Problem/Motivation

The Basic Auth test module contains usages of \Drupal:: static service calls in both controllers and tests. This does not follow Drupal's recommended dependency injection practices and reduces testability and maintainability.

Steps to reproduce

  • Clone or access the Basic Auth module repository.
  • Navigate to the directory containing the test classes.
  • Search for instances of \Drupal:: within these classes.
  • Run the test suite and observe potential warnings or errors related to dependency injection.

Proposed resolution

Refactor the BasicAuthTestController to extend ControllerBase and replace static \Drupal:: service calls with dependency injection and helper methods:

  • Replace \Drupal::state() with $this->state()
  • Replace \Drupal::service('page_cache_kill_switch') with constructor injection using the #[Autowire] attribute
  • Replace \Drupal::config() in tests with $this->config()

These changes align the code with modern Drupal dependency injection practices, improve testability, and remove reliance on static service access.

Remaining tasks

  • Alter the tests.
  • Run the tests to confirm that no regressions or side effects have been introduced.
  • Conduct a code review to ensure the change does not negatively affect test execution.

User interface changes

None

Introduced terminology

None

API changes

None

Data model changes

None

Release notes snippet

None

CommentFileSizeAuthor
#3 interdiff-2699565-2-3.txt902 bytesheykarthikwithu
#3 2699565-3.patch940 bytesheykarthikwithu
#2 basic_auth.patch970 bytesSwetha Yarla

Issue fork drupal-2699565

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

Swetha Yarla created an issue. See original summary.

Swetha Yarla’s picture

Swetha Yarla commented
StatusFileSize
new basic_auth.patch970 bytes

I have replaced \Drupal:: with $this->container->get() in test classes of Basic Auth module.
Here is the attached patch which fixes this issue.

heykarthikwithu’s picture

heykarthikwithu
Primary language English
Location Bengaluru 🌍
commented
StatusFileSize
new 2699565-3.patch940 bytes
new interdiff-2699565-2-3.txt902 bytes

updated with a minor change.

dimaro’s picture

dimaro commented

I'm not found more occurrences of \Drupal:: in this class.
Looks good!

Version: 8.1.x-dev » 8.2.x-dev

Drupal 8.1.9 was released on September 7 and is the final bugfix release for the Drupal 8.1.x series. Drupal 8.1.x will not receive any further development aside from security fixes. Drupal 8.2.0-rc1 is now available and sites should prepare to upgrade to 8.2.0.

Bug reports should be targeted against the 8.2.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.3.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

dimaro’s picture

dimaro commented
Status: Needs review » Reviewed & tested by the community

Please, can anyone check if the latest patch really fix the issue?

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Status: Reviewed & tested by the community » Needs work

@dimaro

Please, can anyone check if the latest patch really fix the issue?

That's kind of what you're supposed to do when you rtbc the issue :)

You've checked one thing in #4. However, the key point here is that there are still discussions on going in #2066993: Use magic methods to sync container property to \Drupal::getContainer in functional tests as to whether this is even desirable!

To be honest I'd rather refocus this issue to do a better test. We should change the site name before doing the drupalGet() and then assert that the realm is the new value. Plus it looks as though a site name I like "quotations" might actually break something since there is no escaping \Drupal\basic_auth\Authentication\Provider\BasicAuth::challengeException(). So perhaps we could just re-scope this issue into something that addresses this.

Version: 8.2.x-dev » 8.3.x-dev

Drupal 8.2.6 was released on February 1, 2017 and is the final full bugfix release for the Drupal 8.2.x series. Drupal 8.2.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.3.0 on April 5, 2017. (Drupal 8.3.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.3.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.4.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.3.x-dev » 8.4.x-dev

Drupal 8.3.6 was released on August 2, 2017 and is the final full bugfix release for the Drupal 8.3.x series. Drupal 8.3.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.4.0 on October 4, 2017. (Drupal 8.4.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.4.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.5.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.4.x-dev » 8.5.x-dev

Drupal 8.4.4 was released on January 3, 2018 and is the final full bugfix release for the Drupal 8.4.x series. Drupal 8.4.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.5.0 on March 7, 2018. (Drupal 8.5.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.5.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.6.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.5.x-dev » 8.6.x-dev

Drupal 8.5.6 was released on August 1, 2018 and is the final bugfix release for the Drupal 8.5.x series. Drupal 8.5.x will not receive any further development aside from security fixes. Sites should prepare to update to 8.6.0 on September 5, 2018. (Drupal 8.6.0-rc1 is available for testing.)

