merged branch Herzult/testSecurity (PR #1447)

Commits
-------

164aea4 [Security] Add tests for the channel listener
d51cbc0 [Security] Remove useless attribute in basic authentication listener & test it
91e6dc9 [Security] Add tests for the anonymous authentication listener
3c2affb [Security] Update access listener constructor's prototype and add tests
81afd77 [Security] Add tests for the firewall map
aa6ae33 [Security] Remove useless attribute & var in firewall

Discussion
----------

Test security

---------------------------------------------------------------------------

by lsmith77 at 2011/06/29 13:41:07 -0700

@schmittjoh is probably the person to review this change ..

src/Symfony/Component/Security/Http/Firewall.php

@@ -30,7 +30,6 @@ class Firewall
 {
     private $map;
     private $dispatcher;
-    private $currentListeners;
 
     /**
      * Constructor.
@@ -42,7 +41,6 @@ class Firewall
     {
         $this->map = $map;
         $this->dispatcher = $dispatcher;
-        $this->currentListeners = array();
     }
 
     /**

src/Symfony/Component/Security/Http/Firewall/AccessListener.php

@@ -11,7 +11,7 @@
 
 namespace Symfony\Component\Security\Http\Firewall;
 
-use Symfony\Component\Security\Core\SecurityContext;
+use Symfony\Component\Security\Core\SecurityContextInterface;
 use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
 use Symfony\Component\Security\Http\AccessMap;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
@@ -33,7 +33,7 @@ class AccessListener implements ListenerInterface
     private $authManager;
     private $logger;
 
-    public function __construct(SecurityContext $context, AccessDecisionManagerInterface $accessDecisionManager, AccessMap $map, AuthenticationManagerInterface $authManager, LoggerInterface $logger = null)
+    public function __construct(SecurityContextInterface $context, AccessDecisionManagerInterface $accessDecisionManager, AccessMap $map, AuthenticationManagerInterface $authManager, LoggerInterface $logger = null)
     {
         $this->context = $context;
         $this->accessDecisionManager = $accessDecisionManager;

src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php

@@ -31,7 +31,6 @@ class BasicAuthenticationListener implements ListenerInterface
     private $providerKey;
     private $authenticationEntryPoint;
     private $logger;
-    private $ignoreFailure;
 
     public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint, LoggerInterface $logger = null)
     {
@@ -44,7 +43,6 @@ class BasicAuthenticationListener implements ListenerInterface
         $this->providerKey = $providerKey;
         $this->authenticationEntryPoint = $authenticationEntryPoint;
         $this->logger = $logger;
-        $this->ignoreFailure = false;
     }
 
     /**
@@ -80,10 +78,6 @@ class BasicAuthenticationListener implements ListenerInterface
                 $this->logger->info(sprintf('Authentication request failed for user "%s": %s', $username, $failed->getMessage()));
             }
 
-            if ($this->ignoreFailure) {
-                return;
-            }
-
             $event->setResponse($this->authenticationEntryPoint->start($request, $failed));
         }
     }

