‪TYPO3CMS  ‪main
FrontendUserAuthenticationTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
20 use GuzzleHttp\Cookie\SetCookie;
21 use Psr\Log\NullLogger;
29 use TYPO3\TestingFramework\Core\Functional\Framework\Frontend\InternalRequest;
30 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
31 
32 final class ‪FrontendUserAuthenticationTest extends FunctionalTestCase
33 {
35 
36  private const ‪ROOT_PAGE_ID = 1;
37  protected const ‪LANGUAGE_PRESETS = [
38  'EN' => ['id' => 0, 'title' => 'English', 'locale' => 'en_US.UTF8'],
39  ];
40 
41  public function ‪setUp(): void
42  {
43  parent::setUp();
44  $this->importCSVDataSet(__DIR__ . '/../Fixtures/pages.csv');
46  'frontend_authentication',
47  $this->‪buildSiteConfiguration(self::ROOT_PAGE_ID, '/'),
48  );
49  $this->setUpFrontendRootPage(self::ROOT_PAGE_ID, ['EXT:frontend/Tests/Functional/Fixtures/TypoScript/page.typoscript']);
50  }
51 
55  public function ‪feSessionsAreNotStoredForAnonymousSessions(): void
56  {
57  $response = $this->executeFrontendSubRequest((new InternalRequest())->withPageId(self::ROOT_PAGE_ID));
58 
59  self::assertStringNotContainsString('fe_typo_user', $response->getHeaderLine('Set-Cookie'));
60  $this->assertCSVDataSet(__DIR__ . '/Fixtures/fe_sessions_empty.csv');
61  }
62 
67  {
68  $this->importCSVDataSet(__DIR__ . '/Fixtures/fe_users.csv');
69 
70  $normalizedParams = new NormalizedParams(
71  [
72  'REQUEST_URI' => '/',
73  'HTTP_HOST' => 'localhost',
74  'DOCUMENT_ROOT' => ‪Environment::getPublicPath(),
75  'SCRIPT_FILENAME' => ‪Environment::getPublicPath() . '/index.php',
76  'SCRIPT_NAME' => '/index.php',
77  ],
78  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS'],
79  ‪Environment::getPublicPath() . '/index.php',
81  );
82 
83  $nonce = ‪Nonce::create();
84  $requestToken = ‪RequestToken::create('core/user-auth/fe')->toHashSignedJwt($nonce);
85  $request = (new InternalRequest())
86  ->withPageId(self::ROOT_PAGE_ID)
87  ->withMethod('POST')
88  ->withParsedBody(
89  [
90  'user' => 'testuser',
91  'pass' => 'test',
92  'logintype' => 'login',
93  '__RequestToken' => $requestToken,
94  ]
95  )
96  ->withAttribute('normalizedParams', $normalizedParams)
97  ->withCookieParams([123 => 'bogus', 'typo3nonce_' . $nonce->getSigningIdentifier()->name => $nonce->toHashSignedJwt()]);
98 
99  $response = $this->executeFrontendSubRequest($request);
100 
101  self::assertStringContainsString('fe_typo_user', $response->getHeaderLine('Set-Cookie'));
102  $this->assertCSVDataSet(__DIR__ . '/Fixtures/fe_sessions_filled.csv');
103 
104  // Now check whether the existing session is retrieved by providing the retrieved JWT token in the cookie params.
105  $cookie = SetCookie::fromString($response->getHeaderLine('Set-Cookie'));
106  $request = (new ServerRequest('http://localhost/'))
107  ->withAttribute('normalizedParams', $normalizedParams)
108  ->withCookieParams([$cookie->getName() => $cookie->getValue()]);
109 
110  $frontendUserAuthentication = new FrontendUserAuthentication();
111  $frontendUserAuthentication->setLogger(new NullLogger());
112  $frontendUserAuthentication->start($request);
113 
114  self::assertNotNull($frontendUserAuthentication->user);
115  self::assertEquals('testuser', $frontendUserAuthentication->user['username']);
116  }
117 }
‪TYPO3\CMS\Frontend\Tests\Functional\Authentication\FrontendUserAuthenticationTest\LANGUAGE_PRESETS
‪const LANGUAGE_PRESETS
Definition: FrontendUserAuthenticationTest.php:36
‪TYPO3\CMS\Frontend\Tests\Functional\Authentication\FrontendUserAuthenticationTest\feSessionsAreNotStoredForAnonymousSessions
‪feSessionsAreNotStoredForAnonymousSessions()
Definition: FrontendUserAuthenticationTest.php:54
‪TYPO3\CMS\Frontend\Tests\Functional\Authentication\FrontendUserAuthenticationTest
Definition: FrontendUserAuthenticationTest.php:33
‪TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait
Definition: SiteBasedTestTrait.php:37
‪TYPO3\CMS\Core\Core\Environment\getPublicPath
‪static getPublicPath()
Definition: Environment.php:187
‪TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait\writeSiteConfiguration
‪writeSiteConfiguration(string $identifier, array $site=[], array $languages=[], array $errorHandling=[])
Definition: SiteBasedTestTrait.php:50
‪TYPO3\CMS\Core\Tests\Functional\SiteHandling\SiteBasedTestTrait\buildSiteConfiguration
‪buildSiteConfiguration(int $rootPageId, string $base='')
Definition: SiteBasedTestTrait.php:96
‪TYPO3\CMS\Core\Security\RequestToken
Definition: RequestToken.php:26
‪TYPO3\CMS\Core\Security\Nonce\create
‪static create(int $length=self::MIN_BYTES)
Definition: Nonce.php:37
‪TYPO3\CMS\Frontend\Tests\Functional\Authentication\FrontendUserAuthenticationTest\setUp
‪setUp()
Definition: FrontendUserAuthenticationTest.php:40
‪TYPO3\CMS\Frontend\Tests\Functional\Authentication
Definition: FrontendUserAuthenticationTest.php:18
‪TYPO3\CMS\Core\Http\ServerRequest
Definition: ServerRequest.php:39
‪TYPO3\CMS\Core\Security\Nonce
Definition: Nonce.php:29
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Core\Environment
Definition: Environment.php:41
‪TYPO3\CMS\Frontend\Authentication\FrontendUserAuthentication
Definition: FrontendUserAuthentication.php:33
‪TYPO3\CMS\Core\Security\RequestToken\create
‪static create(string $scope)
Definition: RequestToken.php:43
‪TYPO3\CMS\Frontend\Tests\Functional\Authentication\FrontendUserAuthenticationTest\ROOT_PAGE_ID
‪const ROOT_PAGE_ID
Definition: FrontendUserAuthenticationTest.php:35
‪TYPO3\CMS\Frontend\Tests\Functional\Authentication\FrontendUserAuthenticationTest\canCreateNewAndExistingSessionWithValidRequestToken
‪canCreateNewAndExistingSessionWithValidRequestToken()
Definition: FrontendUserAuthenticationTest.php:65
‪TYPO3\CMS\Core\Http\NormalizedParams
Definition: NormalizedParams.php:38