How to Simulate Authentication with a Token in a Functional Test
Edit this pageWarning: You are browsing the documentation for Symfony 2.3, which is no longer maintained.
Read the updated version of this page for Symfony 6.1 (the current stable version).
How to Simulate Authentication with a Token in a Functional Test
Authenticating requests in functional tests might slow down the suite.
It could become an issue especially when form_login is used, since
it requires additional requests to fill in and submit the form.
One of the solutions is to configure your firewall to use http_basic in
the test environment as explained in
How to Simulate HTTP Authentication in a Functional Test.
Another way would be to create a token yourself and store it in a session.
While doing this, you have to make sure that an appropriate cookie is sent
with a request. The following example demonstrates this technique:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
// src/AppBundle/Tests/Controller/DefaultControllerTest.php
namespace Appbundle\Tests\Controller;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
use Symfony\Component\BrowserKit\Cookie;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
class DefaultControllerTest extends WebTestCase
{
private $client = null;
public function setUp()
{
$this->client = static::createClient();
}
public function testSecuredHello()
{
$this->logIn();
$crawler = $this->client->request('GET', '/admin');
$this->assertTrue($this->client->getResponse()->isSuccessful());
$this->assertGreaterThan(0, $crawler->filter('html:contains("Admin Dashboard")')->count());
}
private function logIn()
{
$session = $this->client->getContainer()->get('session');
$firewall = 'secured_area';
$token = new UsernamePasswordToken('admin', null, $firewall, array('ROLE_ADMIN'));
$session->set('_security_'.$firewall, serialize($token));
$session->save();
$cookie = new Cookie($session->getName(), $session->getId());
$this->client->getCookieJar()->set($cookie);
}
}Note
The technique described in How to Simulate HTTP Authentication in a Functional Test is cleaner and therefore the preferred way.
