diff --git a/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php b/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php index 0e155d7..fa808a4 100644 --- a/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php +++ b/core/modules/rest/lib/Drupal/rest/Tests/AuthTest.php @@ -59,11 +59,6 @@ public function setUp() { $entity->save(); $this->entity = $entity; - // Try to read the resource as an anonymous user, which should not work. - $this->httpRequest('entity/' . $entity_type . '/' . $entity->id(), 'GET', NULL, $this->defaultMimeType); - $this->assertResponse('401', 'HTTP response code is 401 when the request is not authenticated and the user is anonymous.'); - $this->assertText('A fatal error occurred: No authentication credentials provided.'); - // Create a user account that has the required permissions to read // resources via the REST API, but the request is authenticated // with session cookies. @@ -73,7 +68,7 @@ public function setUp() { } /** - * Tests that disabled auth results in 401 response. + * Tests that disabled auth (cookie auth) results in 401 response. */ public function testDisabledAuth() { $this->drupalLogin($this->account); @@ -82,20 +77,26 @@ public function testDisabledAuth() { // not enabled and should not work. $this->httpRequest('entity/' . $this->entity->entityType() . '/' . $this->entity->id(), 'GET', NULL, $this->defaultMimeType); $this->assertResponse('401', 'HTTP response code is 401 when the request is authenticated but not authorized.'); - - $this->curlClose(); } /** - * Test that enabled auth results in a 200 response. + * Test that enabled auth (basic auth) results in a 200 response. */ public function testEnabledAuth() { // Try to read the resource with Basic authentication, which is enabled and // should work. $this->basicAuthGet('entity/' . $this->entity->entityType() . '/' . $this->entity->id(), $this->account->getUsername(), $this->account->pass_raw); $this->assertResponse('200', 'HTTP response code is 200 for successfully authorized requests.'); + } - $this->curlClose(); + /** + * Test that no auth results in 401 response. + */ + public function testNoAuth() { + // Try to read the resource as an anonymous user, which should not work. + $this->httpRequest('entity/' . $this->entity->entityType() . '/' . $this->entity->id(), 'GET', NULL, $this->defaultMimeType); + $this->assertResponse('401', 'HTTP response code is 401 when the request is not authenticated and the user is anonymous.'); + $this->assertText('A fatal error occurred: No authentication credentials provided.'); } /**