1 files changed, 42 insertions, 0 deletions

diff --git a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php
index a2128e0fd4c..ee98f649443 100644
--- a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php
+++ b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php
@@ -416,4 +416,46 @@ class DefaultTokenProviderTest extends TestCase {
 
 		$this->tokenProvider->getTokenById(42);
 	}
+
+	public function testRotate() {
+		$token = new DefaultToken();
+		$token->setPassword('oldencryptedpassword');
+
+		$this->config->method('getSystemValue')
+			->with('secret')
+			->willReturn('mysecret');
+
+		$this->crypto->method('decrypt')
+			->with('oldencryptedpassword', 'oldtokenmysecret')
+			->willReturn('mypassword');
+		$this->crypto->method('encrypt')
+			->with('mypassword', 'newtokenmysecret')
+			->willReturn('newencryptedpassword');
+
+		$this->mapper->expects($this->once())
+			->method('update')
+			->with($this->callback(function (DefaultToken $token) {
+				return $token->getPassword() === 'newencryptedpassword' &&
+					$token->getToken() === hash('sha512', 'newtokenmysecret');
+			}));
+
+		$this->tokenProvider->rotate($token, 'oldtoken', 'newtoken');
+	}
+
+	public function testRotateNoPassword() {
+		$token = new DefaultToken();
+
+		$this->config->method('getSystemValue')
+			->with('secret')
+			->willReturn('mysecret');
+
+		$this->mapper->expects($this->once())
+			->method('update')
+			->with($this->callback(function (DefaultToken $token) {
+				return $token->getPassword() === null &&
+					$token->getToken() === hash('sha512', 'newtokenmysecret');
+			}));
+
+		$this->tokenProvider->rotate($token, 'oldtoken', 'newtoken');
+	}
 }