class UserAuthTest

Same name in other branches
  1. 8.9.x core/modules/user/tests/src/Unit/UserAuthTest.php \Drupal\Tests\user\Unit\UserAuthTest
  2. 10 core/modules/user/tests/src/Unit/UserAuthTest.php \Drupal\Tests\user\Unit\UserAuthTest
  3. 11.x core/modules/user/tests/src/Unit/UserAuthTest.php \Drupal\Tests\user\Unit\UserAuthTest

@coversDefaultClass \Drupal\user\UserAuth @group user

Hierarchy

Expanded class hierarchy of UserAuthTest

File

core/modules/user/tests/src/Unit/UserAuthTest.php, line 20

Namespace

Drupal\Tests\user\Unit
View source 
class UserAuthTest extends UnitTestCase {
    
    /**
     * The mock user storage.
     *
     * @var \Drupal\Core\Entity\EntityStorageInterface|\PHPUnit\Framework\MockObject\MockObject
     */
    protected $userStorage;
    
    /**
     * The mocked password service.
     *
     * @var \Drupal\Core\Password\PasswordInterface|\PHPUnit\Framework\MockObject\MockObject
     */
    protected $passwordService;
    
    /**
     * The mock user.
     *
     * @var \Drupal\user\Entity\User|\PHPUnit\Framework\MockObject\MockObject
     */
    protected $testUser;
    
    /**
     * The user auth object under test.
     *
     * @var \Drupal\user\UserAuth
     */
    protected $userAuth;
    
    /**
     * The test username.
     *
     * @var string
     */
    protected $username = 'test_user';
    
    /**
     * The test password.
     *
     * @var string
     */
    protected $password = 'password';
    
    /**
     * {@inheritdoc}
     */
    protected function setUp() : void {
        $this->userStorage = $this->createMock('Drupal\\Core\\Entity\\EntityStorageInterface');
        
        /** @var \Drupal\Core\Entity\EntityTypeManagerInterface|\PHPUnit\Framework\MockObject\MockObject $entity_type_manager */
        $entity_type_manager = $this->createMock(EntityTypeManagerInterface::class);
        $entity_type_manager->expects($this->any())
            ->method('getStorage')
            ->with('user')
            ->willReturn($this->userStorage);
        $this->passwordService = $this->createMock('Drupal\\Core\\Password\\PasswordInterface');
        $this->testUser = $this->getMockBuilder('Drupal\\user\\Entity\\User')
            ->disableOriginalConstructor()
            ->onlyMethods([
            'id',
            'setPassword',
            'save',
            'getPassword',
        ])
            ->getMock();
        $this->userAuth = new UserAuth($entity_type_manager, $this->passwordService);
    }
    
    /**
     * Tests failing authentication with missing credential parameters.
     *
     * @covers ::authenticate
     *
     * @dataProvider providerTestAuthenticateWithMissingCredentials
     */
    public function testAuthenticateWithMissingCredentials($username, $password) {
        $this->userStorage
            ->expects($this->never())
            ->method('loadByProperties');
        $this->assertFalse($this->userAuth
            ->authenticate($username, $password));
    }
    
    /**
     * Data provider for testAuthenticateWithMissingCredentials().
     *
     * @return array
     */
    public function providerTestAuthenticateWithMissingCredentials() {
        return [
            [
                NULL,
                NULL,
            ],
            [
                NULL,
                '',
            ],
            [
                '',
                NULL,
            ],
            [
                '',
                '',
            ],
        ];
    }
    
    /**
     * Tests the authenticate method with no account returned.
     *
     * @covers ::authenticate
     */
    public function testAuthenticateWithNoAccountReturned() {
        $this->userStorage
            ->expects($this->once())
            ->method('loadByProperties')
            ->with([
            'name' => $this->username,
        ])
            ->willReturn([]);
        $this->assertFalse($this->userAuth
            ->authenticate($this->username, $this->password));
    }
    
    /**
     * Tests the authenticate method with an incorrect password.
     *
     * @covers ::authenticate
     */
    public function testAuthenticateWithIncorrectPassword() {
        $this->userStorage
            ->expects($this->once())
            ->method('loadByProperties')
            ->with([
            'name' => $this->username,
        ])
            ->willReturn([
            $this->testUser,
        ]);
        $this->passwordService
            ->expects($this->once())
            ->method('check')
            ->with($this->password, $this->testUser
            ->getPassword())
            ->willReturn(FALSE);
        $this->assertFalse($this->userAuth
            ->authenticate($this->username, $this->password));
    }
    
