symfonytestingphp-7symfony-3.1

symfony test - authenticated doesnt work on new request

Good morning.

Tldr: I think that, I need for Symfony Test Client something similiar to js xhr settings: withcredentals:true.

Symfony 3.1. I have action in rest api controller:

    /**
     * @Rest\GET("/get-stuff")
     * @Rest\View
     * @Security("is_granted('IS_AUTHENTICATED_FULLY')")
     */
    public function GetStuffAction($userId)
    {
        // get userId from session
        $userId = $this->getUser()->getId();
        $em = $this->getDoctrine()->getManager();
        $Stuff = $em->getRepository('MyApiBundle:Stuff')->findBy(['user' => $userId]);
        return $this->viewGroup($Stuff, ['stuff']);
    }

And it does work correct.

Now I want Test, so I have :

    class TestCase extends WebTestCase
    {
         public function testIndex()
         {
            $this->client = self::createClient();
            $this->storage = new MockFileSessionStorage(__dir__.'/../../../../app/cache/test/sessions');
            $this->session = new Session($this->storage);
            $this->logIn($this->getUser(), new Response());
            $this->client->request('GET', '/get-stuff');
            $content = $this->client->getResponse()->getContent();
            $this->assertEquals({"message":"Full authentication is required to access this resource.","code":0},$content);
    }

        public function logIn(User $user, Response $response) 
        {
             $this->session->start();
             $this->cookie = new Cookie('MOCKSESSID', $this->storage->getId());
             $this->cookieJar = new CookieJar();
             $this->cookieJar->set($this->cookie);
             $this->token = new UsernamePasswordToken($user, 'user', 'main', $user->getRoles());
             $this->session->set('_security_main', serialize($this->token));


             $this->getSecurityManager()->loginUser(
                 $this->container->getParameter('fos_user.firewall_name'),
                 $user,
                 $response
             );

             $this->session->save();
         }
    }

And test for it gives me message: "Full authentication is required to access this resource". After method logIn() I can read session data which are connected with logged user. How can I make to be logged during this part to not receive message about authentication?: 

$this->client->request('GET', '/get-stuff');
        $content = $this->client->getResponse()->getContent();

More details: 1. My test class extends WebTestCase. 2. My user is overwritten for FosUserBundle.

I suppose that is something like in javascript: var xhr = new XMLHttpRequest(); xhr.withCredentials = true; but I don't know what.

Thank you in advance for helping solve my problem!

Solution

  • Ok, I was good way to do this:

    public function logIn(User $user) {
    $session = $this->session;

    $firewallContext = 'secured_area';

    $token = new UsernamePasswordToken($user, 'user', 'main', $user->getRoles());
    $session->set('_security_'.$firewallContext, serialize($token));
    $session->save();

    $cookie = new Cookie($session->getName(), $session->getId());
    $this->client->getCookieJar()->set($cookie);
}