Neos\Flow\Tests\Unit\Security\ContextTest::getCsrfProtectionTokenReturnsANewTokenIfTheCsrfStrategyIsOnePerUri PHP Method

ContextTest Class Documentation Show file Open project: neos/flow-development-collection

getCsrfProtectionTokenReturnsANewTokenIfTheCsrfStrategyIsOnePerUri() public method

public getCsrfProtectionTokenReturnsANewTokenIfTheCsrfStrategyIsOnePerUri ( ) 
    public function getCsrfProtectionTokenReturnsANewTokenIfTheCsrfStrategyIsOnePerUri()
    {
        $mockAuthenticationManager = $this->createMock(AuthenticationManagerInterface::class);
        $existingTokens = ['token1' => true, 'token2' => true];
        /** @var Context $securityContext */
        $securityContext = $this->getAccessibleMock(Context::class, ['getAuthenticationTokens']);
        $securityContext->setRequest($this->mockActionRequest);
        $securityContext->_set('authenticationManager', $mockAuthenticationManager);
        $securityContext->_set('csrfTokens', $existingTokens);
        $securityContext->_set('csrfStrategy', Context::CSRF_ONE_PER_URI);
        $this->assertFalse(array_key_exists($securityContext->getCsrfProtectionToken(), $existingTokens));
    }
ContextTest
authenticationStrategies
authenticationStrategyIsSetCorrectlyFromConfiguration
authorizationChecksAreEnabledByDefault
csrfProtectionStrategies
csrfProtectionStrategyIsSetCorrectlyFromConfiguration
currentRequestIsSetInTheSecurityContext
getAccountByAuthenticationProviderNameReturnsNullIfNoAccountFound
getAccountByAuthenticationProviderNameReturnsTheAuthenticatedAccountWithGivenProviderName
getAccountReturnsTheAccountAttachedToTheFirstAuthenticatedToken
getContextHashInitializesSecurityContext
getContextHashReturnsAHashOverAllAuthenticatedRoles
getContextHashReturnsStaticStringIfAuthorizationChecksAreDisabled
getContextHashReturnsStaticStringIfSecurityContextCantBeInitialized
getCsrfProtectionTokenReturnsANewTokenIfNoneIsPresentInTheContext
getCsrfProtectionTokenReturnsANewTokenIfTheCsrfStrategyIsOnePerUri
getRolesReturnsTheAnonymousRoleIfNoTokenIsAuthenticated
getRolesReturnsTheAuthenticatedUserRoleIfATokenIsAuthenticated
getRolesReturnsTheCorrectRoles
getRolesReturnsTheEverybodyRoleEvenIfNoTokenIsAuthenticated
getRolesTakesInheritanceOfRolesIntoAccount
hasRoleReturnsFalseForAnonymousRoleIfAuthenticated
hasRoleReturnsTrueForAnonymousRoleIfNotAuthenticated
hasRoleReturnsTrueForEverybodyRole
hasRoleWorks
hasRoleWorksWithRecursiveRoles
initializeCallsUpdateCredentialsOnAllActiveTokens
initializeSeparatesActiveAndInactiveTokens
initializeUpdatesAndSeparatesActiveAndInactiveTokensCorrectly
injectAuthenticationManagerSetsAReferenceToTheSecurityContextInTheAuthenticationManager
invalidAuthenticationStrategyFromConfigurationThrowsException
invalidCsrfProtectionStrategyFromConfigurationThrowsException
isCsrfProtectionTokenValidChecksIfTheGivenTokenIsExistingInTheContext
isCsrfProtectionTokenValidChecksIfTheGivenTokenIsExistingInTheContextAndUnsetsItIfTheCsrfStrategyIsOnePerUri
securityContextCallsTheAuthenticationManagerToSetItsTokens
securityContextIsNotInitializedAgainIfItHasBeenInitializedAlready
securityContextIsSetToInitialized
separateActiveAndInactiveTokensDataProvider
separateActiveAndInactiveTokensTests
setUp
tokenFromAnAuthenticationManagerIsReplacedIfThereIsOneOfTheSameTypeInTheSession
withoutAuthorizationChecksDisabledAuthorizationChecks
withoutAuthorizationChecksReactivatesAuthorizationCheckCorrectlyWhenCalledNested
withoutAuthorizationChecksReactivatesAuthorizationChecksAfterClosureInvocation
withoutAuthorizationChecksReactivatesAuthorizationChecksAfterClosureInvocationIfClosureThrowsException