Loading core/modules/user/src/Authentication/Provider/Cookie.php +2 −2 Original line number Diff line number Diff line Loading @@ -130,8 +130,8 @@ public function addCheckToUrl(ResponseEvent $event) { $options = UrlHelper::parse($url); $options['query']['check_logged_in'] = '1'; $url = $options['path'] . '?' . UrlHelper::buildQuery($options['query']); if (!empty($options['#fragment'])) { $url .= '#' . $options['#fragment']; if (!empty($options['fragment'])) { $url .= '#' . $options['fragment']; } // In the case of trusted redirect, we have to update the list of // trusted URLs because here we've just modified its target URL Loading core/modules/user/tests/src/Unit/UserAuthTest.php +50 −0 Original line number Diff line number Diff line Loading @@ -278,4 +278,54 @@ public function testAddCheckToUrlForTrustedRedirectResponse(): void { $this->assertSame("$frontend_url?check_logged_in=1", $response->getTargetUrl()); } /** * Tests the auth that ends in a redirect from subdomain with a fragment to TLD. */ public function testAddCheckToUrlForTrustedRedirectResponseWithFragment(): void { $site_domain = 'site.com'; $frontend_url = "https://$site_domain"; $backend_url = "https://api.$site_domain"; $request = Request::create($backend_url); $response = new TrustedRedirectResponse($frontend_url . '#a_fragment'); $request_context = $this->createMock(RequestContext::class); $request_context ->method('getCompleteBaseUrl') ->willReturn($backend_url); $container = new ContainerBuilder(); $container->set('router.request_context', $request_context); \Drupal::setContainer($container); $session_mock = $this->createMock(SessionInterface::class); $session_mock ->expects($this->once()) ->method('has') ->with('check_logged_in') ->willReturn(TRUE); $session_mock ->expects($this->once()) ->method('remove') ->with('check_logged_in'); $event = new ResponseEvent( $this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST, $response ); $request ->setSession($session_mock); $this ->getMockBuilder(Cookie::class) ->disableOriginalConstructor() ->onlyMethods([]) ->getMock() ->addCheckToUrl($event); $this->assertSame("$frontend_url?check_logged_in=1#a_fragment", $response->getTargetUrl()); } } Loading
core/modules/user/src/Authentication/Provider/Cookie.php +2 −2 Original line number Diff line number Diff line Loading @@ -130,8 +130,8 @@ public function addCheckToUrl(ResponseEvent $event) { $options = UrlHelper::parse($url); $options['query']['check_logged_in'] = '1'; $url = $options['path'] . '?' . UrlHelper::buildQuery($options['query']); if (!empty($options['#fragment'])) { $url .= '#' . $options['#fragment']; if (!empty($options['fragment'])) { $url .= '#' . $options['fragment']; } // In the case of trusted redirect, we have to update the list of // trusted URLs because here we've just modified its target URL Loading
core/modules/user/tests/src/Unit/UserAuthTest.php +50 −0 Original line number Diff line number Diff line Loading @@ -278,4 +278,54 @@ public function testAddCheckToUrlForTrustedRedirectResponse(): void { $this->assertSame("$frontend_url?check_logged_in=1", $response->getTargetUrl()); } /** * Tests the auth that ends in a redirect from subdomain with a fragment to TLD. */ public function testAddCheckToUrlForTrustedRedirectResponseWithFragment(): void { $site_domain = 'site.com'; $frontend_url = "https://$site_domain"; $backend_url = "https://api.$site_domain"; $request = Request::create($backend_url); $response = new TrustedRedirectResponse($frontend_url . '#a_fragment'); $request_context = $this->createMock(RequestContext::class); $request_context ->method('getCompleteBaseUrl') ->willReturn($backend_url); $container = new ContainerBuilder(); $container->set('router.request_context', $request_context); \Drupal::setContainer($container); $session_mock = $this->createMock(SessionInterface::class); $session_mock ->expects($this->once()) ->method('has') ->with('check_logged_in') ->willReturn(TRUE); $session_mock ->expects($this->once()) ->method('remove') ->with('check_logged_in'); $event = new ResponseEvent( $this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST, $response ); $request ->setSession($session_mock); $this ->getMockBuilder(Cookie::class) ->disableOriginalConstructor() ->onlyMethods([]) ->getMock() ->addCheckToUrl($event); $this->assertSame("$frontend_url?check_logged_in=1#a_fragment", $response->getTargetUrl()); } }