<?php
namespace cymapgt\core\application\authentication\UserCredential;
/**
* Generated by PHPUnit_SkeletonGenerator 1.2.1 on 2014-05-17 at 22:36:01.
*/
class UserCredentialManagerTest extends \PHPUnit_Framework_TestCase
{
/**
* @var UserCredentialManager
*/
protected $object;
/**
* Sets up the fixture, for example, opens a network connection.
* This method is called before a test is executed.
*/
protected function setUp()
{
$userProfile = array("username"=>"c.ogana",
"password"=>"m&$1eLe6Ke()",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(
\password_hash('abc', \PASSWORD_DEFAULT),
\password_hash('def', \PASSWORD_DEFAULT),
\password_hash('ghi', \PASSWORD_DEFAULT),
\password_hash('jkl', \PASSWORD_DEFAULT),
\password_hash('mno', \PASSWORD_DEFAULT),
\password_hash('pqr', \PASSWORD_DEFAULT),
\password_hash('stu', \PASSWORD_DEFAULT),
\password_hash('vwx', \PASSWORD_DEFAULT),
\password_hash('xyz', \PASSWORD_DEFAULT)
), //in reality, these are bcrypt hashes
"policyinfo"=>array(
'failed_attempt_count' => 0,
'password_last_changed_datetime' => new \DateTime('2014-05-04'),
'last_login_attempt_datetime' => new \DateTime('2014-05-16 23:45:10')
),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);
$this->object = new UserCredentialManager($userProfile);
}
/**
* Tears down the fixture, for example, closes a network connection.
* This method is called after a test is executed.
*/
protected function tearDown()
{
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getBaseEntropy
*/
public function testGetBaseEntropy()
{
$baseEntropy = $this->object->getBaseEntropy();
$this->assertInternalType('array', $baseEntropy);
$this->assertEquals(5, count($baseEntropy));
$this->assertEquals('min_pass_len', key($baseEntropy));
next($baseEntropy);
$this->assertEquals('uppercase', key($baseEntropy));
next($baseEntropy);
$this->assertEquals('numeric', key($baseEntropy));
next($baseEntropy);
$this->assertEquals('lowercase', key($baseEntropy));
next($baseEntropy);
$this->assertEquals('special', key($baseEntropy));
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getBaseEntropyOverride
*/
public function testGetBaseEntropyOverride()
{
$baseEntropyOverride = $this->object->getBaseEntropyOverride();
$this->assertInternalType('bool', $baseEntropyOverride);
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getBasePasswordPolicy
*/
public function testGetBasePasswordPolicy()
{
$basePasswordPolicy = $this->object->getBasePasswordPolicy();
$this->assertInternalType('array', $basePasswordPolicy);
$this->assertEquals(4, count($basePasswordPolicy));
$this->assertEquals('illegal_attempts_limit', key($basePasswordPolicy));
next($basePasswordPolicy);
$this->assertEquals('password_reset_frequency', key($basePasswordPolicy));
next($basePasswordPolicy);
$this->assertEquals('password_repeat_minimum', key($basePasswordPolicy));
next($basePasswordPolicy);
$this->assertEquals('illegal_attempts_penalty_seconds', key($basePasswordPolicy));
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getUdfEntropy
*/
public function testGetUdfEntropy()
{
$udfEntropy = $this->object->getUdfEntropy();
$this->assertInternalType('array', $udfEntropy);
$this->assertEquals(5, count($udfEntropy));
reset($udfEntropy);
$this->assertEquals('min_pass_len', key($udfEntropy));
next($udfEntropy);
$this->assertEquals('uppercase', key($udfEntropy));
next($udfEntropy);
$this->assertEquals('lowercase', key($udfEntropy));
next($udfEntropy);
$this->assertEquals('numeric', key($udfEntropy));
next($udfEntropy);
$this->assertEquals('special', key($udfEntropy));
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getUdfPasswordPolicy
*/
public function testGetUdfPasswordPolicy()
{
$udfPasswordPolicy = $this->object->getBasePasswordPolicy();
$this->assertInternalType('array', $udfPasswordPolicy);
$this->assertEquals(4, count($udfPasswordPolicy));
$this->assertEquals('illegal_attempts_limit', key($udfPasswordPolicy));
next($udfPasswordPolicy);
$this->assertEquals('password_reset_frequency', key($udfPasswordPolicy));
next($udfPasswordPolicy);
$this->assertEquals('password_repeat_minimum', key($udfPasswordPolicy));
next($udfPasswordPolicy);
$this->assertEquals('illegal_attempts_penalty_seconds', key($udfPasswordPolicy));
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::setBaseEntropyOverride
*/
public function testSetBaseEntropyOverride()
{
$this->object->setBaseEntropyOverride(true);
$baseEntropyOverride = $this->object->getBaseEntropyOverride();
$this->assertInternalType('bool', $baseEntropyOverride);
$this->assertEquals(true, $baseEntropyOverride);
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateEntropy
*/
public function testValidateEntropy()
{
$this->assertInternalType('bool', $this->object->validateEntropy());
$this->assertEquals(true, $this->object->validateEntropy());
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateEntropy
*/
public function testValidateEntropyException() {
$this->setExpectedException('cymapgt\Exception\UserCredentialException','The password does not meet the minimum entropy.');
$userProfileWeak = array("username"=>"c.ogana",
"password"=>"weak_password",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(),
"policyinfo"=>array(),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);