tests/Symfony/Tests/Component/Security/Http/Firewall/AccessListenerTest.php

@@ -0,0 +1,199 @@
+<?php
+
+namespace Symfony\Tests\Component\Security\Http\Firewall;
+
+use Symfony\Component\Security\Http\Firewall\AccessListener;
+
+class AccessListenerTest extends \PHPUnit_Framework_TestCase
+{
+    /**
+     * @expectedException Symfony\Component\Security\Core\Exception\AccessDeniedException
+     */
+    public function testHandleWhenTheAccessDecisionManagerDecidesToRefuseAccess()
+    {
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+
+        $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMap');
+        $accessMap
+            ->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(array('foo' => 'bar'), null)))
+        ;
+
+        $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+        $token
+            ->expects($this->any())
+            ->method('isAuthenticated')
+            ->will($this->returnValue(true))
+        ;
+
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue($token))
+        ;
+
+        $accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface');
+        $accessDecisionManager
+            ->expects($this->once())
+            ->method('decide')
+            ->with($this->equalTo($token), $this->equalTo(array('foo' => 'bar')), $this->equalTo($request))
+            ->will($this->returnValue(false))
+        ;
+
+        $listener = new AccessListener(
+            $context,
+            $accessDecisionManager,
+            $accessMap,
+            $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+
+        $listener->handle($event);
+    }
+
+    public function testHandleWhenTheTokenIsNotAuthenticated()
+    {
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+
+        $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMap');
+        $accessMap
+            ->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(array('foo' => 'bar'), null)))
+        ;
+
+        $notAuthenticatedToken = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+        $notAuthenticatedToken
+            ->expects($this->any())
+            ->method('isAuthenticated')
+            ->will($this->returnValue(false))
+        ;
+
+        $authenticatedToken = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+        $authenticatedToken
+            ->expects($this->any())
+            ->method('isAuthenticated')
+            ->will($this->returnValue(true))
+        ;
+
+        $authManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface');
+        $authManager
+            ->expects($this->once())
+            ->method('authenticate')
+            ->with($this->equalTo($notAuthenticatedToken))
+            ->will($this->returnValue($authenticatedToken))
+        ;
+
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue($notAuthenticatedToken))
+        ;
+        $context
+            ->expects($this->once())
+            ->method('setToken')
+            ->with($this->equalTo($authenticatedToken))
+        ;
+
+        $accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface');
+        $accessDecisionManager
+            ->expects($this->once())
+            ->method('decide')
+            ->with($this->equalTo($authenticatedToken), $this->equalTo(array('foo' => 'bar')), $this->equalTo($request))
+            ->will($this->returnValue(true))
+        ;
+
+        $listener = new AccessListener(
+            $context,
+            $accessDecisionManager,
+            $accessMap,
+            $authManager
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+
+        $listener->handle($event);
+    }
+
+    public function testHandleWhenThereIsNoAccessMapEntryMatchingTheRequest()
+    {
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+
+        $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMap');
+        $accessMap
+            ->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(null, null)))
+        ;
+
+        $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+        $token
+            ->expects($this->never())
+            ->method('isAuthenticated')
+        ;
+
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue($token))
+        ;
+
+        $listener = new AccessListener(
+            $context,
+            $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'),
+            $accessMap,
+            $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+
+        $listener->handle($event);
+    }
+
+    /**
+     * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
+     */
+    public function testHandleWhenTheSecurityContextHasNoToken()
+    {
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue(null))
+        ;
+
+        $listener = new AccessListener(
+            $context,
+            $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'),
+            $this->getMock('Symfony\Component\Security\Http\AccessMap'),
+            $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+
+        $listener->handle($event);
+    }
+}

tests/Symfony/Tests/Component/Security/Http/Firewall/AnonymousAuthenticationListenerTest.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace Symfony\Tests\Component\Security\Http\Firewall;
+
+use Symfony\Component\Security\Http\Firewall\AnonymousAuthenticationListener;
+
+class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase
+{
+    public function testHandleWithContextHavingAToken()
+    {
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')))
+        ;
+        $context
+            ->expects($this->never())
+            ->method('setToken')
+        ;
+
+        $listener = new AnonymousAuthenticationListener($context, 'TheKey');
+        $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false));
+    }
+
+    public function testHandleWithContextHavingNoToken()
+    {
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue(null))
+        ;
+        $context
+            ->expects($this->once())
+            ->method('setToken')
+            ->with(self::logicalAnd(
+                $this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken'),
+                $this->attributeEqualTo('key', 'TheKey')
+            ))
+        ;
+
+        $listener = new AnonymousAuthenticationListener($context, 'TheKey');
+        $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false));
+    }
+}

tests/Symfony/Tests/Component/Security/Http/Firewall/BasicAuthenticationListenerTest.php

