| public injectSettings ( array $settings ) : void | ||
| $settings | array | |
| return | void | |
public function injectSettings(array $settings)
{
if (isset($settings['security']['authentication']['authenticationStrategy'])) {
$authenticationStrategyName = $settings['security']['authentication']['authenticationStrategy'];
switch ($authenticationStrategyName) {
case 'allTokens':
$this->authenticationStrategy = self::AUTHENTICATE_ALL_TOKENS;
break;
case 'oneToken':
$this->authenticationStrategy = self::AUTHENTICATE_ONE_TOKEN;
break;
case 'atLeastOneToken':
$this->authenticationStrategy = self::AUTHENTICATE_AT_LEAST_ONE_TOKEN;
break;
case 'anyToken':
$this->authenticationStrategy = self::AUTHENTICATE_ANY_TOKEN;
break;
default:
throw new Exception('Invalid setting "' . $authenticationStrategyName . '" for security.authentication.authenticationStrategy', 1291043022);
}
}
if (isset($settings['security']['csrf']['csrfStrategy'])) {
$csrfStrategyName = $settings['security']['csrf']['csrfStrategy'];
switch ($csrfStrategyName) {
case 'onePerRequest':
$this->csrfProtectionStrategy = self::CSRF_ONE_PER_REQUEST;
break;
case 'onePerSession':
$this->csrfProtectionStrategy = self::CSRF_ONE_PER_SESSION;
break;
case 'onePerUri':
$this->csrfProtectionStrategy = self::CSRF_ONE_PER_URI;
break;
default:
throw new Exception('Invalid setting "' . $csrfStrategyName . '" for security.csrf.csrfStrategy', 1291043024);
}
}
} /**
* @param array $patterns
* @param bool $expectedActive
* @test
* @dataProvider separateActiveAndInactiveTokensDataProvider
*/
public function separateActiveAndInactiveTokensTests(array $patterns, $expectedActive)
{
$mockRequestPatterns = [];
foreach ($patterns as $pattern) {
$mockRequestPattern = $this->getMockBuilder(RequestPatternInterface::class)->setMockClassName('RequestPattern_' . $pattern['type'])->getMock();
$mockRequestPattern->expects($this->any())->method('matchRequest')->with($this->mockActionRequest)->will($this->returnValue($pattern['matchesRequest']));
$mockRequestPatterns[] = $mockRequestPattern;
}
$mockToken = $this->createMock(TokenInterface::class);
$mockToken->expects($this->once())->method('hasRequestPatterns')->will($this->returnValue($mockRequestPatterns !== []));
$mockToken->expects($this->any())->method('getRequestPatterns')->will($this->returnValue($mockRequestPatterns));
/** @var AuthenticationManagerInterface|\PHPUnit_Framework_MockObject_MockObject $mockAuthenticationManager */
$mockAuthenticationManager = $this->createMock(AuthenticationManagerInterface::class);
$mockAuthenticationManager->expects($this->once())->method('getTokens')->will($this->returnValue([$mockToken]));
$this->securityContext = $this->getAccessibleMock(Context::class, ['dummy']);
$settings = [];
$settings['security']['authentication']['authenticationStrategy'] = 'allTokens';
$this->securityContext->injectSettings($settings);
$this->securityContext->injectAuthenticationManager($mockAuthenticationManager);
$this->securityContext->setRequest($this->mockActionRequest);
$this->securityContext->initialize();
if ($expectedActive) {
$this->assertContains($mockToken, $this->securityContext->_get('activeTokens'));
} else {
$this->assertContains($mockToken, $this->securityContext->_get('inactiveTokens'));
}
}
