LegacyPasswordHashingTest | LegacyPasswordHashingTest.php | Drupal 10.3

Unit tests for password hashing API.

Legacy tests, deprecated in drupal:10.1.0 and removed from drupal:11.0.0 as soon as PhpassHashedPassword::__construct() with $corePassword parameter is enforced to be an instance of Drupal\Core\Password\PhpPassword.

@coversDefaultClass \Drupal\phpass\Password\PhpassHashedPassword @group phpass @group legacy

Hierarchy

class \Drupal\Tests\UnitTestCase extends \PHPUnit\Framework\TestCase uses \Drupal\Tests\PhpUnitCompatibilityTrait, \Prophecy\PhpUnit\ProphecyTrait, \Symfony\Bridge\PhpUnit\ExpectDeprecationTrait, RandomGeneratorTrait, PhpUnitWarnings
- class \Drupal\Tests\phpass\Unit\LegacyPasswordHashingTest

Expanded class hierarchy of LegacyPasswordHashingTest

File

core/modules/phpass/tests/src/Unit/LegacyPasswordHashingTest.php, line 23

Namespace

Drupal\Tests\phpass\Unit

View source

class LegacyPasswordHashingTest extends UnitTestCase {

  /**
   * The raw password.
   *
   * @var string
   */
  protected $password;

  /**
   * The md5 password.
   *
   * @var string
   */
  protected $md5HashedPassword;

  /**
   * The hashed password.
   *
   * @var string
   */
  protected $hashedPassword;

  /**
   * The password hasher under test.
   *
   * @var \Drupal\Core\Password\PhpassHashedPassword
   */
  protected $passwordHasher;

  /**
   * {@inheritdoc}
   */
  protected function setUp() : void {
    parent::setUp();
    $this
      ->expectDeprecation('Calling Drupal\\Core\\Password\\PhpassHashedPasswordBase::__construct() with numeric $countLog2 as the first parameter is deprecated in drupal:10.1.0 and is removed from drupal:11.0.0. Use PhpassHashedPasswordInterface::__construct() with $corePassword parameter set to an instance of Drupal\\Core\\Password\\PhpPassword instead. See https://www.drupal.org/node/3322420');
    $this->password = $this
      ->randomMachineName();
    $this->passwordHasher = new PhpassHashedPassword(1);
    $this->hashedPassword = $this->passwordHasher
      ->hash($this->password);
    $this->md5HashedPassword = 'U' . $this->passwordHasher
      ->hash(md5($this->password));
  }

  /**
   * Tests a password needs update.
   *
   * @covers ::needsRehash
   */
  public function testPasswordNeedsUpdate() {

    // The md5 password should be flagged as needing an update.
    $this
      ->assertTrue($this->passwordHasher
      ->needsRehash($this->md5HashedPassword), 'Upgraded md5 password hash needs a new hash.');
  }

  /**
   * Tests password hashing.
   *
   * @covers ::hash
   * @covers ::getCountLog2
   * @covers ::base64Encode
   * @covers ::check
   * @covers ::generateSalt
   * @covers ::needsRehash
   */
  public function testPasswordHashing() {
    $this
      ->assertSame(PhpassHashedPassword::MIN_HASH_COUNT, $this->passwordHasher
      ->getCountLog2($this->hashedPassword), 'Hashed password has the minimum number of log2 iterations.');
    $this
      ->assertNotEquals($this->hashedPassword, $this->md5HashedPassword, 'Password hashes not the same.');
    $this
      ->assertTrue($this->passwordHasher
      ->check($this->password, $this->md5HashedPassword), 'Password check succeeds.');
    $this
      ->assertTrue($this->passwordHasher
      ->check($this->password, $this->hashedPassword), 'Password check succeeds.');

    // Since the log2 setting hasn't changed and the user has a valid password,
    // userNeedsNewHash() should return FALSE.
    $this
      ->assertFalse($this->passwordHasher
      ->needsRehash($this->hashedPassword), 'Does not need a new hash.');
  }

  /**
   * Tests password rehashing.
   *
   * @covers ::__construct
   * @covers ::hash
   * @covers ::getCountLog2
   * @covers ::check
   * @covers ::needsRehash
   */
  public function testPasswordRehashing() {

