trait BasicAuthResourceTestTrait
Same name in other branches
- 9 core/modules/rest/tests/src/Functional/BasicAuthResourceTestTrait.php \Drupal\Tests\rest\Functional\BasicAuthResourceTestTrait
- 8.9.x core/modules/rest/tests/src/Functional/BasicAuthResourceTestTrait.php \Drupal\Tests\rest\Functional\BasicAuthResourceTestTrait
- 11.x core/modules/rest/tests/src/Functional/BasicAuthResourceTestTrait.php \Drupal\Tests\rest\Functional\BasicAuthResourceTestTrait
Trait for ResourceTestBase subclasses testing $auth=basic_auth.
Characteristics:
- Every request must send an Authorization header.
- When accessing a URI that requires authentication without being authenticated, a 401 response must be sent.
- Because every request must send an authorization, there is no danger of CSRF attacks.
Hierarchy
- trait \Drupal\Tests\rest\Functional\BasicAuthResourceTestTrait
102 files declare their use of BasicAuthResourceTestTrait
- ActionJsonBasicAuthTest.php in core/
modules/ system/ tests/ src/ Functional/ Rest/ ActionJsonBasicAuthTest.php - ActionJsonBasicAuthTest.php in core/
modules/ action/ tests/ src/ Functional/ Rest/ ActionJsonBasicAuthTest.php - ActionXmlBasicAuthTest.php in core/
modules/ system/ tests/ src/ Functional/ Rest/ ActionXmlBasicAuthTest.php - ActionXmlBasicAuthTest.php in core/
modules/ action/ tests/ src/ Functional/ Rest/ ActionXmlBasicAuthTest.php - BaseFieldOverrideJsonBasicAuthTest.php in core/
tests/ Drupal/ FunctionalTests/ Rest/ BaseFieldOverrideJsonBasicAuthTest.php
File
-
core/
modules/ rest/ tests/ src/ Functional/ BasicAuthResourceTestTrait.php, line 20
Namespace
Drupal\Tests\rest\FunctionalView source
trait BasicAuthResourceTestTrait {
/**
* {@inheritdoc}
*/
protected function getAuthenticationRequestOptions($method) {
return [
'headers' => [
'Authorization' => 'Basic ' . base64_encode($this->account->name->value . ':' . $this->account->passRaw),
],
];
}
/**
* {@inheritdoc}
*/
protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
if ($method !== 'GET') {
return $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response);
}
$expected_page_cache_header_value = $method === 'GET' ? 'MISS' : FALSE;
$expected_cacheability = $this->getExpectedUnauthorizedAccessCacheability()
->addCacheableDependency($this->getExpectedUnauthorizedEntityAccessCacheability(FALSE))
->addCacheableDependency($this->config('system.site'))
->addCacheTags([
'config:user.role.anonymous',
]);
// Only add the 'user.roles:anonymous' cache context if its parent cache
// context is not already present.
if (!in_array('user.roles', $expected_cacheability->getCacheContexts(), TRUE)) {
$expected_cacheability->addCacheContexts([
'user.roles:anonymous',
]);
}
$this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response, $expected_cacheability->getCacheTags(), $expected_cacheability->getCacheContexts(), $expected_page_cache_header_value, FALSE);
}
/**
* {@inheritdoc}
*/
protected function assertAuthenticationEdgeCases($method, Url $url, array $request_options) {
}
}
Members
Title Sort descending | Modifiers | Object type | Summary | Overrides |
---|---|---|---|---|
BasicAuthResourceTestTrait::assertAuthenticationEdgeCases | protected | function | 1 | |
BasicAuthResourceTestTrait::assertResponseWhenMissingAuthentication | protected | function | 1 | |
BasicAuthResourceTestTrait::getAuthenticationRequestOptions | protected | function |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.