search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Move ResultWrapper subclasses to Rdbms
[mediawiki.git] / tests / phpunit / includes / auth / AbstractPasswordPrimaryAuthenticationProviderTest.php
bloba57682b66ea3e77889927e3c64ccda0b8f508b10
1 <?php
2
3 namespace MediaWiki\Auth;
4
5 use MediaWiki\MediaWikiServices;
6
7 /**
8 * @group AuthManager
9 * @covers MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider
10 */
11 class AbstractPasswordPrimaryAuthenticationProviderTest extends \MediaWikiTestCase {
12 public function testConstructor() {
13 $provider = $this->getMockForAbstractClass(
14 AbstractPasswordPrimaryAuthenticationProvider::class
15 );
16 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
17 $this->assertTrue( $providerPriv->authoritative );
18
19 $provider = $this->getMockForAbstractClass(
20 AbstractPasswordPrimaryAuthenticationProvider::class,
21 [ [ 'authoritative' => false ] ]
22 );
23 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
24 $this->assertFalse( $providerPriv->authoritative );
25 }
26
27 public function testGetPasswordFactory() {
28 $provider = $this->getMockForAbstractClass(
29 AbstractPasswordPrimaryAuthenticationProvider::class
30 );
31 $provider->setConfig( MediaWikiServices::getInstance()->getMainConfig() );
32 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
33
34 $obj = $providerPriv->getPasswordFactory();
35 $this->assertInstanceOf( 'PasswordFactory', $obj );
36 $this->assertSame( $obj, $providerPriv->getPasswordFactory() );
37 }
38
39 public function testGetPassword() {
40 $provider = $this->getMockForAbstractClass(
41 AbstractPasswordPrimaryAuthenticationProvider::class
42 );
43 $provider->setConfig( MediaWikiServices::getInstance()->getMainConfig() );
44 $provider->setLogger( new \Psr\Log\NullLogger() );
45 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
46
47 $obj = $providerPriv->getPassword( null );
48 $this->assertInstanceOf( 'Password', $obj );
49
50 $obj = $providerPriv->getPassword( 'invalid' );
51 $this->assertInstanceOf( 'Password', $obj );
52 }
53
54 public function testGetNewPasswordExpiry() {
55 $config = new \HashConfig;
56 $provider = $this->getMockForAbstractClass(
57 AbstractPasswordPrimaryAuthenticationProvider::class
58 );
59 $provider->setConfig( new \MultiConfig( [
60 $config,
61 MediaWikiServices::getInstance()->getMainConfig()
62 ] ) );
63 $provider->setLogger( new \Psr\Log\NullLogger() );
64 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
65
66 $this->mergeMwGlobalArrayValue( 'wgHooks', [ 'ResetPasswordExpiration' => [] ] );
67
68 $config->set( 'PasswordExpirationDays', 0 );
69 $this->assertNull( $providerPriv->getNewPasswordExpiry( 'UTSysop' ) );
70
71 $config->set( 'PasswordExpirationDays', 5 );
72 $this->assertEquals(
73 time() + 5 * 86400,
74 wfTimestamp( TS_UNIX, $providerPriv->getNewPasswordExpiry( 'UTSysop' ) ),
75 '',
76 2 /* Fuzz */
77 );
78
79 $this->mergeMwGlobalArrayValue( 'wgHooks', [
80 'ResetPasswordExpiration' => [ function ( $user, &$expires ) {
81 $this->assertSame( 'UTSysop', $user->getName() );
82 $expires = '30001231235959';
83 } ]
84 ] );
85 $this->assertEquals( '30001231235959', $providerPriv->getNewPasswordExpiry( 'UTSysop' ) );
86 }
87
88 public function testCheckPasswordValidity() {
89 $uppCalled = 0;
90 $uppStatus = \Status::newGood();
91 $this->setMwGlobals( [
92 'wgPasswordPolicy' => [
93 'policies' => [
94 'default' => [
95 'Check' => true,
96 ],
97 ],
98 'checks' => [
99 'Check' => function () use ( &$uppCalled, &$uppStatus ) {
100 $uppCalled++;
101 return $uppStatus;
102 },
103 ],
104 ]
105 ] );
106
107 $provider = $this->getMockForAbstractClass(
108 AbstractPasswordPrimaryAuthenticationProvider::class
109 );
110 $provider->setConfig( MediaWikiServices::getInstance()->getMainConfig() );
111 $provider->setLogger( new \Psr\Log\NullLogger() );
112 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
113
114 $this->assertEquals( $uppStatus, $providerPriv->checkPasswordValidity( 'foo', 'bar' ) );
115
116 $uppStatus->fatal( 'arbitrary-warning' );