@@ -0,0 +1,174 @@
+<?php
+
+namespace Symfony\Tests\Component\Security\Http\Firewall;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Http\Firewall\BasicAuthenticationListener;
+use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
+
+class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase
+{
+    public function testHandleWithValidUsernameAndPasswordServerParameters()
+    {
+        $request = new Request(array(), array(), array(), array(), array(), array(
+            'PHP_AUTH_USER' => 'TheUsername',
+            'PHP_AUTH_PW'   => 'ThePassword'
+        ));
+
+        $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue(null))
+        ;
+        $context
+            ->expects($this->once())
+            ->method('setToken')
+            ->with($this->equalTo($token))
+        ;
+
+        $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface');
+        $authenticationManager
+            ->expects($this->once())
+            ->method('authenticate')
+            ->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken'))
+            ->will($this->returnValue($token))
+        ;
+
+        $listener = new BasicAuthenticationListener(
+            $context,
+            $authenticationManager,
+            'TheProviderKey',
+            $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+
+        $listener->handle($event);
+    }
+
+    public function testHandleWhenAuthenticationFails()
+    {
+        $request = new Request(array(), array(), array(), array(), array(), array(
+            'PHP_AUTH_USER' => 'TheUsername',
+            'PHP_AUTH_PW'   => 'ThePassword'
+        ));
+
+        $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
+
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue(null))
+        ;
+        $context
+            ->expects($this->once())
+            ->method('setToken')
+            ->with($this->equalTo(null))
+        ;
+
+        $response = new Response();
+
+        $authenticationEntryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface');
+        $authenticationEntryPoint
+            ->expects($this->any())
+            ->method('start')
+            ->with($this->equalTo($request), $this->isInstanceOf('Symfony\Component\Security\Core\Exception\AuthenticationException'))
+            ->will($this->returnValue($response))
+        ;
+
+        $listener = new BasicAuthenticationListener(
+            $context,
+            new AuthenticationProviderManager(array($this->getMock('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface'))),
+            'TheProviderKey',
+            $authenticationEntryPoint
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+        $event
+            ->expects($this->once())
+            ->method('setResponse')
+            ->with($this->equalTo($response))
+        ;
+
+        $listener->handle($event);
+    }
+
+    public function testHandleWithNoUsernameServerParameter()
+    {
+        $request = new Request();
+
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->never())
+            ->method('getToken')
+        ;
+
+        $listener = new BasicAuthenticationListener(
+            $context,
+            $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'),
+            'TheProviderKey',
+            $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+
+        $listener->handle($event);
+    }
+
+    public function textHandleWithASimilarAuthenticatedToken()
+    {
+        $request = new Request(array(), array(), array(), array(), array(), array('PHP_AUTH_USER' => 'TheUsername'));
+
+        $token = new UsernamePasswordToken('TheUsername', 'ThePassword', 'TheProviderKey', array('ROLE_FOO'));
+
+        $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface');
+        $context
+            ->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue($token))
+        ;
+
+        $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface');
+        $authenticationManager
+            ->expects($this->never())
+            ->method('authenticate')
+        ;
+
+        $listener = new BasicAuthenticationListener(
+            $context,
+            $authenticationManager,
+            'TheProviderKey',
+            $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface')
+        );
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+
+        $listener->handle($event);
+    }
+}