    // Increment the log2 iteration to MIN + 1.
    $password_hasher = new PhpassHashedPassword(PhpassHashedPassword::MIN_HASH_COUNT + 1);
    $this
      ->assertTrue($password_hasher
      ->needsRehash($this->hashedPassword), 'Needs a new hash after incrementing the log2 count.');

    // Re-hash the password.
    $rehashed_password = $password_hasher
      ->hash($this->password);
    $this
      ->assertSame(PhpassHashedPassword::MIN_HASH_COUNT + 1, $password_hasher
      ->getCountLog2($rehashed_password), 'Re-hashed password has the correct number of log2 iterations.');
    $this
      ->assertNotEquals($rehashed_password, $this->hashedPassword, 'Password hash changed again.');

    // Now the hash should be OK.
    $this
      ->assertFalse($password_hasher
      ->needsRehash($rehashed_password), 'Re-hashed password does not need a new hash.');
    $this
      ->assertTrue($password_hasher
      ->check($this->password, $rehashed_password), 'Password check succeeds with re-hashed password.');
    $this
      ->assertTrue($this->passwordHasher
      ->check($this->password, $rehashed_password), 'Password check succeeds with re-hashed password with original hasher.');
  }

  /**
   * Tests password validation when the hash is NULL.
   *
   * @covers ::check
   */
  public function testEmptyHash() : void {
    $this
      ->assertFalse($this->passwordHasher
      ->check($this->password, NULL));
    $this
      ->assertFalse($this->passwordHasher
      ->check($this->password, ''));
  }

}

Members

Name	Modifiers	Type	Description	Overrides
LegacyPasswordHashingTest::$hashedPassword	protected	property	The hashed password.
LegacyPasswordHashingTest::$md5HashedPassword	protected	property	The md5 password.
LegacyPasswordHashingTest::$password	protected	property	The raw password.
LegacyPasswordHashingTest::$passwordHasher	protected	property	The password hasher under test.
LegacyPasswordHashingTest::setUp	protected	function	Overrides UnitTestCase::setUp
LegacyPasswordHashingTest::testEmptyHash	public	function	Tests password validation when the hash is NULL.
LegacyPasswordHashingTest::testPasswordHashing	public	function	Tests password hashing.
LegacyPasswordHashingTest::testPasswordNeedsUpdate	public	function	Tests a password needs update.
LegacyPasswordHashingTest::testPasswordRehashing	public	function	Tests password rehashing.
PhpUnitWarnings::$deprecationWarnings	private static	property	Deprecation warnings from PHPUnit to raise with @trigger_error().
PhpUnitWarnings::addWarning	public	function	Converts PHPUnit deprecation warnings to E_USER_DEPRECATED.
RandomGeneratorTrait::getRandomGenerator	protected	function	Gets the random generator for the utility methods.
RandomGeneratorTrait::randomMachineName	protected	function	Generates a unique random string containing letters and numbers.
RandomGeneratorTrait::randomObject	public	function	Generates a random PHP object.
RandomGeneratorTrait::randomString	public	function	Generates a pseudo-random string of ASCII characters of codes 32 to 126.
RandomGeneratorTrait::randomStringValidate Deprecated	public	function	Callback for random string validation.
UnitTestCase::$root	protected	property	The app root.	1
UnitTestCase::getClassResolverStub	protected	function	Returns a stub class resolver.
UnitTestCase::getConfigFactoryStub	public	function	Returns a stub config factory that behaves according to the passed array.
UnitTestCase::getConfigStorageStub	public	function	Returns a stub config storage that returns the supplied configuration.
UnitTestCase::getContainerWithCacheTagsInvalidator	protected	function	Sets up a container with a cache tags invalidator.
UnitTestCase::getStringTranslationStub	public	function	Returns a stub translation manager that just returns the passed string.
UnitTestCase::setUpBeforeClass	public static	function
UnitTestCase::__get	public	function

class LegacyPasswordHashingTest

Hierarchy

See also

File

Namespace

Members

Search Drupal 10.3

News items

Our community

Documentation

Drupal code base

Governance of community