Bug reports should be targeted against the 8.6.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.7.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.6.x-dev » 8.8.x-dev

Drupal 8.6.x will not receive any further development aside from security fixes. Bug reports should be targeted against the 8.8.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.9.x-dev branch. For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 8.8.x-dev » 8.9.x-dev

Drupal 8.8.7 was released on June 3, 2020 and is the final full bugfix release for the Drupal 8.8.x series. Drupal 8.8.x will not receive any further development aside from security fixes. Sites should prepare to update to Drupal 8.9.0 or Drupal 9.0.0 for ongoing support.

Bug reports should be targeted against the 8.9.x-dev branch from now on, and new development or disruptive changes should be targeted against the 9.1.x-dev branch. For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 8.9.x-dev » 9.2.x-dev

Drupal 8 is end-of-life as of November 17, 2021. There will not be further changes made to Drupal 8. Bugfixes are now made to the 9.3.x and higher branches only. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.2.x-dev » 9.3.x-dev

Version: 9.3.x-dev » 9.4.x-dev

Drupal 9.3.15 was released on June 1st, 2022 and is the final full bugfix release for the Drupal 9.3.x series. Drupal 9.3.x will not receive any further development aside from security fixes. Drupal 9 bug reports should be targeted for the 9.4.x-dev branch from now on, and new development or disruptive changes should be targeted for the 9.5.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.4.x-dev » 9.5.x-dev

Drupal 9.4.9 was released on December 7, 2022 and is the final full bugfix release for the Drupal 9.4.x series. Drupal 9.4.x will not receive any further development aside from security fixes. Drupal 9 bug reports should be targeted for the 9.5.x-dev branch from now on, and new development or disruptive changes should be targeted for the 10.1.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.5.x-dev » 11.x-dev

Drupal core is moving towards using a “main” branch. As an interim step, a new 11.x branch has been opened, as Drupal.org infrastructure cannot currently fully support a branch named main. New developments and disruptive changes should now be targeted for the 11.x branch. For more information, see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented
Assigned: Swetha Yarla » Unassigned

alvar0hurtad0 opened merge request !11414

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented
Status: Needs work » Needs review

Hello,
Since a lot of things changed in the tests during the last 8 years I think we can focus on the scope of the issue and create a follow up issue to check if the component follows the recommendations in https://www.drupal.org/project/drupal/issues/2066993

I've created a MR with the requirements in this issue.

smustgrave’s picture

smustgrave commented
Status: Needs review » Needs work
Issue tags: +Needs issue summary update

Thanks for reviving the issue.

For good practice we should have a full summary template be used, explaining why this is needed.

Standard issue template is fine and if sections don't apply you can leave blank or better leave NA

realityloop’s picture

realityloop commented
Issue tags: +Novice

Creating an issue summary is a great Novice task for Contribution workshop at Drupalcon

daniel_mm02’s picture

daniel_mm02 commented
Issue summary: View changes
Issue tags: -Needs issue summary update
daniel_mm02’s picture

daniel_mm02 commented

Hi everyone, I've updated the issue summary with the necessary details regarding the replacement of \Drupal:: with $this->container->get() in our test classes.

sivaji_ganesh_jojodae’s picture

sivaji_ganesh_jojodae commented

Inside core/modules/basic_auth/tests I can still find the usage of \Drupal::. Should we change the following occurances as well?

./modules/basic_auth_test/src/BasicAuthTestController.php:16:    \Drupal::state()->set('basic_auth_test.state.controller_executed', TRUE);
./modules/basic_auth_test/src/BasicAuthTestController.php:25:    \Drupal::service('page_cache_kill_switch')->trigger();
./modules/basic_auth_test/src/BasicAuthTestController.php:28:      '#markup' => \Drupal::state()->get('basic_auth_test.state.controller_executed') ? 'yep' : 'nope',
alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented

Functional tests should use \Drupal KernelTests should not. so the issue title is incorrect. Sure we can inject services correctly into the controller...

dalin’s picture

dalin
he/him
Primary language English
Location 🇨🇦, 🇲🇽, 🌍
commented
Issue summary: View changes
Issue tags: -Novice

I'm at DrupalCon Atlanta2025 and I tried to sit down with a novice, but it turned out to be a bit much. I'm going to remove the Novice tag because this requires first understanding unit tests, dependency injection, and the difference between kernel tests and functional tests. Even though in the end we'll only be changing a few characters.

dalin changed the visibility of the branch 11.x to hidden.

dalin changed the visibility of the branch 2699565-replace-drupal-with to hidden.

