Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\Tests\user\Unit;
Chris@0: 
Chris@18: use Drupal\Core\Entity\EntityTypeManagerInterface;
Chris@0: use Drupal\Tests\UnitTestCase;
Chris@0: use Drupal\user\UserAuth;
Chris@0: 
Chris@0: /**
Chris@0:  * @coversDefaultClass \Drupal\user\UserAuth
Chris@0:  * @group user
Chris@0:  */
Chris@0: class UserAuthTest extends UnitTestCase {
Chris@0: 
Chris@0:   /**
Chris@0:    * The mock user storage.
Chris@0:    *
Chris@0:    * @var \Drupal\Core\Entity\EntityStorageInterface|\PHPUnit_Framework_MockObject_MockObject
Chris@0:    */
Chris@0:   protected $userStorage;
Chris@0: 
Chris@0:   /**
Chris@0:    * The mocked password service.
Chris@0:    *
Chris@0:    * @var \Drupal\Core\Password\PasswordInterface|\PHPUnit_Framework_MockObject_MockObject
Chris@0:    */
Chris@0:   protected $passwordService;
Chris@0: 
Chris@0:   /**
Chris@0:    * The mock user.
Chris@0:    *
Chris@0:    * @var \Drupal\user\Entity\User|\PHPUnit_Framework_MockObject_MockObject
Chris@0:    */
Chris@0:   protected $testUser;
Chris@0: 
Chris@0:   /**
Chris@0:    * The user auth object under test.
Chris@0:    *
Chris@0:    * @var \Drupal\user\UserAuth
Chris@0:    */
Chris@0:   protected $userAuth;
Chris@0: 
Chris@0:   /**
Chris@0:    * The test username.
Chris@0:    *
Chris@0:    * @var string
Chris@0:    */
Chris@0:   protected $username = 'test_user';
Chris@0: 
Chris@0:   /**
Chris@0:    * The test password.
Chris@0:    *
Chris@0:    * @var string
Chris@0:    */
Chris@0:   protected $password = 'password';
Chris@0: 
Chris@0:   /**
Chris@0:    * {@inheritdoc}
Chris@0:    */
Chris@0:   protected function setUp() {
Chris@0:     $this->userStorage = $this->getMock('Drupal\Core\Entity\EntityStorageInterface');
Chris@0: 
Chris@18:     /** @var \Drupal\Core\Entity\EntityTypeManagerInterface|\PHPUnit_Framework_MockObject_MockObject $entity_type_manager */
Chris@18:     $entity_type_manager = $this->createMock(EntityTypeManagerInterface::class);
Chris@18:     $entity_type_manager->expects($this->any())
Chris@0:       ->method('getStorage')
Chris@0:       ->with('user')
Chris@0:       ->will($this->returnValue($this->userStorage));
Chris@0: 
Chris@0:     $this->passwordService = $this->getMock('Drupal\Core\Password\PasswordInterface');
Chris@0: 
Chris@0:     $this->testUser = $this->getMockBuilder('Drupal\user\Entity\User')
Chris@0:       ->disableOriginalConstructor()
Chris@0:       ->setMethods(['id', 'setPassword', 'save', 'getPassword'])
Chris@0:       ->getMock();
Chris@0: 
Chris@18:     $this->userAuth = new UserAuth($entity_type_manager, $this->passwordService);
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Tests failing authentication with missing credential parameters.
Chris@0:    *
Chris@0:    * @covers ::authenticate
Chris@0:    *
Chris@0:    * @dataProvider providerTestAuthenticateWithMissingCredentials
Chris@0:    */
Chris@0:   public function testAuthenticateWithMissingCredentials($username, $password) {
Chris@0:     $this->userStorage->expects($this->never())
Chris@0:       ->method('loadByProperties');
Chris@0: 
Chris@0:     $this->assertFalse($this->userAuth->authenticate($username, $password));
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Data provider for testAuthenticateWithMissingCredentials().
Chris@0:    *
Chris@0:    * @return array
Chris@0:    */
Chris@0:   public function providerTestAuthenticateWithMissingCredentials() {
Chris@0:     return [
Chris@0:       [NULL, NULL],
Chris@0:       [NULL, ''],
Chris@0:       ['', NULL],
Chris@0:       ['', ''],
Chris@0:     ];
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Tests the authenticate method with no account returned.
Chris@0:    *
Chris@0:    * @covers ::authenticate
Chris@0:    */
Chris@0:   public function testAuthenticateWithNoAccountReturned() {
Chris@0:     $this->userStorage->expects($this->once())
Chris@0:       ->method('loadByProperties')
Chris@0:       ->with(['name' => $this->username])
Chris@0:       ->will($this->returnValue([]));
Chris@0: 
Chris@0:     $this->assertFalse($this->userAuth->authenticate($this->username, $this->password));
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Tests the authenticate method with an incorrect password.
