diff options
Diffstat (limited to 'tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php')
| -rw-r--r-- | tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php | 354 |
1 files changed, 239 insertions, 115 deletions
diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php index f6067b8d15a..7e7f949965f 100644 --- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php +++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php @@ -1,38 +1,30 @@ <?php + +declare(strict_types=1); + /** - * @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl> - * - * @author Roeland Jago Douma <roeland@famdouma.nl> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace Test\Authentication\Token; use OC\Authentication\Exceptions\ExpiredTokenException; use OC\Authentication\Exceptions\InvalidTokenException; -use OC\Authentication\Token\IToken; +use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Token\PublicKeyToken; use OC\Authentication\Token\PublicKeyTokenMapper; use OC\Authentication\Token\PublicKeyTokenProvider; use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Token\IToken; +use OCP\ICacheFactory; use OCP\IConfig; +use OCP\IDBConnection; use OCP\Security\ICrypto; +use OCP\Security\IHasher; +use OCP\Server; +use PHPUnit\Framework\MockObject\MockObject; use Psr\Log\LoggerInterface; use Test\TestCase; @@ -41,14 +33,20 @@ class PublicKeyTokenProviderTest extends TestCase { private $tokenProvider; /** @var PublicKeyTokenMapper|\PHPUnit\Framework\MockObject\MockObject */ private $mapper; + /** @var IHasher|\PHPUnit\Framework\MockObject\MockObject */ + private $hasher; /** @var ICrypto */ private $crypto; /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ private $config; + /** @var IDBConnection|MockObject */ + private IDBConnection $db; /** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */ private $logger; /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */ private $timeFactory; + /** @var ICacheFactory|\PHPUnit\Framework\MockObject\MockObject */ + private $cacheFactory; /** @var int */ private $time; @@ -56,33 +54,49 @@ class PublicKeyTokenProviderTest extends TestCase { parent::setUp(); $this->mapper = $this->createMock(PublicKeyTokenMapper::class); - $this->crypto = \OC::$server->getCrypto(); + $this->hasher = Server::get(IHasher::class); + $this->crypto = Server::get(ICrypto::class); $this->config = $this->createMock(IConfig::class); $this->config->method('getSystemValue') ->willReturnMap([ - ['session_lifetime', 60 * 60 * 24, 150], - ['remember_login_cookie_lifetime', 60 * 60 * 24 * 15, 300], - ['secret', '', '1f4h9s'], ['openssl', [], []], ]); + $this->config->method('getSystemValueString') + ->willReturnMap([ + ['secret', '', '1f4h9s'], + ]); + $this->db = $this->createMock(IDBConnection::class); $this->logger = $this->createMock(LoggerInterface::class); $this->timeFactory = $this->createMock(ITimeFactory::class); $this->time = 1313131; $this->timeFactory->method('getTime') ->willReturn($this->time); - - $this->tokenProvider = new PublicKeyTokenProvider($this->mapper, $this->crypto, $this->config, $this->logger, - $this->timeFactory); + $this->cacheFactory = $this->createMock(ICacheFactory::class); + + $this->tokenProvider = new PublicKeyTokenProvider( + $this->mapper, + $this->crypto, + $this->config, + $this->db, + $this->logger, + $this->timeFactory, + $this->hasher, + $this->cacheFactory, + ); } - public function testGenerateToken() { - $token = 'token'; + public function testGenerateToken(): void { + $token = 'tokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'passme'; $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); $this->assertInstanceOf(PublicKeyToken::class, $actual); @@ -93,10 +107,50 @@ class PublicKeyTokenProviderTest extends TestCase { $this->assertSame($password, $this->tokenProvider->getPassword($actual, $token)); } - public function testGenerateTokenInvalidName() { - $this->expectException(\OC\Authentication\Exceptions\InvalidTokenException::class); + public function testGenerateTokenNoPassword(): void { + $token = 'tokentokentokentokentoken'; + $uid = 'user'; + $user = 'User'; + $password = 