From a36c1ac1e9f113334ff8703a64725f09fad6e9a3 Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Tue, 19 Mar 2024 15:34:57 +0100 Subject: [PATCH 1/8] Add Symfony's security bundle for functional testing --- composer.json | 3 +- composer.lock | 500 +++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 501 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 3e5e275..cf46ea0 100755 --- a/composer.json +++ b/composer.json @@ -34,7 +34,8 @@ "phpunit/phpunit": "^9.3", "symfony/browser-kit": "^4.4 || ^5.0 || ^6.0", "symfony/phpunit-bridge": "^4.4 || ^5.0 || ^6.0", - "symfony/process": "^4.4 || ^5.0 || ^6.0" + "symfony/process": "^4.4 || ^5.0 || ^6.0", + "symfony/security-bundle": "^4.4 || ^5.0 || ^6.0" }, "autoload": { "psr-4": { diff --git a/composer.lock b/composer.lock index dd8c865..c240fbb 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "a18c49e165205a483830d07fb55eb6f9", + "content-hash": "31ae82d11329b7379f8afa697e7eefec", "packages": [ { "name": "justinrainbow/json-schema", @@ -5478,6 +5478,80 @@ ], "time": "2023-02-14T08:03:56+00:00" }, + { + "name": "symfony/password-hasher", + "version": "v5.4.36", + "source": { + "type": "git", + "url": "https://github.com/symfony/password-hasher.git", + "reference": "a0c08f9045230ef73d25617b2c0e0b56d8feb0a2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/password-hasher/zipball/a0c08f9045230ef73d25617b2c0e0b56d8feb0a2", + "reference": "a0c08f9045230ef73d25617b2c0e0b56d8feb0a2", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1|^3", + "symfony/polyfill-php80": "^1.15" + }, + "conflict": { + "symfony/security-core": "<5.3" + }, + "require-dev": { + "symfony/console": "^5.3|^6.0", + "symfony/security-core": "^5.3|^6.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\PasswordHasher\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Robin Chalas", + "email": "robin.chalas@gmail.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides password hashing utilities", + "homepage": "https://symfony.com", + "keywords": [ + "hashing", + "password" + ], + "support": { + "source": "https://github.com/symfony/password-hasher/tree/v5.4.36" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-02-10T16:59:05+00:00" + }, { "name": "symfony/phpunit-bridge", "version": "v6.4.4", @@ -5621,6 +5695,430 @@ ], "time": "2024-02-12T15:49:53+00:00" }, + { + "name": "symfony/security-bundle", + "version": "v5.4.37", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-bundle.git", + "reference": "6773ef12fe2671a42f111e31f2c18af18e79c55c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-bundle/zipball/6773ef12fe2671a42f111e31f2c18af18e79c55c", + "reference": "6773ef12fe2671a42f111e31f2c18af18e79c55c", + "shasum": "" + }, + "require": { + "ext-xml": "*", + "php": ">=7.2.5", + "symfony/config": "^4.4|^5.0|^6.0", + "symfony/dependency-injection": "^5.3|^6.0", + "symfony/deprecation-contracts": "^2.1|^3", + "symfony/event-dispatcher": "^5.1|^6.0", + "symfony/http-foundation": "^5.3|^6.0", + "symfony/http-kernel": "^5.3|^6.0", + "symfony/password-hasher": "^5.3|^6.0", + "symfony/polyfill-php80": "^1.16", + "symfony/security-core": "^5.4|^6.0", + "symfony/security-csrf": "^4.4|^5.0|^6.0", + "symfony/security-guard": "^5.3", + "symfony/security-http": "^5.4.30|^6.3.6", + "symfony/service-contracts": "^1.10|^2|^3" + }, + "conflict": { + "symfony/browser-kit": "<4.4", + "symfony/console": "<4.4", + "symfony/framework-bundle": "<4.4", + "symfony/ldap": "<5.1", + "symfony/twig-bundle": "<4.4" + }, + "require-dev": { + "doctrine/annotations": "^1.10.4|^2", + "symfony/asset": "^4.4|^5.0|^6.0", + "symfony/browser-kit": "^4.4|^5.0|^6.0", + "symfony/console": "^4.4|^5.0|^6.0", + "symfony/css-selector": "^4.4|^5.0|^6.0", + "symfony/dom-crawler": "^4.4|^5.0|^6.0", + "symfony/expression-language": "^4.4|^5.0|^6.0", + "symfony/form": "^4.4|^5.0|^6.0", + "symfony/framework-bundle": "^5.3|^6.0", + "symfony/ldap": "^5.3|^6.0", + "symfony/process": "^4.4|^5.0|^6.0", + "symfony/rate-limiter": "^5.2|^6.0", + "symfony/serializer": "^4.4|^5.0|^6.0", + "symfony/translation": "^4.4|^5.0|^6.0", + "symfony/twig-bridge": "^4.4|^5.0|^6.0", + "symfony/twig-bundle": "^4.4|^5.0|^6.0", + "symfony/validator": "^4.4|^5.0|^6.0", + "symfony/yaml": "^4.4|^5.0|^6.0", + "twig/twig": "^2.13|^3.0.4" + }, + "type": "symfony-bundle", + "autoload": { + "psr-4": { + "Symfony\\Bundle\\SecurityBundle\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Provides