    /**
     * Tests the authenticate method with a correct password.
     *
     * @covers ::authenticate
     */
    public function testAuthenticateWithCorrectPassword() {
        $this->testUser
            ->expects($this->once())
            ->method('id')
            ->willReturn(1);
        $this->userStorage
            ->expects($this->once())
            ->method('loadByProperties')
            ->with([
            'name' => $this->username,
        ])
            ->willReturn([
            $this->testUser,
        ]);
        $this->passwordService
            ->expects($this->once())
            ->method('check')
            ->with($this->password, $this->testUser
            ->getPassword())
            ->willReturn(TRUE);
        $this->assertSame(1, $this->userAuth
            ->authenticate($this->username, $this->password));
    }
    
    /**
     * Tests the authenticate method with a correct password.
     *
     * We discovered in https://www.drupal.org/node/2563751 that logging in with a
     * password that is literally "0" was not possible. This test ensures that
     * this regression can't happen again.
     *
     * @covers ::authenticate
     */
    public function testAuthenticateWithZeroPassword() {
        $this->testUser
            ->expects($this->once())
            ->method('id')
            ->willReturn(2);
        $this->userStorage
            ->expects($this->once())
            ->method('loadByProperties')
            ->with([
            'name' => $this->username,
        ])
            ->willReturn([
            $this->testUser,
        ]);
        $this->passwordService
            ->expects($this->once())
            ->method('check')
            ->with(0, 0)
            ->willReturn(TRUE);
        $this->assertSame(2, $this->userAuth
            ->authenticate($this->username, 0));
    }
    
    /**
     * Tests the authenticate method with a correct password & new password hash.
     *
     * @covers ::authenticate
     */
    public function testAuthenticateWithCorrectPasswordAndNewPasswordHash() {
        $this->testUser
            ->expects($this->once())
            ->method('id')
            ->willReturn(1);
        $this->testUser
            ->expects($this->once())
            ->method('setPassword')
            ->with($this->password);
        $this->testUser
            ->expects($this->once())
            ->method('save');
        $this->userStorage
            ->expects($this->once())
            ->method('loadByProperties')
            ->with([
            'name' => $this->username,
        ])
            ->willReturn([
            $this->testUser,
        ]);
        $this->passwordService
            ->expects($this->once())
            ->method('check')
            ->with($this->password, $this->testUser
            ->getPassword())
            ->willReturn(TRUE);
        $this->passwordService
            ->expects($this->once())
            ->method('needsRehash')
            ->with($this->testUser
            ->getPassword())
            ->willReturn(TRUE);
        $this->assertSame(1, $this->userAuth
            ->authenticate($this->username, $this->password));
    }
    
    /**
     * Tests the auth that ends in a redirect from subdomain to TLD.
     */
    public function testAddCheckToUrlForTrustedRedirectResponse() : void {
        $site_domain = 'site.com';
        $frontend_url = "https://{$site_domain}";
        $backend_url = "https://api.{$site_domain}";
        $request = Request::create($backend_url);
        $response = new TrustedRedirectResponse($frontend_url);
        $request_context = $this->createMock(RequestContext::class);
        $request_context->method('getCompleteBaseUrl')
            ->willReturn($backend_url);
        $container = new ContainerBuilder();
        $container->set('router.request_context', $request_context);
        \Drupal::setContainer($container);
        $session_mock = $this->createMock(SessionInterface::class);
        $session_mock->expects($this->once())
            ->method('has')
            ->with('check_logged_in')
            ->willReturn(TRUE);
        $session_mock->expects($this->once())
            ->method('remove')
            ->with('check_logged_in');
        $event_mock = $this->createMock(ResponseEvent::class);
        $event_mock->expects($this->once())
            ->method('getResponse')
            ->willReturn($response);
        $event_mock->expects($this->exactly(3))
            ->method('getRequest')
            ->willReturn($request);
        $request->setSession($session_mock);
        $this->getMockBuilder(Cookie::class)
            ->disableOriginalConstructor()
            ->onlyMethods([])
            ->getMock()
            ->addCheckToUrl($event_mock);
        $this->assertSame("{$frontend_url}?check_logged_in=1", $response->getTargetUrl());
    }
    
