diff --git a/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php b/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php index 7c8c4eb..8f5e0b9 100644 --- a/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php +++ b/core/modules/basic_auth/src/Tests/BasicAuthTestTrait.php @@ -19,14 +19,18 @@ * Drupal path or URL to load into the internal browser. * @param array $options * Options to be forwarded to the url generator. + * @param string $username + * The username to use for basic authentication. + * @param string $password + * The password to use for basic authentication. * * @return string * The retrieved HTML string, also available as $this->getRawContent(). */ - protected function basicAuthGet($path, array $options = array()) { + protected function basicAuthGet($path, array $options = array(), $username, $password) { // Set up Curl to use basic authentication with the test user's credentials. $headers = [ - 'Authorization: Basic ' . base64_encode($this->user->getUsername() . ':' . $this->user->pass_raw), + 'Authorization: Basic ' . base64_encode("$username:$password"), ]; return $this->drupalGet($path, $options, $headers); diff --git a/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php b/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php index 3ded489..1a75cb2 100644 --- a/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php +++ b/core/modules/system/src/Tests/Session/SessionAuthenticationTest.php @@ -60,7 +60,7 @@ public function testSessionFromBasicAuthenticationDoesNotLeak() { $this->assertResponse(401, 'An anonymous user cannot access a route protected with basic authentication.'); // We should be able to access the route with basic authentication. - $this->basicAuthGet($protected_url); + $this->basicAuthGet($protected_url, [], $this->user->getUsername(), $this->user->pass_raw); $this->assertResponse(200, 'A route protected with basic authentication can be accessed by an authenticated user.'); // Check that the correct user is logged in.