#165 login token

src/Codeception/Module/Symfony/SessionAssertionsTrait.php

@@ -7,9 +7,14 @@
 use Symfony\Component\BrowserKit\Cookie;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
+use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
+use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken;
 use Symfony\Component\Security\Http\Logout\LogoutUrlGenerator;
 use function is_int;
@@ -32,12 +37,20 @@ trait SessionAssertionsTrait
      */
     public function amLoggedInAs(UserInterface $user, string $firewallName = 'main', string $firewallContext = null): void
     {
-        $session = $this->getCurrentSession();
-        $roles = $user->getRoles();
+        $token = $this->createAuthenticationToken($user, $firewallName);
+        $this->loginWithToken($token, $firewallName, $firewallContext);
+    }
 
-        $token = $this->createAuthenticationToken($user, $firewallName, $roles);
+    public function amLoggedInWithToken(TokenInterface $token, string $firewallName = 'main', string $firewallContext = null): void
+    {
+        $this->loginWithToken($token, $firewallName, $firewallContext);
+    }
+
+    protected function loginWithToken(TokenInterface $token, string $firewallName, ?string $firewallContext): void
+    {
         $this->getTokenStorage()->setToken($token);
 
+        $session = $this->getCurrentSession();
         $sessionKey = $firewallContext ? "_security_{$firewallContext}" : "_security_{$firewallName}";
         $session->set($sessionKey, serialize($token));
         $session->save();
@@ -174,6 +187,11 @@ protected function getLogoutUrlGenerator(): ?LogoutUrlGenerator
         return $this->getService('security.logout_url_generator');
     }
 
+    protected function getAuthenticator(): ?AuthenticatorInterface
+    {
+        return $this->getService(AuthenticatorInterface::class);
+    }
+
     protected function getCurrentSession(): SessionInterface
     {
         $container = $this->_getContainer();
@@ -194,18 +212,24 @@ protected function getSymfonyMajorVersion(): int
     }
 
     /**
-     * @return UsernamePasswordToken|PostAuthenticationGuardToken|PostAuthenticationToken
+     * @return TokenInterface|GuardTokenInterface
      */
-    protected function createAuthenticationToken(UserInterface $user, string $firewallName, array $roles)
+    protected function createAuthenticationToken(UserInterface $user, string $firewallName)
     {
+        $roles = $user->getRoles();
         if ($this->getSymfonyMajorVersion() < 6) {
             return $this->config['guard']
                 ? new PostAuthenticationGuardToken($user, $firewallName, $roles)
                 : new UsernamePasswordToken($user, null, $firewallName, $roles);
         }
 
-        return $this->config['authenticator']
-            ? new PostAuthenticationToken($user, $firewallName, $roles)
-            : new UsernamePasswordToken($user, $firewallName, $roles);
+        if ($this->config['authenticator']) {
+            if ($authenticator = $this->getAuthenticator()) {
+                $passport = new SelfValidatingPassport(new UserBadge($user->getUserIdentifier(), fn () => $user));
+                return $authenticator->createToken($passport, $firewallName);
+            }
+            return new PostAuthenticationToken($user, $firewallName, $roles);
+        }
+        return new UsernamePasswordToken($user, $firewallName, $roles);
     }
 }