Skip to content

Commit da79990

Browse files
ndm2markstory
authored andcommitted
Show URL base in login URL mismatch error message. (#330)
With the base missing, error messages like `http:://localhost/users/login did not match /users/login` would be produced, which cloaks the actual issue of the missing base in the configured login URL.
1 parent 6da4053 commit da79990

File tree

2 files changed

+73
-1
lines changed

2 files changed

+73
-1
lines changed

src/Authenticator/FormAuthenticator.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,10 +81,16 @@ protected function _getData(ServerRequestInterface $request)
8181
*/
8282
protected function _buildLoginUrlErrorResult($request)
8383
{
84+
$uri = $request->getUri();
85+
$base = $request->getAttribute('base');
86+
if ($base !== null) {
87+
$uri = $uri->withPath((string)$base . $uri->getPath());
88+
}
89+
8490
$errors = [
8591
sprintf(
8692
'Login URL `%s` did not match `%s`.',
87-
(string)$request->getUri(),
93+
(string)$uri,
8894
implode('` or `', (array)$this->getConfig('loginUrl'))
8995
),
9096
];

tests/TestCase/Authenticator/FormAuthenticatorTest.php

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -175,6 +175,39 @@ public function testMultipleLoginUrlMismatch()
175175
$this->assertEquals([0 => 'Login URL `http://localhost/users/does-not-match` did not match `/en/users/login` or `/de/users/login`.'], $result->getErrors());
176176
}
177177

178+
/**
179+
* testLoginUrlMismatchWithBase
180+
*
181+
* @return void
182+
*/
183+
public function testLoginUrlMismatchWithBase()
184+
{
185+
$identifiers = new IdentifierCollection([
186+
'Authentication.Password',
187+
]);
188+
189+
$request = ServerRequestFactory::fromGlobals(
190+
['REQUEST_URI' => '/users/login'],
191+
[],
192+
['username' => 'mariano', 'password' => 'password']
193+
);
194+
$uri = $request->getUri();
195+
$uri->base = '/base';
196+
$request = $request->withUri($uri);
197+
$request = $request->withAttribute('base', $uri->base);
198+
$response = new Response();
199+
200+
$form = new FormAuthenticator($identifiers, [
201+
'loginUrl' => '/users/login',
202+
]);
203+
204+
$result = $form->authenticate($request, $response);
205+
206+
$this->assertInstanceOf(Result::class, $result);
207+
$this->assertEquals(Result::FAILURE_OTHER, $result->getStatus());
208+
$this->assertEquals([0 => 'Login URL `http://localhost/base/users/login` did not match `/users/login`.'], $result->getErrors());
209+
}
210+
178211
/**
179212
* testSingleLoginUrlSuccess
180213
*
@@ -236,6 +269,39 @@ public function testMultipleLoginUrlSuccess()
236269
$this->assertEquals([], $result->getErrors());
237270
}
238271

272+
/**
273+
* testLoginUrlSuccessWithBase
274+
*
275+
* @return void
276+
*/
277+
public function testLoginUrlSuccessWithBase()
278+
{
279+
$identifiers = new IdentifierCollection([
280+
'Authentication.Password',
281+
]);
282+
283+
$request = ServerRequestFactory::fromGlobals(
284+
['REQUEST_URI' => '/users/login'],
285+
[],
286+
['username' => 'mariano', 'password' => 'password']
287+
);
288+
$uri = $request->getUri();
289+
$uri->base = '/base';
290+
$request = $request->withUri($uri);
291+
$request = $request->withAttribute('base', $uri->base);
292+
$response = new Response();
293+
294+
$form = new FormAuthenticator($identifiers, [
295+
'loginUrl' => '/base/users/login',
296+
]);
297+
298+
$result = $form->authenticate($request, $response);
299+
300+
$this->assertInstanceOf(Result::class, $result);
301+
$this->assertEquals(Result::SUCCESS, $result->getStatus());
302+
$this->assertEquals([], $result->getErrors());
303+
}
304+
239305
/**
240306
* testRegexLoginUrlSuccess
241307
*

0 commit comments

Comments
 (0)