diff --git a/core/modules/user/tests/src/Unit/UserAuthTest.php b/core/modules/user/tests/src/Unit/UserAuthTest.php index 5794d14..899799f 100644 --- a/core/modules/user/tests/src/Unit/UserAuthTest.php +++ b/core/modules/user/tests/src/Unit/UserAuthTest.php @@ -280,4 +280,57 @@ class UserAuthTest extends UnitTestCase { $this->assertSame("$frontend_url?check_logged_in=1", $response->getTargetUrl()); } + /** + * Tests the auth that ends in a redirect from subdomain with a fragment to TLD. + */ + public function testAddCheckToUrlForTrustedRedirectResponseWithFragment(): void { + $site_domain = 'site.com'; + $frontend_url = "https://$site_domain"; + $backend_url = "https://api.$site_domain"; + $request = Request::create($backend_url); + $response = new TrustedRedirectResponse($frontend_url . '#a_fragment'); + + $request_context = $this->createMock(RequestContext::class); + $request_context + ->method('getCompleteBaseUrl') + ->willReturn($backend_url); + + $container = new ContainerBuilder(); + $container->set('router.request_context', $request_context); + \Drupal::setContainer($container); + + $session_mock = $this->createMock(SessionInterface::class); + $session_mock + ->expects($this->once()) + ->method('has') + ->with('check_logged_in') + ->willReturn(TRUE); + $session_mock + ->expects($this->once()) + ->method('remove') + ->with('check_logged_in'); + + $event_mock = $this->createMock(ResponseEvent::class); + $event_mock + ->expects($this->once()) + ->method('getResponse') + ->willReturn($response); + $event_mock + ->expects($this->exactly(3)) + ->method('getRequest') + ->willReturn($request); + + $request + ->setSession($session_mock); + + $this + ->getMockBuilder(Cookie::class) + ->disableOriginalConstructor() + ->onlyMethods([]) + ->getMock() + ->addCheckToUrl($event_mock); + + $this->assertSame("$frontend_url?check_logged_in=1#a_fragment", $response->getTargetUrl()); + } + }