'passme'; + $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; + $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, false], + ]); + $this->expectException(PasswordlessTokenException::class); - $token = 'token'; + $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); + + $this->assertInstanceOf(PublicKeyToken::class, $actual); + $this->assertSame($uid, $actual->getUID()); + $this->assertSame($user, $actual->getLoginName()); + $this->assertSame($name, $actual->getName()); + $this->assertSame(IToken::DO_NOT_REMEMBER, $actual->getRemember()); + $this->tokenProvider->getPassword($actual, $token); + } + + public function testGenerateTokenLongPassword(): void { + $token = 'tokentokentokentokentoken'; + $uid = 'user'; + $user = 'User'; + $password = ''; + for ($i = 0; $i < 500; $i++) { + $password .= 'e'; + } + $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; + $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); + $this->expectException(\RuntimeException::class); + + $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); + } + + public function testGenerateTokenInvalidName(): void { + $token = 'tokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'passme'; @@ -105,23 +159,38 @@ class PublicKeyTokenProviderTest extends TestCase { . 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12' . 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); + + $this->assertInstanceOf(PublicKeyToken::class, $actual); + $this->assertSame($uid, $actual->getUID()); + $this->assertSame($user, $actual->getLoginName()); + $this->assertSame('User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12User-Agent: Mozill…', $actual->getName()); + $this->assertSame(IToken::DO_NOT_REMEMBER, $actual->getRemember()); + $this->assertSame($password, $this->tokenProvider->getPassword($actual, $token)); } - public function testUpdateToken() { + public function testUpdateToken(): void { $tk = new PublicKeyToken(); $this->mapper->expects($this->once()) ->method('updateActivity') ->with($tk, $this->time); $tk->setLastActivity($this->time - 200); + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $this->tokenProvider->updateTokenActivity($tk); $this->assertEquals($this->time, $tk->getLastActivity()); } - public function testUpdateTokenDebounce() { + public function testUpdateTokenDebounce(): void { $tk = new PublicKeyToken(); $this->config->method('getSystemValueInt') ->willReturnCallback(function ($value, $default) { @@ -136,7 +205,7 @@ class PublicKeyTokenProviderTest extends TestCase { $this->tokenProvider->updateTokenActivity($tk); } - public function testGetTokenByUser() { + public function testGetTokenByUser(): void { $this->mapper->expects($this->once()) ->method('getTokenByUser') ->with('uid') @@ -145,13 +214,17 @@ class PublicKeyTokenProviderTest extends TestCase { $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser('uid')); } - public function testGetPassword() { - $token = 'token'; + public function testGetPassword(): void { + $token = 'tokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'passme'; $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); @@ -159,8 +232,8 @@ class PublicKeyTokenProviderTest extends TestCase { } - public function testGetPasswordPasswordLessToken() { - $this->expectException(\OC\Authentication\Exceptions\PasswordlessTokenException::class); + public function testGetPasswordPasswordLessToken(): void { + $this->expectException(PasswordlessTokenException::class); $token = 'token1234'; $tk = new PublicKeyToken(); @@ -170,28 +243,36 @@ class PublicKeyTokenProviderTest extends TestCase { } - public function testGetPasswordInvalidToken() { - $this->expectException(\OC\Authentication\Exceptions\InvalidTokenException::class); + public function testGetPasswordInvalidToken(): void { + $this->expectException(InvalidTokenException::class); - $token = 'token'; + $token = 'tokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'passme'; $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); $this->tokenProvider->getPassword($actual, 'wrongtoken'); } - public function testSetPassword() { - $token = 'token'; + public function testSetPassword(): void { + $token = 'tokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'passme'; $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); @@ -203,18 +284,18 @@ class PublicKeyTokenProviderTest extends TestCase { $this->mapper->expects($this->once()) ->method('update') ->with($this->callback(function ($token) use ($newpass) { - return $newpass === $this->tokenProvider->getPassword($token, 'token'); + return $newpass === $this->tokenProvider->getPassword($token, 'tokentokentokentokentoken'); })); $this->tokenProvider->setPassword($actual, $token, $newpass); - $this->assertSame($newpass, $this->tokenProvider->getPassword($actual, 'token')); + $this->assertSame($newpass, $this->tokenProvider->getPassword($actual, 'tokentokentokentokentoken')); } - public function testSetPasswordInvalidToken() { - $this->expectException(\OC\Authentication\Exceptions\InvalidTokenException::class); + public function testSetPasswordInvalidToken(): void { + $this->expectException(InvalidTokenException::class); $token = $this->createMock(IToken::class); $tokenId = 'token123'; @@ -223,45 +304,71 @@ class PublicKeyTokenProviderTest extends TestCase { $this->tokenProvider->setPassword($token, $tokenId, $password); } - public function testInvalidateToken() { - $this->mapper->expects($this->once()) + public function testInvalidateToken(): void { + $calls = [ + [hash('sha512', 'token7' . '1f4h9s')], + [hash('sha512', 'token7')] + ]; + + $this->mapper->expects($this->exactly(2)) ->method('invalidate') - ->with(hash('sha512', 'token7'.'1f4h9s')); + ->willReturnCallback(function () use (&$calls): void { + $expected = array_shift($calls); + $this->assertEquals($expected, func_get_args()); + }); $this->tokenProvider->invalidateToken('token7'); } - public function testInvaildateTokenById() { + public function testInvalidateTokenById(): void { $id = 123; $this->mapper->expects($this->once()) - ->method('deleteById') - ->with('uid', $id); + ->method('getTokenById') + ->with($id); $this->tokenProvider->invalidateTokenById('uid', $id); } - public function testInvalidateOldTokens() { + public function testInvalidateOldTokens(): void { $defaultSessionLifetime = 60 * 60 * 24; $defaultRememberMeLifetime = 60 * 60 * 24 * 15; - $this->config->expects($this->exactly(2)) - ->method('getSystemValue') + $wipeTokenLifetime = 60 * 60 * 24 * 60; + $this->config->expects($this->exactly(4)) + ->method('getSystemValueInt') ->willReturnMap([ ['session_lifetime', $defaultSessionLifetime, 150], ['remember_login_cookie_lifetime', $defaultRememberMeLifetime, 300], + ['token_auth_wipe_token_retention', $wipeTokenLifetime, 500], + ['token_auth_token_retention', 60 * 60 * 24 * 365, 800], ]); - $this->mapper->expects($this->exactly(2)) + + $calls = [ + [$this->time - 150, IToken::TEMPORARY_TOKEN, IToken::DO_NOT_REMEMBER], + [$this->time - 300, IToken::TEMPORARY_TOKEN, IToken::REMEMBER], + [$this->time - 500, IToken::WIPE_TOKEN, null], + [$this->time - 800, IToken::PERMANENT_TOKEN, null], + ]; + $this->mapper->expects($this->exactly(4)) ->method('invalidateOld') - ->withConsecutive( - [$this->time - 150], - [$this->time - 300] - ); + ->willReturnCallback(function () use (&$calls): void { + $expected = array_shift($calls); + $this->assertEquals($expected, func_get_args()); + }); $this->tokenProvider->invalidateOldTokens(); } - public function testRenewSessionTokenWithoutPassword() { - $token = 'oldId'; + public function testInvalidateLastUsedBefore(): void { + $this->mapper->expects($this->once()) + ->method('invalidateLastUsedBefore') + ->with('user', 946684800); + + $this->tokenProvider->invalidateLastUsedBefore('user', 946684800); + } + + public function testRenewSessionTokenWithoutPassword(): void { + $token = 'oldIdtokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = null; @@ -273,18 +380,18 @@ class PublicKeyTokenProviderTest extends TestCase { $this->mapper ->expects($this->once()) ->method('getToken') - ->with(hash('sha512', 'oldId' . '1f4h9s')) + ->with(hash('sha512', 'oldIdtokentokentokentoken' . '1f4h9s')) ->willReturn($oldToken); $this->mapper ->expects($this->once()) ->method('insert') ->with($this->callback(function (PublicKeyToken $token) use ($user, $uid, $name) { - return $token->getUID() === $uid && - $token->getLoginName() === $user && - $token->getName() === $name && - $token->getType() === IToken::DO_NOT_REMEMBER && - $token->getLastActivity() === $this->time && - $token->getPassword() === null; + return $token->getUID() === $uid + && $token->getLoginName() === $user + && $token->getName() === $name + && $token->getType() === IToken::DO_NOT_REMEMBER + && $token->getLastActivity() === $this->time + && $token->getPassword() === null; })); $this->mapper ->expects($this->once()) @@ -293,47 +400,51 @@ class PublicKeyTokenProviderTest extends TestCase { return $token === $oldToken; })); - $this->tokenProvider->renewSessionToken('oldId', 'newId'); + $this->tokenProvider->renewSessionToken('oldIdtokentokentokentoken', 'newIdtokentokentokentoken'); } - public function testRenewSessionTokenWithPassword() { - $token = 'oldId'; + public function testRenewSessionTokenWithPassword(): void { + $token = 'oldIdtokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'password'; $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $oldToken = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); $this->mapper ->expects($this->once()) ->method('getToken') - ->with(hash('sha512', 'oldId' . '1f4h9s')) + ->with(hash('sha512', 'oldIdtokentokentokentoken' . '1f4h9s')) ->willReturn($oldToken); $this->mapper ->expects($this->once()) ->method('insert') - ->with($this->callback(function (PublicKeyToken $token) use ($user, $uid, $name) { - return $token->getUID() === $uid && - $token->getLoginName() === $user && - $token->getName() === $name && - $token->getType() === IToken::DO_NOT_REMEMBER && - $token->getLastActivity() === $this->time && - $token->getPassword() !== null && - $this->tokenProvider->getPassword($token, 'newId') === 'password'; + ->with($this->callback(function (PublicKeyToken $token) use ($user, $uid, $name): bool { + return $token->getUID() === $uid + && $token->getLoginName() === $user + && $token->getName() === $name + && $token->getType() === IToken::DO_NOT_REMEMBER + && $token->getLastActivity() === $this->time + && $token->getPassword() !== null + && $this->tokenProvider->getPassword($token, 'newIdtokentokentokentoken') === 'password'; })); $this->mapper ->expects($this->once()) ->method('delete') - ->with($this->callback(function ($token) use ($oldToken) { + ->with($this->callback(function ($token) use ($oldToken): bool { return $token === $oldToken; })); - $this->tokenProvider->renewSessionToken('oldId', 'newId'); + $this->tokenProvider->renewSessionToken('oldIdtokentokentokentoken', 'newIdtokentokentokentoken'); } - public function testGetToken() { + public function testGetToken(): void { $token = new PublicKeyToken(); $this->config->method('getSystemValue') @@ -343,28 +454,33 @@ class PublicKeyTokenProviderTest extends TestCase { $this->mapper->method('getToken') ->with( $this->callback(function (string $token) { - return hash('sha512', 'unhashedToken'.'1f4h9s') === $token; + return hash('sha512', 'unhashedTokentokentokentokentoken' . '1f4h9s') === $token; }) )->willReturn($token); - $this->assertSame($token, $this->tokenProvider->getToken('unhashedToken')); + $this->assertSame($token, $this->tokenProvider->getToken('unhashedTokentokentokentokentoken')); } - public function testGetInvalidToken() { + public function testGetInvalidToken(): void { $this->expectException(InvalidTokenException::class); - $this->mapper->method('getToken') - ->with( - $this->callback(function (string $token) { - return hash('sha512', 'unhashedToken'.'1f4h9s') === $token; - }) - )->willThrowException(new DoesNotExistException('nope')); + $calls = [ + 'unhashedTokentokentokentokentoken' . '1f4h9s', + 'unhashedTokentokentokentokentoken', + ]; + $this->mapper->expects($this->exactly(2)) + ->method('getToken') + ->willReturnCallback(function (string $token) use (&$calls): void { + $expected = array_shift($calls); + $this->assertEquals(hash('sha512', $expected), $token); + throw new DoesNotExistException('nope'); + }); - $this->tokenProvider->getToken('unhashedToken'); + $this->tokenProvider->getToken('unhashedTokentokentokentokentoken'); } - public function testGetExpiredToken() { - $token = 'token'; + public function testGetExpiredToken(): void { + $token = 'tokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'passme'; @@ -377,19 +493,19 @@ class PublicKeyTokenProviderTest extends TestCase { $this->mapper->method('getToken') ->with( $this->callback(function (string $token) { - return hash('sha512', 'token'.'1f4h9s') === $token; + return hash('sha512', 'tokentokentokentokentoken' . '1f4h9s') === $token; }) )->willReturn($actual); try { - $this->tokenProvider->getToken('token'); + $this->tokenProvider->getToken('tokentokentokentokentoken'); $this->fail(); } catch (ExpiredTokenException $e) { $this->assertSame($actual, $e->getToken()); } } - public function testGetTokenById() { + public function testGetTokenById(): void { $token = $this->createMock(PublicKeyToken::class); $this->mapper->expects($this->once()) @@ -400,7 +516,7 @@ class PublicKeyTokenProviderTest extends TestCase { $this->assertSame($token, $this->tokenProvider->getTokenById(42)); } - public function testGetInvalidTokenById() { + public function testGetInvalidTokenById(): void { $this->expectException(InvalidTokenException::class); $this->mapper->expects($this->once()) @@ -411,7 +527,7 @@ class PublicKeyTokenProviderTest extends TestCase { $this->tokenProvider->getTokenById(42); } - public function testGetExpiredTokenById() { + public function testGetExpiredTokenById(): void { $token = new PublicKeyToken(); $token->setExpires(42); @@ -428,23 +544,27 @@ class PublicKeyTokenProviderTest extends TestCase { } } - public function testRotate() { - $token = 'oldtoken'; + public function testRotate(): void { + $token = 'oldtokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = 'password'; $name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12'; $type = IToken::PERMANENT_TOKEN; + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); - $new = $this->tokenProvider->rotate($actual, 'oldtoken', 'newtoken'); + $new = $this->tokenProvider->rotate($actual, 'oldtokentokentokentokentoken', 'newtokentokentokentokentoken'); - $this->assertSame('password', $this->tokenProvider->getPassword($new, 'newtoken')); + $this->assertSame('password', $this->tokenProvider->getPassword($new, 'newtokentokentokentokentoken')); } - public function testRotateNoPassword() { - $token = 'oldtoken'; + public function testRotateNoPassword(): void { + $token = 'oldtokentokentokentokentoken'; $uid = 'user'; $user = 'User'; $password = null; @@ -455,7 +575,7 @@ class PublicKeyTokenProviderTest extends TestCase { $oldPrivate = $actual->getPrivateKey(); - $new = $this->tokenProvider->rotate($actual, 'oldtoken', 'newtoken'); + $new = $this->tokenProvider->rotate($actual, 'oldtokentokentokentokentoken', 'newtokentokentokentokentoken'); $newPrivate = $new->getPrivateKey(); @@ -463,7 +583,7 @@ class PublicKeyTokenProviderTest extends TestCase { $this->assertNull($new->getPassword()); } - public function testMarkPasswordInvalidInvalidToken() { + public function testMarkPasswordInvalidInvalidToken(): void { $token = $this->createMock(IToken::class); $this->expectException(InvalidTokenException::class); @@ -471,7 +591,7 @@ class PublicKeyTokenProviderTest extends TestCase { $this->tokenProvider->markPasswordInvalid($token, 'tokenId'); } - public function testMarkPasswordInvalid() { + public function testMarkPasswordInvalid(): void { $token = $this->createMock(PublicKeyToken::class); $token->expects($this->once()) @@ -484,10 +604,10 @@ class PublicKeyTokenProviderTest extends TestCase { $this->tokenProvider->markPasswordInvalid($token, 'tokenId'); } - public function testUpdatePasswords() { + public function testUpdatePasswords(): void { $uid = 'myUID'; $token1 = $this->tokenProvider->generateToken( - 'foo', + 'foobetokentokentokentoken', $uid, $uid, 'bar', @@ -495,13 +615,17 @@ class PublicKeyTokenProviderTest extends TestCase { IToken::PERMANENT_TOKEN, IToken::REMEMBER); $token2 = $this->tokenProvider->generateToken( - 'foobar', + 'foobartokentokentokentoken', $uid, $uid, 'bar', 'random2', IToken::PERMANENT_TOKEN, IToken::REMEMBER); + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $this->mapper->method('hasExpiredTokens') ->with($uid) |