a tight integration of the Security component into the Symfony full-stack framework", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-bundle/tree/v5.4.37" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-03-01T19:35:15+00:00" + }, + { + "name": "symfony/security-core", + "version": "v5.4.35", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-core.git", + "reference": "3cbacefb2a350ed39950f93c8a054c2eb625fb69" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-core/zipball/3cbacefb2a350ed39950f93c8a054c2eb625fb69", + "reference": "3cbacefb2a350ed39950f93c8a054c2eb625fb69", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1|^3", + "symfony/event-dispatcher-contracts": "^1.1|^2|^3", + "symfony/password-hasher": "^5.3|^6.0", + "symfony/polyfill-php80": "^1.16", + "symfony/service-contracts": "^1.1.6|^2|^3" + }, + "conflict": { + "symfony/event-dispatcher": "<4.4", + "symfony/http-foundation": "<5.3", + "symfony/ldap": "<4.4", + "symfony/security-guard": "<4.4", + "symfony/translation": "<5.4.35|>=6.0,<6.3.12|>=6.4,<6.4.3", + "symfony/validator": "<5.2" + }, + "require-dev": { + "psr/cache": "^1.0|^2.0|^3.0", + "psr/container": "^1.0|^2.0", + "psr/log": "^1|^2|^3", + "symfony/cache": "^4.4|^5.0|^6.0", + "symfony/event-dispatcher": "^4.4|^5.0|^6.0", + "symfony/expression-language": "^4.4|^5.0|^6.0", + "symfony/http-foundation": "^5.3|^6.0", + "symfony/ldap": "^4.4|^5.0|^6.0", + "symfony/translation": "^5.4.35|~6.3.12|^6.4.3", + "symfony/validator": "^5.2|^6.0" + }, + "suggest": { + "psr/container-implementation": "To instantiate the Security class", + "symfony/event-dispatcher": "", + "symfony/expression-language": "For using the expression voter", + "symfony/http-foundation": "", + "symfony/ldap": "For using LDAP integration", + "symfony/validator": "For using the user password constraint" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Core\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - Core Library", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-core/tree/v5.4.35" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-01-23T13:51:25+00:00" + }, + { + "name": "symfony/security-csrf", + "version": "v5.4.35", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-csrf.git", + "reference": "6728ed79d7f9aae3b86fca7ea554f1c46bae1e0b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-csrf/zipball/6728ed79d7f9aae3b86fca7ea554f1c46bae1e0b", + "reference": "6728ed79d7f9aae3b86fca7ea554f1c46bae1e0b", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1|^3", + "symfony/polyfill-php80": "^1.16", + "symfony/security-core": "^4.4|^5.0|^6.0" + }, + "conflict": { + "symfony/http-foundation": "<5.3" + }, + "require-dev": { + "symfony/http-foundation": "^5.3|^6.0" + }, + "suggest": { + "symfony/http-foundation": "For using the class SessionTokenStorage." + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Csrf\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - CSRF