I am upgrading my Symfony 2.8 app to 3.4 and I am hitting some issues with an existing PHPUnit test.
This is my security.yml:
security:
firewalls:
default:
simple_preauth:
provider: fos_userbundle
authenticator: appbundle.admin.tokenauthenticator
I have recently upgraded the friendsofsymfony/user-bundle to v2.1.2 as part of this Symfony 3.4 upgrade.
config_test.yml (for PHPUnit):
security:
providers:
appbundle.security.api.key_user_provider:
apiusers:
users:
server:
apikey: testUserValidRole
roles:
- 'ROLE_API_USER'
I have also upgrade PHP to 7.2 and PHPUnit to 7.4.3.
In my test I have this:
$crawler = $client->request('POST', '/api/sso', [
'apikey' => 'testUserValidRole',
'site' => $site->getId(),
]);
$this->assertEquals(
\Symfony\Component\HttpFoundation\Response::HTTP_OK,
$client->getResponse()->getStatusCode()
);
$response = json_decode($client->getResponse()->getContent());
$this->assertTrue(isset($response->target));
$security = $client->getProfile()->getCollector('security');
// The user should only be authenticated anonymously.
$this->assertTrue($security->isAuthenticated());
$this->assertEquals(
'Symfony\Component\Security\Core\Authentication\Token\AnonymousToken',
$security->getTokenClass()
);
// Check that we can login with a valid loginToken.
// Note: A successful login will redirect and remove the loginToken.
$client->enableProfiler();
$crawler = $client->request('GET', $response->target);
// The user should be authenticated correctly.
$security = $client->getProfile()->getCollector('security');
$this->assertTrue($security->isAuthenticated());
$this->assertEquals(
'Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken',
$security->getTokenClass()
);
The last assertion on the PreAuthenticatedToken fails and PHPUnit spits out an error of:
Failed asserting that Symfony\Component\VarDumper\Cloner\Data Object &00000000299a8bd300000000690a732b matches expected 'Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken'.
The full output is here: https://gist.github.com/crmpicco/a927716570a4949caafec4ca1361bf63
I can't see anything around the security section in the Symfony upgrade notes that would point to what is causing this error and I must admit i'm a bit stumped with this one now. Do I have some misconfiguration?
I don't know exactly the reason, but it seems that SecurityDataCollector::getTokenClass() returns a string only when Symfony\Component\VarDumper\Caster\ClassStub class doesn't exist (ie. VarDumper is not loaded/installed) as you can see here.
Therefore you should call $security->getTokenClass()->getValue() to get string value or better cast it to string to avoid errors when getTokenClass() returns already a string:
$this->assertEquals(
'Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken',
(string) $security->getTokenClass()
);