117 $this->assertEquals( $uppStatus, $providerPriv->checkPasswordValidity( 'foo', 'bar' ) );
118 }
119
120 public function testSetPasswordResetFlag() {
121 $config = new \HashConfig( [
122 'InvalidPasswordReset' => true,
123 ] );
124
125 $manager = new AuthManager(
126 new \FauxRequest(),
127 MediaWikiServices::getInstance()->getMainConfig()
128 );
129
130 $provider = $this->getMockForAbstractClass(
131 AbstractPasswordPrimaryAuthenticationProvider::class
132 );
133 $provider->setConfig( $config );
134 $provider->setLogger( new \Psr\Log\NullLogger() );
135 $provider->setManager( $manager );
136 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
137
138 $manager->removeAuthenticationSessionData( null );
139 $status = \Status::newGood();
140 $providerPriv->setPasswordResetFlag( 'Foo', $status );
141 $this->assertNull( $manager->getAuthenticationSessionData( 'reset-pass' ) );
142
143 $manager->removeAuthenticationSessionData( null );
144 $status = \Status::newGood();
145 $status->error( 'testing' );
146 $providerPriv->setPasswordResetFlag( 'Foo', $status );
147 $ret = $manager->getAuthenticationSessionData( 'reset-pass' );
148 $this->assertNotNull( $ret );
149 $this->assertSame( 'resetpass-validity-soft', $ret->msg->getKey() );
150 $this->assertFalse( $ret->hard );
151
152 $config->set( 'InvalidPasswordReset', false );
153 $manager->removeAuthenticationSessionData( null );
154 $providerPriv->setPasswordResetFlag( 'Foo', $status );
155 $ret = $manager->getAuthenticationSessionData( 'reset-pass' );
156 $this->assertNull( $ret );
157 }
158
159 public function testFailResponse() {
160 $provider = $this->getMockForAbstractClass(
161 AbstractPasswordPrimaryAuthenticationProvider::class,
162 [ [ 'authoritative' => false ] ]
163 );
164 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
165
166 $req = new PasswordAuthenticationRequest;
167
168 $ret = $providerPriv->failResponse( $req );
169 $this->assertSame( AuthenticationResponse::ABSTAIN, $ret->status );
170
171 $provider = $this->getMockForAbstractClass(
172 AbstractPasswordPrimaryAuthenticationProvider::class,
173 [ [ 'authoritative' => true ] ]
174 );
175 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
176
177 $req->password = '';
178 $ret = $providerPriv->failResponse( $req );
179 $this->assertSame( AuthenticationResponse::FAIL, $ret->status );
180 $this->assertSame( 'wrongpasswordempty', $ret->message->getKey() );
181
182 $req->password = 'X';
183 $ret = $providerPriv->failResponse( $req );
184 $this->assertSame( AuthenticationResponse::FAIL, $ret->status );
185 $this->assertSame( 'wrongpassword', $ret->message->getKey() );
186 }
187
188 /**
189 * @dataProvider provideGetAuthenticationRequests
190 * @param string $action
191 * @param array $response
192 */
193 public function testGetAuthenticationRequests( $action, $response ) {
194 $provider = $this->getMockForAbstractClass(
195 AbstractPasswordPrimaryAuthenticationProvider::class
196 );
197
198 $this->assertEquals( $response, $provider->getAuthenticationRequests( $action, [] ) );
199 }
200
201 public static function provideGetAuthenticationRequests() {
202 return [
203 [ AuthManager::ACTION_LOGIN, [ new PasswordAuthenticationRequest() ] ],
204 [ AuthManager::ACTION_CREATE, [ new PasswordAuthenticationRequest() ] ],
205 [ AuthManager::ACTION_LINK, [] ],
206 [ AuthManager::ACTION_CHANGE, [ new PasswordAuthenticationRequest() ] ],
207 [ AuthManager::ACTION_REMOVE, [ new PasswordAuthenticationRequest() ] ],
208 ];
209 }
210
211 public function testProviderRevokeAccessForUser() {
212 $req = new PasswordAuthenticationRequest;
213 $req->action = AuthManager::ACTION_REMOVE;
214 $req->username = 'foo';
215 $req->password = null;
216
217 $provider = $this->getMockForAbstractClass(
218 AbstractPasswordPrimaryAuthenticationProvider::class
219 );
220 $provider->expects( $this->once() )
221 ->method( 'providerChangeAuthenticationData' )
222 ->with( $this->equalTo( $req ) );
223
224 $provider->providerRevokeAccessForUser( 'foo' );
225 }
226
227 }
MediaWiki Core