Library", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-csrf/tree/v5.4.35" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-01-23T13:51:25+00:00" + }, + { + "name": "symfony/security-guard", + "version": "v5.4.35", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-guard.git", + "reference": "b6fb8c88f7cd544db761de2d1c3618cbc5c1b9e7" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-guard/zipball/b6fb8c88f7cd544db761de2d1c3618cbc5c1b9e7", + "reference": "b6fb8c88f7cd544db761de2d1c3618cbc5c1b9e7", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1|^3", + "symfony/polyfill-php80": "^1.15", + "symfony/security-core": "^5.0", + "symfony/security-http": "^5.3" + }, + "require-dev": { + "psr/log": "^1|^2|^3" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Guard\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - Guard", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-guard/tree/v5.4.35" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-01-23T13:51:25+00:00" + }, + { + "name": "symfony/security-http", + "version": "v5.4.36", + "source": { + "type": "git", + "url": "https://github.com/symfony/security-http.git", + "reference": "87ee1ea2b86740fc6a0104f165bebbe0b08b66ba" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/security-http/zipball/87ee1ea2b86740fc6a0104f165bebbe0b08b66ba", + "reference": "87ee1ea2b86740fc6a0104f165bebbe0b08b66ba", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1|^3", + "symfony/http-foundation": "^5.3|^6.0", + "symfony/http-kernel": "^5.3|^6.0", + "symfony/polyfill-mbstring": "~1.0", + "symfony/polyfill-php80": "^1.16", + "symfony/property-access": "^4.4|^5.0|^6.0", + "symfony/security-core": "^5.4.19|~6.0.19|~6.1.11|^6.2.5", + "symfony/service-contracts": "^1.10|^2|^3" + }, + "conflict": { + "symfony/event-dispatcher": "<4.3", + "symfony/security-bundle": "<5.3", + "symfony/security-csrf": "<4.4" + }, + "require-dev": { + "psr/log": "^1|^2|^3", + "symfony/cache": "^4.4|^5.0|^6.0", + "symfony/rate-limiter": "^5.2|^6.0", + "symfony/routing": "^4.4|^5.0|^6.0", + "symfony/security-csrf": "^4.4|^5.0|^6.0", + "symfony/translation": "^4.4|^5.0|^6.0" + }, + "suggest": { + "symfony/routing": "For using the HttpUtils class to create sub-requests, redirect the user, and match URLs", + "symfony/security-csrf": "For using tokens to protect authentication/logout attempts" + }, + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Security\\Http\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Security Component - HTTP Integration", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/security-http/tree/v5.4.36" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2024-02-23T16:13:23+00:00" + }, { "name": "symfony/stopwatch", "version": "v5.4.35", From 7fa65e38c1c6db6f20942529735dda0ce2837780 Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Wed, 20 Mar 2024 15:04:06 +0100 Subject: [PATCH 2/8] Activate security bundle in functional testing --- tests/Functional/App/Kernel.php | 2 ++ tests/Functional/App/config.yaml | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/tests/Functional/App/Kernel.php b/tests/Functional/App/Kernel.php index 6c8ee68..d62272a 100644 --- a/tests/Functional/App/Kernel.php +++ b/tests/Functional/App/Kernel.php @@ -16,6 +16,7 @@ use Nijens\OpenapiBundle\NijensOpenapiBundle; use Symfony\Bundle\FrameworkBundle\FrameworkBundle; use Symfony\Bundle\FrameworkBundle\Kernel\MicroKernelTrait; +use Symfony\Bundle\SecurityBundle\SecurityBundle; use Symfony\Component\Config\Loader\LoaderInterface; use Symfony\Component\DependencyInjection\ContainerBuilder; use Symfony\Component\HttpKernel\Kernel as BaseKernel; @@ -65,6 +66,7 @@ public function registerBundles(): iterable { return [ new FrameworkBundle(), + new SecurityBundle(), new NijensOpenapiBundle(), ]; } diff --git a/tests/Functional/App/config.yaml b/tests/Functional/App/config.yaml index 6cc3945..3a2a443 100644 --- a/tests/Functional/App/config.yaml +++ b/tests/Functional/App/config.yaml @@ -25,6 +25,25 @@ framework: php_errors: log: true +security: + enable_authenticator_manager: true + + providers: + users_in_memory: { memory: null } + + firewalls: + main: + lazy: true + stateless: true + provider: users_in_memory + json_login: + check_path: "/api/authenticate" + username_path: email + password_path: password + + access_control: + - { path: '^/api/authenticated/pets', roles: ROLE_USER } + services: logger: class: Symfony\Component\HttpKernel\Log\Logger From e6181738db745e00a5a85f0b95e767565f187253 Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Wed, 