如何模拟 LDAP Laravel 身份验证进行单元测试

Question

在我的 Laravel 项目中，我使用Ldap-connector 包来针对 LDAP 对用户进行身份验证

Auth 开箱即用。

在 /app/providers/AuthServiceProvider.php 我定义了一个策略来管理 LDAP 用户访问，例如：

public function boot(GateContract $gate)
{
    $this->registerPolicies($gate);

    $gate->define('rewards', function ($user) {
        return ($user->getAdLDAP()->inGroup('Admin') || $user->getAdLDAP()->inGroup('Marketing')) ? true : false;
    });
    // other policies 
    // ...
}

在控制器中，我检查登录用户的策略，例如：

class RewardController extends Controller {
    public function __construct($handler = null) {
        $this->authorize('rewards');
    }
    // other methods
    // ...
}

一切正常，如果登录用户没有Marketing或Admin组，控制器将抛出403异常。

现在，对于我的phpunit测试，我需要模拟 LDAP 身份验证并提供对控制器的访问以测试它的方法，否则策略会抛出This action is unauthorized.错误

由于实现了 ldap auth 驱动程序，我认为没有App/User使用用户模型，而且我不能$this->actingAs($user)从这里的Laravel 文档中完成它

Answer 1

我能够自己找到解决方案

我将LDAP连接包切换为Adldap2/Adldap2-Laravel

我使用现有的单元测试Admin并使用组用户创建了自己的身份验证：

<?php

use Adldap\Auth\Guard;
use Adldap\Connections\Manager;
use Adldap\Connections\Provider;
use Adldap\Contracts\Connections\ConnectionInterface;
use Adldap\Laravel\Facades\Adldap;
use Adldap\Models\User;
use Adldap\Query\Builder;
use Adldap\Schemas\Schema;
use Adldap\Search\Factory;
use Illuminate\Support\Facades\Auth;
use Adldap\Models\Group;

class TestCase extends Illuminate\Foundation\Testing\TestCase
{
    public function pass_auth() {

        $mockedProvider = $this->mock(Provider::class);
        $mockedBuilder = $this->mock(Builder::class);
        $mockedSearch = $this->mock(Factory::class);
        $mockedAuth = $this->mock(Guard::class);
        $mockedConnection = $this->mock(ConnectionInterface::class);

        $mockedConnection->shouldReceive('isBound')->once()->andReturn(true);

        $mockedBuilder->shouldReceive('getSchema')->once()->andReturn(Schema::get());
        $mockedBuilder->shouldReceive('getConnection')->once()->andReturn($mockedConnection);

        $adUser = (new User([], $mockedBuilder))->setRawAttributes([
            'samaccountname' => ['jdoe'],
            'mail'           => ['jdoe@email.com'],
            'cn'             => ['John Doe'],
        ]);

        $manager = new Manager();
        $manager->add('default', $mockedProvider);

        Adldap::shouldReceive('getManager')->andReturn($manager);

        $mockedProvider->shouldReceive('search')->once()->andReturn($mockedSearch);
        $mockedProvider->shouldReceive('getSchema')->andReturn(Schema::get());
        $mockedProvider->shouldReceive('auth')->once()->andReturn($mockedAuth);

        $mockedSearch->shouldReceive('users')->once()->andReturn($mockedSearch);
        $mockedSearch->shouldReceive('select')->once()->andReturn($mockedBuilder);

        $mockedBuilder->shouldReceive('whereEquals')->once()->andReturn($mockedBuilder);
        $mockedBuilder->shouldReceive('first')->once()->andReturn($adUser);

        $mockedAuth->shouldReceive('attempt')->once()->andReturn(true);

        $this->assertTrue(Auth::attempt(['username' => 'jdoe', 'password' => '12345']));

        $mockedGroup = $this->mock(Group::class);
        $mockedGroup->shouldReceive('getName')->once()->andReturn('Admin');

        $mockedBuilder->shouldReceive('newInstance')->andReturnSelf();
        $mockedBuilder->shouldReceive('newCollection')->andReturn([$mockedGroup]);

    }
}

这部分将Admin组添加到user模拟中

$mockedGroup = $this->mock(Group::class);
$mockedGroup->shouldReceive('getName')->once()->andReturn('Admin');

$mockedBuilder->shouldReceive('newInstance')->andReturnSelf();
$mockedBuilder->shouldReceive('newCollection')->andReturn([$mockedGroup]);