrue($token->isAuthenticated());
+
+        $token->setAuthenticated(false);
+        $this->assertFalse($token->isAuthenticated());
+    }
+
+    /**
+     * @covers Symfony\Component\Security\Authentication\Token\Token::isImmutable
+     * @covers Symfony\Component\Security\Authentication\Token\Token::setImmutable
+     */
+    public function testImmutableFlag()
+    {
+        $token = new Token();
+        $this->assertFalse($token->isImmutable());
+
+        $token->setImmutable(true);
+        $this->assertTrue($token->isImmutable());
+
+        $token->setImmutable(false);
+        $this->assertFalse($token->isImmutable());
+    }
+}

tests/Symfony/Tests/Component/Security/Authentication/Token/UsernamePasswordTokenTest.php

@@ -0,0 +1,50 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Tests\Component\Security\Authentication\Token;
+
+use Symfony\Component\Security\Authentication\Token\UsernamePasswordToken;
+use Symfony\Component\Security\Role\Role;
+
+class UsernamePasswordTokenTest extends \PHPUnit_Framework_TestCase
+{
+    public function testConstructor()
+    {
+        $token = new UsernamePasswordToken('foo', 'bar');
+        $this->assertFalse($token->isAuthenticated());
+
+        $token = new UsernamePasswordToken('foo', 'bar', array('ROLE_FOO'));
+        $this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles());
+        $this->assertTrue($token->isAuthenticated());
+    }
+
+    /**
+     * @expectedException LogicException
+     */
+    public function testSetAuthenticatedToTrue()
+    {
+        $token = new UsernamePasswordToken('foo', 'bar');
+        $token->setAuthenticated(true);
+    }
+
+    public function testSetAuthenticatedToFalse()
+    {
+        $token = new UsernamePasswordToken('foo', 'bar');
+        $token->setAuthenticated(false);
+        $this->assertFalse($token->isAuthenticated());
+    }
+
+    public function testEraseCredentials()
+    {
+        $token = new UsernamePasswordToken('foo', 'bar');
+        $token->eraseCredentials();
+        $this->assertEquals('', $token->getCredentials());
+    }
+}