20 Mar 2024 15:31:37 +0100 Subject: [PATCH 3/8] Add functional test for testing the priority between the JSON request body validation and application firewall --- tests/Functional/App/openapi.yaml | 34 +++++++++++++++++++ .../JsonRequestBodyValidationTest.php | 27 +++++++++++++++ 2 files changed, 61 insertions(+) diff --git a/tests/Functional/App/openapi.yaml b/tests/Functional/App/openapi.yaml index 968c508..a756ba3 100644 --- a/tests/Functional/App/openapi.yaml +++ b/tests/Functional/App/openapi.yaml @@ -149,6 +149,34 @@ paths: type: integer format: int64 + /authenticated/pets: + post: + x-openapi-bundle: + controller: 'Nijens\OpenapiBundle\Tests\Functional\App\Controller\CreatePetController' + summary: Add a new pet to the store. + operationId: addPetAuthenticated + requestBody: + description: Pet object that needs to be added to the store. + content: + application/json: + schema: + $ref: '#/components/schemas/Pet' + application/xml: + schema: + $ref: '#/components/schemas/Pet' + required: true + responses: + '201': + description: Successfully added a new pet to the store. + '400': + description: Invalid input + '422': + description: Invalid input + security: + - api_key: [] + tags: + - pet + /error/trigger-error: get: x-symfony-controller: 'Nijens\OpenapiBundle\Tests\Functional\App\Controller\ErrorController::triggerError' @@ -272,6 +300,12 @@ components: xml: name: Tag + securitySchemes: + api_key: + type: apiKey + name: api_key + in: header + tags: - name: pet description: Everything about your pets. diff --git a/tests/Functional/Validation/JsonRequestBodyValidationTest.php b/tests/Functional/Validation/JsonRequestBodyValidationTest.php index a50f386..51c1371 100644 --- a/tests/Functional/Validation/JsonRequestBodyValidationTest.php +++ b/tests/Functional/Validation/JsonRequestBodyValidationTest.php @@ -133,4 +133,31 @@ public function testCannotReturnProblemDetailsJsonObjectWithoutRequiredRequestBo $this->client->getResponse()->getContent() ); } + + public function testCannotReturnProblemDetailsJsonObjectWhenNotAuthenticated(): void + { + $this->client->request( + Request::METHOD_POST, + '/api/authenticated/pets', + [], + [], + [ + 'CONTENT_TYPE' => 'application/json', + ], + '{}' + ); + + $expectedJsonResponseBody = [ + 'type' => 'about:blank', + 'title' => 'An error occurred.', + 'status' => 401, + 'detail' => 'Full authentication is required to access this resource.', + ]; + + static::assertResponseStatusCodeSame(Response::HTTP_UNAUTHORIZED); + static::assertJsonStringEqualsJsonString( + json_encode($expectedJsonResponseBody), + $this->client->getResponse()->getContent() + ); + } } From 4014fc3964adee08a4738d2fdf9ca38f46b89fe4 Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Wed, 20 Mar 2024 15:35:16 +0100 Subject: [PATCH 4/8] Lower priority of RequestValidationSubscriber to trigger after the application firewall listener --- src/Validation/EventSubscriber/RequestValidationSubscriber.php | 2 +- .../EventSubscriber/RequestValidationSubscriberTest.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Validation/EventSubscriber/RequestValidationSubscriber.php b/src/Validation/EventSubscriber/RequestValidationSubscriber.php index 301f82e..75a32a3 100644 --- a/src/Validation/EventSubscriber/RequestValidationSubscriber.php +++ b/src/Validation/EventSubscriber/RequestValidationSubscriber.php @@ -37,7 +37,7 @@ public static function getSubscribedEvents(): array { return [ KernelEvents::REQUEST => [ - ['validateRequest', 28], + ['validateRequest', 7], ], ]; } diff --git a/tests/Validation/EventSubscriber/RequestValidationSubscriberTest.php b/tests/Validation/EventSubscriber/RequestValidationSubscriberTest.php index 53ce420..5d75bbc 100644 --- a/tests/Validation/EventSubscriber/RequestValidationSubscriberTest.php +++ b/tests/Validation/EventSubscriber/RequestValidationSubscriberTest.php @@ -54,7 +54,7 @@ public function testCanReturnSubscribedEvents(): void $this->assertSame( [ KernelEvents::REQUEST => [ - ['validateRequest', 28], + ['validateRequest', 7], ], ], $subscribedEvents From c879703331bd3b30eac5e5cd7aaaca15f6eaebf8 Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Wed, 20 Mar 2024 15:51:10 +0100 Subject: [PATCH 5/8] Limit firewall to improve testing compatibility between Symfony versions --- tests/Functional/App/config.