tests/Symfony/Tests/Component/Security/Http/Firewall/ChannelListenerTest.php

@@ -0,0 +1,172 @@
+<?php
+
+namespace Symfony\Test\Component\Security\Http\Firewall;
+
+use Symfony\Component\Security\Http\Firewall\ChannelListener;
+use Symfony\Component\HttpKernel\Event\GetResponseEvent;
+use Symfony\Component\HttpFoundation\Response;
+
+class ChannelListenerTest extends \PHPUnit_Framework_TestCase
+{
+    public function testHandleWithNotSecuredRequestAndHttpChannel()
+    {
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+        $request
+            ->expects($this->any())
+            ->method('isSecure')
+            ->will($this->returnValue(false))
+        ;
+
+        $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMap');
+        $accessMap
+            ->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(array(), 'http')))
+        ;
+
+        $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface');
+        $entryPoint
+            ->expects($this->never())
+            ->method('start')
+        ;
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+        $event
+            ->expects($this->never())
+            ->method('setResponse')
+        ;
+
+        $listener = new ChannelListener($accessMap, $entryPoint);
+        $listener->handle($event);
+    }
+
+    public function testHandleWithSecuredRequestAndHttpsChannel()
+    {
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+        $request
+            ->expects($this->any())
+            ->method('isSecure')
+            ->will($this->returnValue(true))
+        ;
+
+        $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMap');
+        $accessMap
+            ->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(array(), 'https')))
+        ;
+
+        $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface');
+        $entryPoint
+            ->expects($this->never())
+            ->method('start')
+        ;
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+        $event
+            ->expects($this->never())
+            ->method('setResponse')
+        ;
+
+        $listener = new ChannelListener($accessMap, $entryPoint);
+        $listener->handle($event);
+    }
+
+    public function testHandleWithNotSecuredRequestAndHttpsChannel()
+    {
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+        $request
+            ->expects($this->any())
+            ->method('isSecure')
+            ->will($this->returnValue(false))
+        ;
+
+        $response = new Response();
+
+        $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMap');
+        $accessMap
+            ->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(array(), 'https')))
+        ;
+
+        $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface');
+        $entryPoint
+            ->expects($this->once())
+            ->method('start')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue($response))
+        ;
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+        $event
+            ->expects($this->once())
+            ->method('setResponse')
+            ->with($this->equalTo($response))
+        ;
+
+        $listener = new ChannelListener($accessMap, $entryPoint);
+        $listener->handle($event);
+    }
+
+    public function testHandleWithSecuredRequestAndHttpChannel()
+    {
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+        $request
+            ->expects($this->any())
+            ->method('isSecure')
+            ->will($this->returnValue(true))
+        ;
+
+        $response = new Response();
+
+        $accessMap = $this->getMock('Symfony\Component\Security\Http\AccessMap');
+        $accessMap
+            ->expects($this->any())
+            ->method('getPatterns')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(array(), 'http')))
+        ;
+
+        $entryPoint = $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface');
+        $entryPoint
+            ->expects($this->once())
+            ->method('start')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue($response))
+        ;
+
+        $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false);
+        $event
+            ->expects($this->any())
+            ->method('getRequest')
+            ->will($this->returnValue($request))
+        ;
+        $event
+            ->expects($this->once())
+            ->method('setResponse')
+            ->with($this->equalTo($response))
+        ;
+
+        $listener = new ChannelListener($accessMap, $entryPoint);
+        $listener->handle($event);
+    }
+}

tests/Symfony/Tests/Component/Security/Http/FirewallMapTest.php

@@ -0,0 +1,108 @@
+<?php
+
+namespace Symfony\Tests\Component\Security\Http;
+
+use Symfony\Component\Security\Http\FirewallMap;
+use Symfony\Component\HttpFoundation\Request;
+
+class FirewallMapTest extends \PHPUnit_Framework_TestCase
+{
+    public function testGetListeners()
+    {
+        $map = new FirewallMap();
+
+        $request = new Request();
+
+        $notMatchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher');
+        $notMatchingMatcher
+            ->expects($this->once())
+            ->method('matches')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(false))
+        ;
+
+        $map->add($notMatchingMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface')));
+
+        $matchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher');
+        $matchingMatcher
+            ->expects($this->once())
+            ->method('matches')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(true))
+        ;
+        $theListener = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface');
+        $theException = $this->getMock('Symfony\Component\Security\Http\Firewall\ExceptionListener', array(), array(), '', false);
+
+        $map->add($matchingMatcher, array($theListener), $theException);
+
+        $tooLateMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher');
+        $tooLateMatcher
+            ->expects($this->never())
+            ->method('matches')
+        ;
+
+        $map->add($tooLateMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface')));
+
+        list($listeners, $exception) = $map->getListeners($request);
+
+        $this->assertEquals(array($theListener), $listeners);
+        $this->assertEquals($theException, $exception);
+    }
+
+    public function testGetListenersWithAnEntryHavingNoRequestMatcher()
+    {
+        $map = new FirewallMap();
+
+        $request = new Request();
+
+        $notMatchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher');
+        $notMatchingMatcher
+            ->expects($this->once())
+            ->method('matches')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(false))
+        ;
+
+        $map->add($notMatchingMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface')));
+
+        $theListener = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface');
+        $theException = $this->getMock('Symfony\Component\Security\Http\Firewall\ExceptionListener', array(), array(), '', false);
+
+        $map->add(null, array($theListener), $theException);
+
+        $tooLateMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher');
+        $tooLateMatcher
+            ->expects($this->never())
+            ->method('matches')
+        ;
+
+        $map->add($tooLateMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface')));
+
+        list($listeners, $exception) = $map->getListeners($request);
+
+        $this->assertEquals(array($theListener), $listeners);
+        $this->assertEquals($theException, $exception);
+    }
+
+    public function testGetListenersWithNoMatchingEntry()
+    {
+        $map = new FirewallMap();
+
+        $request = new Request();
+
+        $notMatchingMatcher = $this->getMock('Symfony\Component\HttpFoundation\RequestMatcher');
+        $notMatchingMatcher
+            ->expects($this->once())
+            ->method('matches')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(false))
+        ;
+
+        $map->add($notMatchingMatcher, array($this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface')));
+
+        list($listeners, $exception) = $map->getListeners($request);
+
+        $this->assertEquals(array(), $listeners);
+        $this->assertNull($exception);
+    }
+}

