function BasicAuthTest::testBasicAuth
Same name in other branches
- 9 core/modules/basic_auth/tests/src/Functional/BasicAuthTest.php \Drupal\Tests\basic_auth\Functional\BasicAuthTest::testBasicAuth()
- 8.9.x core/modules/basic_auth/tests/src/Functional/BasicAuthTest.php \Drupal\Tests\basic_auth\Functional\BasicAuthTest::testBasicAuth()
- 11.x core/modules/basic_auth/tests/src/Functional/BasicAuthTest.php \Drupal\Tests\basic_auth\Functional\BasicAuthTest::testBasicAuth()
Tests http basic authentication.
File
-
core/
modules/ basic_auth/ tests/ src/ Functional/ BasicAuthTest.php, line 42
Class
- BasicAuthTest
- Tests for BasicAuth authentication provider.
Namespace
Drupal\Tests\basic_auth\FunctionalCode
public function testBasicAuth() : void {
// Enable page caching.
$config = $this->config('system.performance');
$config->set('cache.page.max_age', 300);
$config->save();
$account = $this->drupalCreateUser();
$url = Url::fromRoute('router_test.11');
// Ensure we can log in with valid authentication details.
$this->basicAuthGet($url, $account->getAccountName(), $account->pass_raw);
$this->assertSession()
->pageTextContains($account->getAccountName());
$this->assertSession()
->statusCodeEquals(200);
$this->mink
->resetSessions();
$this->assertSession()
->responseHeaderDoesNotExist('X-Drupal-Cache');
// Check that Cache-Control is not set to public.
$this->assertSession()
->responseHeaderNotContains('Cache-Control', 'public');
// Ensure that invalid authentication details give access denied.
$this->basicAuthGet($url, $account->getAccountName(), $this->randomMachineName());
$this->assertSession()
->pageTextNotContains($account->getAccountName());
$this->assertSession()
->statusCodeEquals(403);
$this->mink
->resetSessions();
// Ensure that the user is prompted to authenticate if they are not yet
// authenticated and the route only allows basic auth.
$this->drupalGet($url);
$this->assertSession()
->responseHeaderEquals('WWW-Authenticate', 'Basic realm="' . \Drupal::config('system.site')->get('name') . '"');
$this->assertSession()
->statusCodeEquals(401);
// Ensure that a route without basic auth defined doesn't prompt for auth.
$this->drupalGet('admin');
$this->assertSession()
->statusCodeEquals(403);
$account = $this->drupalCreateUser([
'access administration pages',
]);
// Ensure that a route without basic auth defined doesn't allow login.
$this->basicAuthGet(Url::fromRoute('system.admin'), $account->getAccountName(), $account->pass_raw);
$this->assertSession()
->linkNotExists('Log out', 'User is not logged in');
$this->assertSession()
->statusCodeEquals(403);
$this->mink
->resetSessions();
// Ensure that pages already in the page cache aren't returned from page
// cache if basic auth credentials are provided.
$url = Url::fromRoute('router_test.10');
$this->drupalGet($url);
$this->assertSession()
->responseHeaderEquals('X-Drupal-Cache', 'MISS');
$this->basicAuthGet($url, $account->getAccountName(), $account->pass_raw);
$this->assertSession()
->responseHeaderDoesNotExist('X-Drupal-Cache');
// Check that Cache-Control is not set to public.
$this->assertSession()
->responseHeaderNotContains('Cache-Control', 'public');
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.