diff --git a/core/lib/Drupal/Core/DrupalKernel.php b/core/lib/Drupal/Core/DrupalKernel.php index be9821d..eec36c9 100644 --- a/core/lib/Drupal/Core/DrupalKernel.php +++ b/core/lib/Drupal/Core/DrupalKernel.php @@ -896,9 +896,7 @@ protected function persistServices(ContainerInterface $container, array $persist } /** - * Force a container rebuild. - * - * @return \Symfony\Component\DependencyInjection\ContainerInterface + * {@inheritdoc} */ public function rebuildContainer() { // Empty module properties and for them to be reloaded from scratch. diff --git a/core/lib/Drupal/Core/DrupalKernelInterface.php b/core/lib/Drupal/Core/DrupalKernelInterface.php index ab17b77..ca94511 100644 --- a/core/lib/Drupal/Core/DrupalKernelInterface.php +++ b/core/lib/Drupal/Core/DrupalKernelInterface.php @@ -50,6 +50,13 @@ public function discoverServiceProviders(); public function getServiceProviders($origin); /** + * Force a container rebuild. + * + * @return \Symfony\Component\DependencyInjection\ContainerInterface + */ + public function rebuildContainer(); + + /** * Gets the current container. * * @return \Symfony\Component\DependencyInjection\ContainerInterface diff --git a/core/modules/system/src/Tests/Session/MultipleAuthenticationSessionTest.php b/core/modules/system/src/Tests/Session/MultipleAuthenticationSessionTest.php index 2ed014c..398ed2e 100644 --- a/core/modules/system/src/Tests/Session/MultipleAuthenticationSessionTest.php +++ b/core/modules/system/src/Tests/Session/MultipleAuthenticationSessionTest.php @@ -7,6 +7,8 @@ namespace Drupal\system\Tests\Session; +use Drupal\Component\Serialization\Yaml; +use Drupal\Core\DependencyInjection\YamlFileLoader; use Drupal\simpletest\WebTestBase; /** @@ -27,12 +29,53 @@ public function testLoginWithBasicAuthCredentials() { CURLOPT_HTTPAUTH => CURLAUTH_BASIC, CURLOPT_USERPWD => $user->getUsername() . ':' . $user->pass_raw, ]); - $this->assertResponse(200); + // Basic auth is used for the login form, which results in a working + // authentication, so the access checking is denied. + $this->assertResponse(403); + + // Basic auth doesn't open up a session, so the user is not logged in. + $this->drupalGet($user->urlInfo()); + $this->assertResponse(403); + + // Let's send some basic_auth authentication headers, but that particular + // route does not have basic_auth authentications. + $this->drupalGet($user->urlInfo(), [], [], [ + CURLOPT_HTTPAUTH => CURLAUTH_BASIC, + CURLOPT_USERPWD => $user->getUsername() . ':' . $user->pass_raw, + ]); + $this->assertResponse(403); - $this->assertUrl($user->urlInfo()); + // Now change the default global authentication providers to also include + // cookie, which means that those routes don't need basic_auth as part of + // the router. + /** @var \Drupal\Core\DrupalKernelInterface $kernel */ + $kernel = \Drupal::service('kernel'); + $path = $kernel->getSitePath(); + $filepath = $path . '/services.yml'; + $data = Yaml::decode(file_get_contents($filepath)); + $data['services']['authentication'] = [ + 'class' => 'Drupal\Core\Authentication\AuthenticationManager', + 'arguments' => [['cookie' => TRUE, 'basic_auth' => TRUE]], + 'tags' => [ + [ + 'name' => 'service_collector', + 'tag' => 'authentication_provider', + 'call' => 'addProvider' + ] + ] + ]; + file_put_contents($filepath, Yaml::encode($data)); + YamlFileLoader::reset(); + $kernel->rebuildContainer(); + + $this->drupalGet($user->urlInfo(), [], [], [ + CURLOPT_HTTPAUTH => CURLAUTH_BASIC, + CURLOPT_USERPWD => $user->getUsername() . ':' . $user->pass_raw, + ]); + $this->assertResponse(200); } - public function ptestRequestWithBasicAuthCredentials() { + public function testRequestWithBasicAuthCredentials() { $admin = $this->drupalCreateUser(['administer site configuration']); $result = $this->drupalGet('session-test/get-session', [], [], [ CURLOPT_HTTPAUTH => CURLAUTH_BASIC,