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/Functional/App/config.yaml b/tests/Functional/App/config.yaml index 3a2a443..10bd353 100644 --- a/tests/Functional/App/config.yaml +++ b/tests/Functional/App/config.yaml @@ -33,11 +33,12 @@ security: firewalls: main: + pattern: '^/api/authenticated' lazy: true stateless: true provider: users_in_memory json_login: - check_path: "/api/authenticate" + check_path: "/api/authenticated" username_path: email password_path: password From c1600b31280b898464c3af84552be3087e79cbf8 Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Wed, 20 Mar 2024 15:51:56 +0100 Subject: [PATCH 6/8] Remove error response assertion due to imcompatibility between Symfony versions --- .../Validation/JsonRequestBodyValidationTest.php | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/tests/Functional/Validation/JsonRequestBodyValidationTest.php b/tests/Functional/Validation/JsonRequestBodyValidationTest.php index 51c1371..2f28053 100644 --- a/tests/Functional/Validation/JsonRequestBodyValidationTest.php +++ b/tests/Functional/Validation/JsonRequestBodyValidationTest.php @@ -147,17 +147,6 @@ public function testCannotReturnProblemDetailsJsonObjectWhenNotAuthenticated(): '{}' ); - $expectedJsonResponseBody = [ - 'type' => 'about:blank', - 'title' => 'An error occurred.', - 'status' => 401, - 'detail' => 'Full authentication is required to access this resource.', - ]; - static::assertResponseStatusCodeSame(Response::HTTP_UNAUTHORIZED); - static::assertJsonStringEqualsJsonString( - json_encode($expectedJsonResponseBody), - $this->client->getResponse()->getContent() - ); } } From aaeba390189dda88966132d56174fd20bbe77c9b Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Wed, 20 Mar 2024 15:55:23 +0100 Subject: [PATCH 7/8] Add disabling incompatible security bundle configuration options for versions lower than 5.3 --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index 5988693..cbad763 100644 --- a/Makefile +++ b/Makefile @@ -24,6 +24,8 @@ endif ifeq ($(filter $(version),5.3 5.4 6.0 6.1 6.2 6.3 6.4),) sed -i -e "s/\(\s\+\)# \(storage_id:\)/\1\2/" tests/Functional/App/config.yaml sed -i -e "s/\(\s\+\)\(storage_factory_id:\)/\1# \2/" tests/Functional/App/config.yaml + sed -i -e "s/\(\s\+\)\(enable_authenticator_manager:\)/\1# \2/" tests/Functional/App/config.yaml + sed -i -e "s/\(\s\+\)\(lazy:\)/\1# \2/" tests/Functional/App/config.yaml endif composer global config --no-plugins allow-plugins.symfony/flex true From de3379ef893378a84404162d55519bef4942d8ca Mon Sep 17 00:00:00 2001 From: Niels Nijens Date: Wed, 20 Mar 2024 16:19:37 +0100 Subject: [PATCH 8/8] Add disabling deprecated security bundle configuration options for versions higher then 6.1 --- Makefile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index cbad763..9db7d5d 100644 --- a/Makefile +++ b/Makefile @@ -17,6 +17,10 @@ ifndef version @exit 1 endif +ifeq ($(filter $(version),5.3 5.4 6.0 6.1),) + sed -i -e "s/\(\s\+\)\(enable_authenticator_manager:\)/\1# \2/" tests/Functional/App/config.yaml +endif + ifeq ($(filter $(version),6.2 6.3 6.4),) sed -i -e "s/\(\s\+\)\(handle_all_throwables:\)/\1# \2/" tests/Functional/App/config.yaml endif @@ -24,7 +28,6 @@ endif ifeq ($(filter $(version),5.3 5.4 6.0 6.1 6.2 6.3 6.4),) sed -i -e "s/\(\s\+\)# \(storage_id:\)/\1\2/" tests/Functional/App/config.yaml sed -i -e "s/\(\s\+\)\(storage_factory_id:\)/\1# \2/" tests/Functional/App/config.yaml - sed -i -e "s/\(\s\+\)\(enable_authenticator_manager:\)/\1# \2/" tests/Functional/App/config.yaml sed -i -e "s/\(\s\+\)\(lazy:\)/\1# \2/" tests/Functional/App/config.yaml endif