Unit tests for password hashing API.
Legacy tests, deprecated in drupal:10.1.0 and removed from drupal:11.0.0 as soon as PhpassHashedPassword::__construct() with $corePassword parameter is enforced to be an instance of Drupal\Core\Password\PhpPassword.
@coversDefaultClass \Drupal\phpass\Password\PhpassHashedPassword @group phpass @group legacy
Hierarchy
- class \Drupal\Tests\UnitTestCase extends \PHPUnit\Framework\TestCase uses \Drupal\Tests\PhpUnitCompatibilityTrait, \Prophecy\PhpUnit\ProphecyTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, RandomGeneratorTrait, PhpUnitWarnings
- class \Drupal\Tests\phpass\Unit\LegacyPasswordHashingTest
Expanded class hierarchy of LegacyPasswordHashingTest
See also
https://www.drupal.org/node/3322420
File
- core/
modules/ phpass/ tests/ src/ Unit/ LegacyPasswordHashingTest.php, line 23
Namespace
Drupal\Tests\phpass\UnitView source
class LegacyPasswordHashingTest extends UnitTestCase {
/**
* The raw password.
*
* @var string
*/
protected $password;
/**
* The md5 password.
*
* @var string
*/
protected $md5HashedPassword;
/**
* The hashed password.
*
* @var string
*/
protected $hashedPassword;
/**
* The password hasher under test.
*
* @var \Drupal\Core\Password\PhpassHashedPassword
*/
protected $passwordHasher;
/**
* {@inheritdoc}
*/
protected function setUp() : void {
parent::setUp();
$this
->expectDeprecation('Calling Drupal\\Core\\Password\\PhpassHashedPasswordBase::__construct() with numeric $countLog2 as the first parameter is deprecated in drupal:10.1.0 and is removed from drupal:11.0.0. Use PhpassHashedPasswordInterface::__construct() with $corePassword parameter set to an instance of Drupal\\Core\\Password\\PhpPassword instead. See https://www.drupal.org/node/3322420');
$this->password = $this
->randomMachineName();
$this->passwordHasher = new PhpassHashedPassword(1);
$this->hashedPassword = $this->passwordHasher
->hash($this->password);
$this->md5HashedPassword = 'U' . $this->passwordHasher
->hash(md5($this->password));
}
/**
* Tests a password needs update.
*
* @covers ::needsRehash
*/
public function testPasswordNeedsUpdate() {
// The md5 password should be flagged as needing an update.
$this
->assertTrue($this->passwordHasher
->needsRehash($this->md5HashedPassword), 'Upgraded md5 password hash needs a new hash.');
}
/**
* Tests password hashing.
*
* @covers ::hash
* @covers ::getCountLog2
* @covers ::base64Encode
* @covers ::check
* @covers ::generateSalt
* @covers ::needsRehash
*/
public function testPasswordHashing() {
$this
->assertSame(PhpassHashedPassword::MIN_HASH_COUNT, $this->passwordHasher
->getCountLog2($this->hashedPassword), 'Hashed password has the minimum number of log2 iterations.');
$this
->assertNotEquals($this->hashedPassword, $this->md5HashedPassword, 'Password hashes not the same.');
$this
->assertTrue($this->passwordHasher
->check($this->password, $this->md5HashedPassword), 'Password check succeeds.');
$this
->assertTrue($this->passwordHasher
->check($this->password, $this->hashedPassword), 'Password check succeeds.');
// Since the log2 setting hasn't changed and the user has a valid password,
// userNeedsNewHash() should return FALSE.
$this
->assertFalse($this->passwordHasher
->needsRehash($this->hashedPassword), 'Does not need a new hash.');
}
/**
* Tests password rehashing.
*
* @covers ::__construct
* @covers ::hash
* @covers ::getCountLog2
* @covers ::check
* @covers ::needsRehash
*/
public function testPasswordRehashing() {
// Increment the log2 iteration to MIN + 1.
$password_hasher = new PhpassHashedPassword(PhpassHashedPassword::MIN_HASH_COUNT + 1);
$this
->assertTrue($password_hasher
->needsRehash($this->hashedPassword), 'Needs a new hash after incrementing the log2 count.');
// Re-hash the password.
$rehashed_password = $password_hasher
->hash($this->password);
$this
->assertSame(PhpassHashedPassword::MIN_HASH_COUNT + 1, $password_hasher
->getCountLog2($rehashed_password), 'Re-hashed password has the correct number of log2 iterations.');
$this
->assertNotEquals($rehashed_password, $this->hashedPassword, 'Password hash changed again.');
// Now the hash should be OK.
$this
->assertFalse($password_hasher
->needsRehash($rehashed_password), 'Re-hashed password does not need a new hash.');
$this
->assertTrue($password_hasher
->check($this->password, $rehashed_password), 'Password check succeeds with re-hashed password.');
$this
->assertTrue($this->passwordHasher
->check($this->password, $rehashed_password), 'Password check succeeds with re-hashed password with original hasher.');
}
/**
* Tests password validation when the hash is NULL.
*
* @covers ::check
*/
public function testEmptyHash() : void {
$this
->assertFalse($this->passwordHasher
->check($this->password, NULL));
$this
->assertFalse($this->passwordHasher
->check($this->password, ''));
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
LegacyPasswordHashingTest:: |
protected | property | The hashed password. | |
LegacyPasswordHashingTest:: |
protected | property | The md5 password. | |
LegacyPasswordHashingTest:: |
protected | property | The raw password. | |
LegacyPasswordHashingTest:: |
protected | property | The password hasher under test. | |
LegacyPasswordHashingTest:: |
protected | function |
Overrides UnitTestCase:: |
|
LegacyPasswordHashingTest:: |
public | function | Tests password validation when the hash is NULL. | |
LegacyPasswordHashingTest:: |
public | function | Tests password hashing. | |
LegacyPasswordHashingTest:: |
public | function | Tests a password needs update. | |
LegacyPasswordHashingTest:: |
public | function | Tests password rehashing. | |
PhpUnitWarnings:: |
private static | property | Deprecation warnings from PHPUnit to raise with @trigger_error(). | |
PhpUnitWarnings:: |
public | function | Converts PHPUnit deprecation warnings to E_USER_DEPRECATED. | |
RandomGeneratorTrait:: |
protected | function | Gets the random generator for the utility methods. | |
RandomGeneratorTrait:: |
protected | function | Generates a unique random string containing letters and numbers. | |
RandomGeneratorTrait:: |
public | function | Generates a random PHP object. | |
RandomGeneratorTrait:: |
public | function | Generates a pseudo-random string of ASCII characters of codes 32 to 126. | |
RandomGeneratorTrait:: |
public | function | Callback for random string validation. | |
UnitTestCase:: |
protected | property | The app root. | 1 |
UnitTestCase:: |
protected | function | Returns a stub class resolver. | |
UnitTestCase:: |
public | function | Returns a stub config factory that behaves according to the passed array. | |
UnitTestCase:: |
public | function | Returns a stub config storage that returns the supplied configuration. | |
UnitTestCase:: |
protected | function | Sets up a container with a cache tags invalidator. | |
UnitTestCase:: |
public | function | Returns a stub translation manager that just returns the passed string. | |
UnitTestCase:: |
public static | function | ||
UnitTestCase:: |
public | function |