We have a JSON API (not exactly RESTful) where we authenticate our users by two request parameters - login and password. For unrelated reasons we need no sessions nor API tokens, just login with each API call.
Already implemented Firewall listener and Authentication provider to authenticate the right way and now I want to test it to assure it.
I stumbled upon writing my functional test for my authentication. To put it simple, i want to do request like this
$client->request('POST', self::TEST_METHOD, array(
'login' => 'test_user',
'password' => 'aaa123'
));
And then test my response like this
self::assertNotEquals(
Response::HTTP_FORBIDDEN,
$response->getStatusCode(),
'Returns http code Forbidden (403) on successfull login'
);
But for some reason I always get 403-Forbidden. After some trying it seems like my own custom Firewall listener is not registered.
I register my Firewall listener by Firewall Listener Factory in my AppBundle::build() method
public function build(ContainerBuilder $container)
{
parent::build($container);
$extension = $container->getExtension('security');
$extension->addSecurityListenerFactory(new ApiOperatorFactory());
}
I am nearly sure I am not understanding something. I tried to search for solutions all over the Internet but found nothing. As if I am asking wrong question. Can somebody help me please? I can provide any other source code, but I think problem might be elsewhere.
My authentication works perfectly by its own, so there should not be problem in authentication itself. Just cant test it...
Aucun commentaire:
Enregistrer un commentaire