tests/Symfony/Tests/Component/Security/Http/FirewallTest.php

@@ -0,0 +1,99 @@
+<?php
+
+namespace Symfony\Tests\Component\Security\Http;
+
+use Symfony\Component\Security\Http\Firewall;
+use Symfony\Component\HttpKernel\Event\GetResponseEvent;
+use Symfony\Component\HttpKernel\HttpKernelInterface;
+
+class FirewallTest extends \PHPUnit_Framework_TestCase
+{
+    public function testOnKernelRequestRegistersExceptionListener()
+    {
+        $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface');
+
+        $listener = $this->getMock('Symfony\Component\Security\Http\Firewall\ExceptionListener', array(), array(), '', false);
+        $listener
+            ->expects($this->once())
+            ->method('register')
+            ->with($this->equalTo($dispatcher))
+        ;
+
+        $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false);
+
+        $map = $this->getMock('Symfony\Component\Security\Http\FirewallMapInterface');
+        $map
+            ->expects($this->once())
+            ->method('getListeners')
+            ->with($this->equalTo($request))
+            ->will($this->returnValue(array(array(), $listener)))
+        ;
+
+        $event = new GetResponseEvent($this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), $request, HttpKernelInterface::MASTER_REQUEST);
+
+        $firewall = new Firewall($map, $dispatcher);
+        $firewall->onKernelRequest($event);
+    }
+
+    public function testOnKernelRequestStopsWhenThereIsAResponse()
+    {
+        $response = $this->getMock('Symfony\Component\HttpFoundation\Response');
+
+        $first = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface');
+        $first
+            ->expects($this->once())
+            ->method('handle')
+        ;
+
+        $second = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface');
+        $second
+            ->expects($this->never())
+            ->method('handle')
+        ;
+
+        $map = $this->getMock('Symfony\Component\Security\Http\FirewallMapInterface');
+        $map
+            ->expects($this->once())
+            ->method('getListeners')
+            ->will($this->returnValue(array(array($first, $second), null)))
+        ;
+
+        $event = $this->getMock(
+            'Symfony\Component\HttpKernel\Event\GetResponseEvent',
+            array('hasResponse'),
+            array(
+                $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'),
+                $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false),
+                HttpKernelInterface::MASTER_REQUEST
+            )
+        );
+        $event
+            ->expects($this->once())
+            ->method('hasResponse')
+            ->will($this->returnValue(true))
+        ;
+
+        $firewall = new Firewall($map, $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'));
+        $firewall->onKernelRequest($event);
+    }
+
+    public function testOnKernelRequestWithSubRequest()
+    {
+        $map = $this->getMock('Symfony\Component\Security\Http\FirewallMapInterface');
+        $map
+            ->expects($this->never())
+            ->method('getListeners')
+        ;
+
+        $event = new GetResponseEvent(
+            $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'),
+            $this->getMock('Symfony\Component\HttpFoundation\Request'),
+            HttpKernelInterface::SUB_REQUEST
+        );
+
+        $firewall = new Firewall($map, $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'));
+        $firewall->onKernelRequest($event);
+
+        $this->assertFalse($event->hasResponse());
+    }
+}