Chris@0:    *
Chris@0:    * @covers ::authenticate
Chris@0:    */
Chris@0:   public function testAuthenticateWithIncorrectPassword() {
Chris@0:     $this->userStorage->expects($this->once())
Chris@0:       ->method('loadByProperties')
Chris@0:       ->with(['name' => $this->username])
Chris@0:       ->will($this->returnValue([$this->testUser]));
Chris@0: 
Chris@0:     $this->passwordService->expects($this->once())
Chris@0:       ->method('check')
Chris@0:       ->with($this->password, $this->testUser->getPassword())
Chris@0:       ->will($this->returnValue(FALSE));
Chris@0: 
Chris@0:     $this->assertFalse($this->userAuth->authenticate($this->username, $this->password));
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Tests the authenticate method with a correct password.
Chris@0:    *
Chris@0:    * @covers ::authenticate
Chris@0:    */
Chris@0:   public function testAuthenticateWithCorrectPassword() {
Chris@0:     $this->testUser->expects($this->once())
Chris@0:       ->method('id')
Chris@0:       ->will($this->returnValue(1));
Chris@0: 
Chris@0:     $this->userStorage->expects($this->once())
Chris@0:       ->method('loadByProperties')
Chris@0:       ->with(['name' => $this->username])
Chris@0:       ->will($this->returnValue([$this->testUser]));
Chris@0: 
Chris@0:     $this->passwordService->expects($this->once())
Chris@0:       ->method('check')
Chris@0:       ->with($this->password, $this->testUser->getPassword())
Chris@0:       ->will($this->returnValue(TRUE));
Chris@0: 
Chris@0:     $this->assertsame(1, $this->userAuth->authenticate($this->username, $this->password));
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Tests the authenticate method with a correct password.
Chris@0:    *
Chris@0:    * We discovered in https://www.drupal.org/node/2563751 that logging in with a
Chris@0:    * password that is literally "0" was not possible. This test ensures that
Chris@0:    * this regression can't happen again.
Chris@0:    *
Chris@0:    * @covers ::authenticate
Chris@0:    */
Chris@0:   public function testAuthenticateWithZeroPassword() {
Chris@0:     $this->testUser->expects($this->once())
Chris@0:       ->method('id')
Chris@0:       ->will($this->returnValue(2));
Chris@0: 
Chris@0:     $this->userStorage->expects($this->once())
Chris@0:       ->method('loadByProperties')
Chris@0:       ->with(['name' => $this->username])
Chris@0:       ->will($this->returnValue([$this->testUser]));
Chris@0: 
Chris@0:     $this->passwordService->expects($this->once())
Chris@0:       ->method('check')
Chris@0:       ->with(0, 0)
Chris@0:       ->will($this->returnValue(TRUE));
Chris@0: 
Chris@0:     $this->assertsame(2, $this->userAuth->authenticate($this->username, 0));
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Tests the authenticate method with a correct password and new password hash.
Chris@0:    *
Chris@0:    * @covers ::authenticate
Chris@0:    */
Chris@0:   public function testAuthenticateWithCorrectPasswordAndNewPasswordHash() {
Chris@0:     $this->testUser->expects($this->once())
Chris@0:       ->method('id')
Chris@0:       ->will($this->returnValue(1));
Chris@0:     $this->testUser->expects($this->once())
Chris@0:       ->method('setPassword')
Chris@0:       ->with($this->password);
Chris@0:     $this->testUser->expects($this->once())
Chris@0:       ->method('save');
Chris@0: 
Chris@0:     $this->userStorage->expects($this->once())
Chris@0:       ->method('loadByProperties')
Chris@0:       ->with(['name' => $this->username])
Chris@0:       ->will($this->returnValue([$this->testUser]));
Chris@0: 
Chris@0:     $this->passwordService->expects($this->once())
Chris@0:       ->method('check')
Chris@0:       ->with($this->password, $this->testUser->getPassword())
Chris@0:       ->will($this->returnValue(TRUE));
Chris@0:     $this->passwordService->expects($this->once())
Chris@0:       ->method('needsRehash')
Chris@0:       ->with($this->testUser->getPassword())
Chris@0:       ->will($this->returnValue(TRUE));
Chris@0: 
Chris@0:     $this->assertsame(1, $this->userAuth->authenticate($this->username, $this->password));
Chris@0:   }
Chris@0: 
Chris@0: }