function SessionHttpsTest::loginHttp

Same name in other branches
  1. 9 core/modules/system/tests/src/Functional/Session/SessionHttpsTest.php \Drupal\Tests\system\Functional\Session\SessionHttpsTest::loginHttp()
  2. 10 core/modules/system/tests/src/Functional/Session/SessionHttpsTest.php \Drupal\Tests\system\Functional\Session\SessionHttpsTest::loginHttp()
  3. 11.x core/modules/system/tests/src/Functional/Session/SessionHttpsTest.php \Drupal\Tests\system\Functional\Session\SessionHttpsTest::loginHttp()

Log in a user via HTTP.

Note that the parents $session_id and $loggedInUser is not updated.

1 call to SessionHttpsTest::loginHttp()
SessionHttpsTest::testHttpsSession in core/modules/system/tests/src/Functional/Session/SessionHttpsTest.php
Tests HTTPS sessions.

File

core/modules/system/tests/src/Functional/Session/SessionHttpsTest.php, line 125

Class

SessionHttpsTest
Ensure that when running under HTTPS two session cookies are generated.

Namespace

Drupal\Tests\system\Functional\Session

Code

protected function loginHttp(AccountInterface $account) {
    $guzzle_cookie_jar = $this->getGuzzleCookieJar();
    $post = [
        'form_id' => 'user_login_form',
        'form_build_id' => $this->getUserLoginFormBuildId(),
        'name' => $account->getAccountName(),
        'pass' => $account->passRaw,
        'op' => 'Log in',
    ];
    $url = $this->buildUrl($this->httpUrl('user/login'));
    // When posting directly to the HTTP or HTTPS mock front controller, the
    // location header on the returned response is an absolute URL. That URL
    // needs to be converted into a request to the respective mock front
    // controller in order to retrieve the target page. Because the URL in the
    // location header needs to be modified, it is necessary to disable the
    // automatic redirects normally performed by the Guzzle CurlHandler.
    
    /** @var \Psr\Http\Message\ResponseInterface $response */
    $response = $this->getHttpClient()
        ->post($url, [
        'form_params' => $post,
        'http_errors' => FALSE,
        'cookies' => $guzzle_cookie_jar,
        'allow_redirects' => FALSE,
    ]);
    // When logging in via the HTTP mock, the child site will issue a session
    // cookie without the secure attribute set. While this cookie will be stored
    // in the Guzzle CookieJar, it will not be used on subsequent requests.
    // Update the BrowserKit CookieJar so that subsequent requests have the
    // correct cookie.
    $cookie = $guzzle_cookie_jar->getCookieByName($this->insecureSessionName);
    $this->assertFalse($cookie->getSecure(), 'The insecure cookie does not have the secure attribute');
    
    /** @var \Symfony\Component\BrowserKit\CookieJar $browser_kit_cookie_jar */
    $browser_kit_cookie_jar = $this->getSession()
        ->getDriver()
        ->getClient()
        ->getCookieJar();
    $browser_kit_cookie_jar->updateFromSetCookie($response->getHeader('Set-Cookie'), $this->baseUrl);
    // Follow the location header.
    $path = $this->getPathFromLocationHeader($response, FALSE);
    $this->drupalGet($this->httpUrl($path));
    $this->assertSession()
        ->statusCodeEquals(200);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.