Add quick smoketest to assert the routes don't produce an error and the status code is correct

johanib · johanib · commit c17d304f640f · 2026-05-05T11:27:58.000+02:00
diff --git a/ci/qa/phpunit.sh b/ci/qa/phpunit.sh
@@ -18,7 +18,7 @@ XDEBUG_MODE=coverage ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --
 echo -e "\nPHPUnit unit tests\n"
 XDEBUG_MODE=coverage ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=unit --coverage-clover coverage.xml
 
-echo -e "\nPHPUnit API acceptance tests\n"
+echo -e "\nPHPUnit acceptance tests\n"
 ./bin/console cache:clear --env=test --no-warmup
 APP_ENV=test XDEBUG_MODE=coverage ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=functional --coverage-clover coverage.xml
 
diff --git a/languages/messages.en.php b/languages/messages.en.php
@@ -265,7 +265,7 @@
     'error_clock_issue_desc' => 'This is likely because the difference in time between %idpName% and %suiteName% it too large. Please verify that the time on the %organisationNoun% is correct.',
     'error_clock_issue_desc_no_idp_name' => 'This is likely because the difference in time between %organisationNoun% and %suiteName% it too large. Please verify that the time on the IdP is correct.',
     'error_stepup_callout_unknown' => 'Error - Unknown strong authentication failure',
-    'error_stepup_callout_unknown_desc' => 'Logging in with strong authentication has failed and we don\'t know exactly why . Please try again first by going back to the service and logging in again . If this doesn\'t work, please contact the service desk of your %organisationNoun%.',
+    'error_stepup_callout_unknown_desc' => 'Logging in with strong authentication has failed and we don\'t know exactly why. Please try again first by going back to the service and logging in again. If this doesn\'t work, please contact the service desk of your %organisationNoun%.',
     'error_stepup_callout_unmet_loa_title' => 'Error - No suitable token found',
     'error_stepup_callout_unmet_loa_desc' => 'To continue to this service, a registered token with a certain level of assurance is required. Currently, you either haven\'t registered a token at all, or the level of assurance of the token you did register is too low. See the link below for more information about the registration process.',
     'error_stepup_callout_unmet_loa_link_text' => 'Read more about the registration process.',
diff --git a/tests/functional/OpenConext/EngineBlockBundle/Controller/FeedbackControllerTest.php b/tests/functional/OpenConext/EngineBlockBundle/Controller/FeedbackControllerTest.php
@@ -0,0 +1,100 @@
+<?php
+
+/**
+ * Copyright 2026 SURFnet B.V.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace OpenConext\EngineBlockBundle\Tests;
+
+use PHPUnit\Framework\Attributes\Test;
+use Symfony\Component\HttpFoundation\Response;
+
+final class FeedbackControllerTest extends FunctionalWebTestCase
+{
+    #[Test]
+    public function session_lost_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/session-lost', Response::HTTP_BAD_REQUEST, 'your session was lost');
+    }
+
+    #[Test]
+    public function session_not_started_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/session-not-started', Response::HTTP_BAD_REQUEST, 'No session found');
+    }
+
+    #[Test]
+    public function unsolicited_response_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/unsolicited-response', Response::HTTP_BAD_REQUEST, 'Sign-in could not be completed');
+    }
+
+    #[Test]
+    public function invalid_acs_binding_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/invalid-acs-binding', Response::HTTP_BAD_REQUEST, 'Invalid ACS binding type');
+    }
+
+    #[Test]
+    public function received_error_status_code_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/received-error-status-code', Response::HTTP_BAD_REQUEST, 'Identity Provider error');
+    }
+
+    #[Test]
+    public function unable_to_receive_message_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/unable-to-receive-message', Response::HTTP_BAD_REQUEST, 'No message received');
+    }
+
+    #[Test]
+    public function unknown_requesterid_in_authnrequest_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/unknown_requesterid_in_authnrequest', Response::HTTP_BAD_REQUEST, 'Unknown service');
+    }
+
+    #[Test]
+    public function authentication_limit_exceeded_returns_429_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/authentication-limit-exceeded', Response::HTTP_TOO_MANY_REQUESTS, 'too many authentications in progress');
+    }
+
+    #[Test]
+    public function stepup_callout_unknown_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/stepup-callout-unknown', Response::HTTP_BAD_REQUEST, 'Unknown strong authentication failure');
+    }
+
+    #[Test]
+    public function stepup_callout_user_cancelled_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/stepup-callout-user-cancelled', Response::HTTP_BAD_REQUEST, 'Logging in cancelled');
+    }
+
+    #[Test]
+    public function invalid_acs_location_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/invalidAcsLocation', Response::HTTP_BAD_REQUEST, 'Invalid ACS location');
+    }
+
+    private function assertFeedbackPage(string $path, int $expectedStatus, string $expectedPhrase): void
+    {
+        $client = self::createClient();
+        $client->request('GET', 'https://engine.dev.openconext.local' . $path);
+
+        $this->assertEquals($expectedStatus, $client->getResponse()->getStatusCode());
+        $this->assertStringContainsString($expectedPhrase, $client->getResponse()->getContent());
+    }
+}