$this->object = new UserCredentialManager($userProfileWeak);
$this->object->validateEntropy();
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateLength
*/
public function testValidateLength() {
$this->assertInternalType('bool', $this->object->validateLength());
$this->assertEquals(true, $this->object->validateLength());
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateLength
*/
public function testValidateLengthException() {
$this->setExpectedException('cymapgt\Exception\UserCredentialException','The password does not meet required length.');
$userProfileWeak = array("username"=>"c.ogana",
"password"=>"tinypw",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(),
"policyinfo"=>array(),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);
$this->object = new UserCredentialManager($userProfileWeak);
$this->object->validateLength();
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicy
*/
public function testValidatePolicyLoginAttemptSuspendedException() {
$this->setExpectedException('cymapgt\Exception\UserCredentialException','The account has exceeded login attempts and is locked.');
$userProfileWeak = array("username"=>"c.ogana",
"password"=>"tinypw",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(),
"policyinfo"=>array('failed_attempt_count' => 4),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_AUTHFAILED);
$this->object = new UserCredentialManager($userProfileWeak);
$this->object->validatePolicy();
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicy
*/
public function testValidatePolicyPasswordExpiredException() {
$this->setExpectedException('cymapgt\Exception\UserCredentialException','The password has expired and must be changed');
$userProfile = array("username"=>"c.ogana",
"password"=>"m&$1eLe6Ke()",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(
), //in reality, these are bcrypt hashes
"policyinfo"=>array(
'failed_attempt_count' => 0,
'password_last_changed_datetime' => new \DateTime('2014-03-01'),
'last_login_attempt_datetime' => new \DateTime('2014-03-01 23:45:10')
),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);
$this->object = new UserCredentialManager($userProfile);
$this->object->validatePolicy();
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicy
*/
public function testValidateEntropyPasswordContainsUsernameException() {
$this->setExpectedException('cymapgt\Exception\UserCredentialException','Password cannot contain username or any of your names');
$userProfile = array("username"=>"c.ogana",
"password"=>"1CyriL",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(
), //in reality, these are bcrypt hashes
"policyinfo"=>array(
'failed_attempt_count' => 0,
'password_last_changed_datetime' => new \DateTime('2015-05-01'),
'last_login_attempt_datetime' => new \DateTime('2015-03-01 23:45:10')
),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);
$this->object = new UserCredentialManager($userProfile);
$this->object->validateEntropy();
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicyAtChange
*/
public function testValidatePolicyPasswordRepeatException() {
$this->setExpectedException('cymapgt\Exception\UserCredentialException','User cannot repeat any of their ');
$userProfile = array("username"=>"c.ogana",
"password"=>"mno",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(
\password_hash('abc', \PASSWORD_DEFAULT),
\password_hash('def', \PASSWORD_DEFAULT),
\password_hash('ghi', \PASSWORD_DEFAULT),
\password_hash('jkl', \PASSWORD_DEFAULT),
\password_hash('mno', \PASSWORD_DEFAULT),
\password_hash('pqr', \PASSWORD_DEFAULT),
\password_hash('stu', \PASSWORD_DEFAULT),
\password_hash('vwx', \PASSWORD_DEFAULT),
\password_hash('xyz', \PASSWORD_DEFAULT)
), //in reality, these are already bcrypt hashes
"policyinfo"=>array(
'failed_attempt_count' => 0,
'password_last_changed_datetime' => new \DateTime('2014-05-04'),
'last_login_attempt_datetime' => new \DateTime('2014-03-01 23:45:10')
),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);
$this->object = new UserCredentialManager($userProfile);
$this->object->validatePolicyAtChange();
}
/**
* @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::canChangePassword
*/
public function testValidatePolicyCanChangePassword() {
$userProfile = array("username"=>"c.ogana",
"password"=>"mno",
"fullname"=>"Cyril Ogana",
"passhash"=>"tiger",
"passhist"=>array(
\password_hash('abc', \PASSWORD_DEFAULT),
\password_hash('def', \PASSWORD_DEFAULT),
\password_hash('ghi', \PASSWORD_DEFAULT),
\password_hash('jkl', \PASSWORD_DEFAULT),
\password_hash('mno', \PASSWORD_DEFAULT),
\password_hash('pqr', \PASSWORD_DEFAULT),
\password_hash('stu', \PASSWORD_DEFAULT),
\password_hash('vwx', \PASSWORD_DEFAULT),
\password_hash('xyz', \PASSWORD_DEFAULT)
), //in reality, these are already bcrypt hashes
"policyinfo"=>array(
'failed_attempt_count' => 0,
'password_last_changed_datetime' => new \DateTime(),
'last_login_attempt_datetime' => new \DateTime('2014-03-01 23:45:10')
),
"account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);
$this->object = new UserCredentialManager($userProfile);
$canChangePassword = $this->object->canChangePassword();
$this->assertInternalType('bool', $canChangePassword);
$this->assertEquals(false, $canChangePassword);
}
}
|