Authentication in functional tests in Symfony 2.1

Question

I am currently in the process of migrating a 2.0.* project to the current 2.1 beta of Symfony.

In my functional tests i currently have this code to create a client with authentication:

$client = // create a normal test client
$role = 'ROLE_USER';
$firewallName = 'main';
$user = // pull a user from db

$client->getCookieJar()->set(new \Symfony\Component\BrowserKit\Cookie(session_name(), true));

$token = new UsernamePasswordToken($user, null, $firewallName, array($role));

self::$kernel->getContainer()->get('session')->set('_security_' . $firewallName, 
serialize($token));

this works as expected in 2.0.* but not in 2.1, the data does not get set in the session.

Any ideas?

Edit (adding more info):

it seems that the problem lies in the file "Symfony\Component\Security\Http\Firewall\ContextListener" in the method "onKernelResponse". There is this code:

if ((null === $token = $this->context->getToken()) || ($token instanceof AnonymousToken)) {
    $session->remove('_security_'.$this->contextKey);
} else {
    $session->set('_security_'.$this->contextKey, serialize($token));
}

in my case the if "$token instanceof AnonymousToken" is true, and because of that the session key gets removed. if i comment out that code everything works as expected.

So i guess my new question is: What can i do to make the token not anonymous?

Answer 1

Proper way to authenticate user is:

$firewallName = 'your-firewall-name';
$container = self::$kernel->getContainer()
$token = new UsernamePasswordToken($user, null, $firewallName, $user->getRoles());
$container->get('security.context')->setToken($token);

and firewall authentication:

$session = $container->get('session');
$session->set('_security_'.$firewallName, serialize($token));
$session->save();

Answer 2

I've logged a ticket on: https://github.com/symfony/symfony/issues/3287

There appears to be an existing issue with Symfony 2.1 RC.

Answer 3

In my testsuite (working on 2.0 and now 2.1) I use a Base class WebTestCase that extends the Symfony2 WebTestCase class.

I have these two functions that create an anonymous client or a logged one in my tests:

static protected function createClient(array $options = array(), array $server = array())
{
    $client = parent::createClient($options, $server);

    self::$container = self::$kernel->getContainer();

    return $client;
}

protected function createAuthClient($user, $pass)
{
    return self::createClient(array(), array(
        'PHP_AUTH_USER' => $user,
        'PHP_AUTH_PW'   => $pass,
    ));
}

Then, in my Test classes, I use:

    $client = static::createClient();

to create an anon client and

    $client = static::createAuthClient('user','pass');

to create an authenticated one.

This works like a charm on 2.1