    /**
     * Tests the auth that ends in a redirect from subdomain with a fragment to TLD.
     */
    public function testAddCheckToUrlForTrustedRedirectResponseWithFragment() : void {
        $site_domain = 'site.com';
        $frontend_url = "https://{$site_domain}";
        $backend_url = "https://api.{$site_domain}";
        $request = Request::create($backend_url);
        $response = new TrustedRedirectResponse($frontend_url . '#a_fragment');
        $request_context = $this->createMock(RequestContext::class);
        $request_context->method('getCompleteBaseUrl')
            ->willReturn($backend_url);
        $container = new ContainerBuilder();
        $container->set('router.request_context', $request_context);
        \Drupal::setContainer($container);
        $session_mock = $this->createMock(SessionInterface::class);
        $session_mock->expects($this->once())
            ->method('has')
            ->with('check_logged_in')
            ->willReturn(TRUE);
        $session_mock->expects($this->once())
            ->method('remove')
            ->with('check_logged_in');
        $event_mock = $this->createMock(ResponseEvent::class);
        $event_mock->expects($this->once())
            ->method('getResponse')
            ->willReturn($response);
        $event_mock->expects($this->exactly(3))
            ->method('getRequest')
            ->willReturn($request);
        $request->setSession($session_mock);
        $this->getMockBuilder(Cookie::class)
            ->disableOriginalConstructor()
            ->onlyMethods([])
            ->getMock()
            ->addCheckToUrl($event_mock);
        $this->assertSame("{$frontend_url}?check_logged_in=1#a_fragment", $response->getTargetUrl());
    }

}

Members

Title Deprecated Modifiers Object type Summary Overriden Title Overrides
PhpUnitWarnings::$deprecationWarnings private static property Deprecation warnings from PHPUnit to raise with @trigger_error().
PhpUnitWarnings::addWarning public function Converts PHPUnit deprecation warnings to E_USER_DEPRECATED.
UnitTestCase::$randomGenerator protected property The random generator.
UnitTestCase::$root protected property The app root. 1
UnitTestCase::assertArrayEquals Deprecated protected function Asserts if two arrays are equal by sorting them first.
UnitTestCase::getClassResolverStub protected function Returns a stub class resolver.
UnitTestCase::getConfigFactoryStub public function Returns a stub config factory that behaves according to the passed array.
UnitTestCase::getConfigStorageStub public function Returns a stub config storage that returns the supplied configuration.
UnitTestCase::getContainerWithCacheTagsInvalidator protected function Sets up a container with a cache tags invalidator.
UnitTestCase::getRandomGenerator protected function Gets the random generator for the utility methods.
UnitTestCase::getStringTranslationStub public function Returns a stub translation manager that just returns the passed string.
UnitTestCase::randomMachineName public function Generates a unique random string containing letters and numbers.
UnitTestCase::setUpBeforeClass public static function
UserAuthTest::$password protected property The test password.
UserAuthTest::$passwordService protected property The mocked password service.
UserAuthTest::$testUser protected property The mock user.
UserAuthTest::$userAuth protected property The user auth object under test.
UserAuthTest::$username protected property The test username.
UserAuthTest::$userStorage protected property The mock user storage.
UserAuthTest::providerTestAuthenticateWithMissingCredentials public function Data provider for testAuthenticateWithMissingCredentials().
UserAuthTest::setUp protected function Overrides UnitTestCase::setUp
UserAuthTest::testAddCheckToUrlForTrustedRedirectResponse public function Tests the auth that ends in a redirect from subdomain to TLD.
UserAuthTest::testAddCheckToUrlForTrustedRedirectResponseWithFragment public function Tests the auth that ends in a redirect from subdomain with a fragment to TLD.
UserAuthTest::testAuthenticateWithCorrectPassword public function Tests the authenticate method with a correct password.
UserAuthTest::testAuthenticateWithCorrectPasswordAndNewPasswordHash public function Tests the authenticate method with a correct password & new password hash.
UserAuthTest::testAuthenticateWithIncorrectPassword public function Tests the authenticate method with an incorrect password.
UserAuthTest::testAuthenticateWithMissingCredentials public function Tests failing authentication with missing credential parameters.
UserAuthTest::testAuthenticateWithNoAccountReturned public function Tests the authenticate method with no account returned.
UserAuthTest::testAuthenticateWithZeroPassword public function Tests the authenticate method with a correct password.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.