3 namespace Drupal\Tests\rest\Functional;
6 use Psr\Http\Message\ResponseInterface;
9 * Trait for ResourceTestBase subclasses testing $auth=basic_auth.
12 * - Every request must send an Authorization header.
13 * - When accessing a URI that requires authentication without being
14 * authenticated, a 401 response must be sent.
15 * - Because every request must send an authorization, there is no danger of
18 * @see \Drupal\Tests\rest\Functional\BasicAuthResourceWithInterfaceTranslationTestTrait
20 trait BasicAuthResourceTestTrait {
25 protected function getAuthenticationRequestOptions($method) {
28 'Authorization' => 'Basic ' . base64_encode($this->account->name->value . ':' . $this->account->passRaw),
36 protected function assertResponseWhenMissingAuthentication($method, ResponseInterface $response) {
37 $expected_page_cache_header_value = $method === 'GET' ? 'MISS' : FALSE;
38 // @see \Drupal\basic_auth\Authentication\Provider\BasicAuth::challengeException()
39 $expected_dynamic_page_cache_header_value = $expected_page_cache_header_value;
40 $this->assertResourceErrorResponse(401, 'No authentication credentials provided.', $response, ['4xx-response', 'config:system.site', 'config:user.role.anonymous', 'http_response'], ['user.roles:anonymous'], $expected_page_cache_header_value, $expected_dynamic_page_cache_header_value);
46 protected function assertAuthenticationEdgeCases($method, Url $url, array $request_options) {