Skip to content

Commit

Permalink
fix issue lexik#1258 JWTCookieProvider does set flags cookie flags wh…
Browse files Browse the repository at this point in the history 
…en value is false
  • Loading branch information
mustapayev committed Nov 29, 2024
1 parent 6a56ddb commit e9f7fe1
Show file tree
Hide file tree
Showing 2 changed files with 103 additions and 6 deletions.
6 changes: 3 additions & 3 deletions Security/Http/Cookie/JWTCookieProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,11 +71,11 @@ public function createCookie(string $jwt, ?string $name = null, $expiresAt = nul
$expiresAt,
$path ?: $this->defaultPath,
$domain ?: $this->defaultDomain,
$secure ?: $this->defaultSecure,
$httpOnly ?: $this->defaultHttpOnly,
$secure ?? $this->defaultSecure,
$httpOnly ?? $this->defaultHttpOnly,
false,
$sameSite ?: $this->defaultSameSite,
$partitioned ?: $this->defaultPartitioned
$partitioned ?? $this->defaultPartitioned
);
}
}
103 changes: 100 additions & 3 deletions Tests/Security/Http/Cookie/JWTCookieProviderTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

use Lexik\Bundle\JWTAuthenticationBundle\Security\Http\Cookie\JWTCookieProvider;
use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Cookie;

/**
* JWTCookieProviderTest.
Expand All @@ -16,7 +17,7 @@ public function testCreateCookieWithExpiration()
$cookieProvider = new JWTCookieProvider("default_name");
$cookie = $cookieProvider->createCookie("header.payload.signature", "name", $expiresAt);

$this->assertSame($expiresAt, $cookie->getExpiresTime());
$this->assertEquals($expiresAt, $cookie->getExpiresTime());
}

public function testCreateCookieWithLifetime()
Expand All @@ -25,14 +26,110 @@ public function testCreateCookieWithLifetime()
$cookieProvider = new JWTCookieProvider("default_name", $lifetime);
$cookie = $cookieProvider->createCookie("header.payload.signature");

$this->assertSame(time() + $lifetime, $cookie->getExpiresTime());
$this->assertEquals(time() + $lifetime, $cookie->getExpiresTime());
}

public function testCreateSessionCookie()
{
$cookieProvider = new JWTCookieProvider("default_name", 0);
$cookie = $cookieProvider->createCookie("header.payload.signature");

$this->assertSame(0, $cookie->getExpiresTime());
$this->assertEquals(0, $cookie->getExpiresTime());
}

/**
* @dataProvider createCookieFlagDataProvider
*/
public function testCreateCookieHttpOnlyFlag(bool $defaultHttpOnlyFlag, bool $httpOnlyParam, bool $expectedFlag): void
{
$cookieProvider = new JWTCookieProvider(
"default_name",
0,
Cookie::SAMESITE_LAX,
'/',
null,
true,
$defaultHttpOnlyFlag
);
$cookie = $cookieProvider->createCookie(
"header.payload.signature",
null,
null,
null,
null,
null,
null,
$httpOnlyParam
);

$this->assertSame($expectedFlag, $cookie->isHttpOnly());
}

/**
* @dataProvider createCookieFlagDataProvider
*/
public function testCreateCookieSecureFlag(bool $defaultSecureFlag, bool $secureParam, bool $expectedFlag): void
{
$cookieProvider = new JWTCookieProvider(
"default_name",
0,
Cookie::SAMESITE_LAX,
'/',
null,
$defaultSecureFlag
);
$cookie = $cookieProvider->createCookie(
"header.payload.signature",
null,
null,
null,
null,
null,
$secureParam
);

$this->assertSame($expectedFlag, $cookie->isSecure());
}

/**
* @dataProvider createCookieFlagDataProvider
*/
public function testCreateCookiePartitionedFlag(bool $defaultPartitionedFlag, bool $parititionedParam, bool $expectedFlag): void
{
$cookieProvider = new JWTCookieProvider(
"default_name",
0,
Cookie::SAMESITE_LAX,
'/',
null,
true,
true,
[],
$defaultPartitionedFlag
);
$cookie = $cookieProvider->createCookie(
"header.payload.signature",
null,
null,
null,
null,
null,
true,
true,
[],
$parititionedParam
);

$this->assertSame($expectedFlag, $cookie->isPartitioned());
}

public static function createCookieFlagDataProvider(): array
{
return [
[true, true, true],
[false, false, false],
[true, false, false],
[false, true, true],
];
}
}

0 comments on commit e9f7fe1

Please sign in to comment.