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented
Assigned: Unassigned » alvar0hurtad0

Working on it.

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented
Title: Replace \Drupal:: with $this->container->get() in test classes of Basic Auth module » Replace \Drupal:: with $this->container->get() in test classes that allow dependency injection of Basic Auth module
Assigned: alvar0hurtad0 » Unassigned
Status: Needs work » Needs review
smustgrave’s picture

smustgrave commented
Status: Needs review » Needs work

Big auth appears to be failing.
New parameters should be typehinted also

If you are another contributor eager to jump in, please allow the previous poster(s) at least 48 hours to respond to feedback first, so they have the opportunity to finish what they started!

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented

Hi ,
I'd like to finish it, but I don't get your comment Smustgrave. I'm sorry if I'm doing anything incorrect.
If I'm should stop contributing here, please let me know. I just want to get more involved in code contributions, but I don't want to bother anyone.

smustgrave’s picture

smustgrave commented

You’re completely good! And doesn’t bother anyone

If you click into the pipeline you’ll see a functional test for big auth is failing so the change may need to be tweaked

The functional JavaScript failure is most likely random and just needs to be re ran

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented
Assigned: Unassigned » alvar0hurtad0

Thanks for the clarification, Stephen.

:)

Working on it.

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented

Still working on this, I didn't forget.

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented
Assigned: alvar0hurtad0 » Unassigned
Status: Needs work » Needs review

The test related to this are green now.

There're some javascript test failing but I can't find any relation with the changes done in this fork.

[EDIT]

I've rerun the tests and are green now.

smustgrave’s picture

smustgrave commented
Status: Needs review » Needs work

Left 1 comment on MR.

alvar0hurtad0’s picture

alvar0hurtad0
he/him
Primary language Spanish
Location Cáceres
commented
Status: Needs work » Needs review

Thanks for your review and sorry for the ping pong.

smustgrave’s picture

smustgrave commented
Status: Needs review » Reviewed & tested by the community
Issue tags: +Needs Review Queue Initiative

This appears to be addressed.

alexpott changed the visibility of the branch 11.x to active.

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Status: Reviewed & tested by the community » Needs work

I think we should retitle this issue. It's not really about test classes anymore. Plus I left quite a bit of feedback on the MR.

Version: 11.x-dev » main

Drupal core is now using the main branch as the primary development branch. New developments and disruptive changes should now be targeted to the main branch.

Read more in the announcement.

sivaji_ganesh_jojodae’s picture

sivaji_ganesh_jojodae commented
Status: Needs work » Needs review

I’ve addressed the feedback from the MR, rebased the branch, and the pipeline is now passing successfully.

sivaji_ganesh_jojodae’s picture

sivaji_ganesh_jojodae commented
Title: Replace \Drupal:: with $this->container->get() in test classes that allow dependency injection of Basic Auth module » Refactor Basic Auth kernel tests to use dependency injection
smustgrave’s picture

smustgrave commented
Status: Needs review » Needs work

But now the summary doesn't match.

sivaji_ganesh_jojodae’s picture

sivaji_ganesh_jojodae commented
Issue summary: View changes
sivaji_ganesh_jojodae’s picture

sivaji_ganesh_jojodae commented
Issue summary: View changes
Status: Needs work » Needs review

I've updated the summary.

smustgrave’s picture

smustgrave commented
Status: Needs review » Reviewed & tested by the community

@sivaji this is fine but PLEASE stop using AI for issue summaries, if #3585894: LLM harm reduction in Drupal core contribution, AGENTS.md guidelines it'll be even more discouraged and if #3574093: Ban slop issue summaries and comments lands not accepted, that 2nd is further off. Much appreciated if considered

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Version: main » 11.x-dev
Status: Reviewed & tested by the community » Fixed

Committed and pushed e6c69fa80d4 to main and cd1bc46ff10 to 11.x. Thanks!

Now that this issue is closed, review the contribution record.

As a contributor, attribute any organization that helped you, or if you volunteered your own time.

Maintainers, credit people who helped resolve this issue.

  • alexpott committed cd1bc46f on 11.x 
    task: #2699565 Refactor Basic Auth kernel tests to use dependency...

  • alexpott committed e6c69fa8 on main 
    task: #2699565 Refactor Basic Auth kernel tests to use dependency...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.