PHP Classes
elePHPant
Icontem

File: tests/authentication/UserCredential/UserCredentialManagerTest.php

Recommend this page to a friend!
  Classes of Cyril Ogana  >  PHP User Credentials  >  tests/authentication/UserCredential/UserCredentialManagerTest.php  >  Download  
File: tests/authentication/UserCredential/UserCredentialManagerTest.php
Role: Unit test script
Content type: text/plain
Description: Unit test for UserCredentialManager class
Class: PHP User Credentials
Implement password authentication policies
Author: By
Last change:
Date: 4 years ago
Size: 15,620 bytes
 

Contents

Class file image Download
<?php
namespace cymapgt\core\application\authentication\UserCredential;

/**
 * Generated by PHPUnit_SkeletonGenerator 1.2.1 on 2014-05-17 at 22:36:01.
 */
class UserCredentialManagerTest extends \PHPUnit_Framework_TestCase
{
    /**
     * @var UserCredentialManager
     */
    protected $object;

    /**
     * Sets up the fixture, for example, opens a network connection.
     * This method is called before a test is executed.
     */
    protected function setUp()
    {
        $userProfile = array("username"=>"c.ogana",
                          "password"=>"m&$1eLe6Ke()",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(
                            \password_hash('abc', \PASSWORD_DEFAULT),
                            \password_hash('def', \PASSWORD_DEFAULT),
                            \password_hash('ghi', \PASSWORD_DEFAULT),
                            \password_hash('jkl', \PASSWORD_DEFAULT),
                            \password_hash('mno', \PASSWORD_DEFAULT),
                            \password_hash('pqr', \PASSWORD_DEFAULT),
                            \password_hash('stu', \PASSWORD_DEFAULT),
                            \password_hash('vwx', \PASSWORD_DEFAULT),
                            \password_hash('xyz', \PASSWORD_DEFAULT)
                          ), //in reality, these are bcrypt hashes
                          "policyinfo"=>array(
                              'failed_attempt_count' => 0,
                              'password_last_changed_datetime' => new \DateTime('2014-05-04'),
                              'last_login_attempt_datetime' => new \DateTime('2014-05-16 23:45:10')
                          ),
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);        
        $this->object = new UserCredentialManager($userProfile);
    }

    /**
     * Tears down the fixture, for example, closes a network connection.
     * This method is called after a test is executed.
     */
    protected function tearDown()
    {
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getBaseEntropy
     */
    public function testGetBaseEntropy()
    {
        $baseEntropy = $this->object->getBaseEntropy();
        $this->assertInternalType('array', $baseEntropy);
        $this->assertEquals(5, count($baseEntropy));
        $this->assertEquals('min_pass_len', key($baseEntropy));
        next($baseEntropy);
        $this->assertEquals('uppercase', key($baseEntropy));
        next($baseEntropy);        
        $this->assertEquals('numeric', key($baseEntropy));
        next($baseEntropy);        
        $this->assertEquals('lowercase', key($baseEntropy));
        next($baseEntropy);        
        $this->assertEquals('special', key($baseEntropy));
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getBaseEntropyOverride
     */
    public function testGetBaseEntropyOverride()
    {
        $baseEntropyOverride = $this->object->getBaseEntropyOverride();
        $this->assertInternalType('bool', $baseEntropyOverride);
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getBasePasswordPolicy
     */
    public function testGetBasePasswordPolicy()
    {
        $basePasswordPolicy = $this->object->getBasePasswordPolicy();
        $this->assertInternalType('array', $basePasswordPolicy);
        $this->assertEquals(4, count($basePasswordPolicy));
        $this->assertEquals('illegal_attempts_limit', key($basePasswordPolicy));
        next($basePasswordPolicy);
        $this->assertEquals('password_reset_frequency', key($basePasswordPolicy));
        next($basePasswordPolicy);
        $this->assertEquals('password_repeat_minimum', key($basePasswordPolicy));
        next($basePasswordPolicy);
        $this->assertEquals('illegal_attempts_penalty_seconds', key($basePasswordPolicy));
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getUdfEntropy
     */
    public function testGetUdfEntropy()
    {
        $udfEntropy = $this->object->getUdfEntropy();
        $this->assertInternalType('array', $udfEntropy);
        $this->assertEquals(5, count($udfEntropy));
        reset($udfEntropy);
        $this->assertEquals('min_pass_len', key($udfEntropy));
        next($udfEntropy);
        $this->assertEquals('uppercase', key($udfEntropy));
        next($udfEntropy);        
        $this->assertEquals('lowercase', key($udfEntropy));
        next($udfEntropy);        
        $this->assertEquals('numeric', key($udfEntropy));
        next($udfEntropy);        
        $this->assertEquals('special', key($udfEntropy));
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::getUdfPasswordPolicy
     */
    public function testGetUdfPasswordPolicy()
    {
        $udfPasswordPolicy = $this->object->getBasePasswordPolicy();
        $this->assertInternalType('array', $udfPasswordPolicy);
        $this->assertEquals(4, count($udfPasswordPolicy));
        $this->assertEquals('illegal_attempts_limit', key($udfPasswordPolicy));
        next($udfPasswordPolicy);
        $this->assertEquals('password_reset_frequency', key($udfPasswordPolicy));
        next($udfPasswordPolicy);
        $this->assertEquals('password_repeat_minimum', key($udfPasswordPolicy));
        next($udfPasswordPolicy);
        $this->assertEquals('illegal_attempts_penalty_seconds', key($udfPasswordPolicy));
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::setBaseEntropyOverride
     */
    public function testSetBaseEntropyOverride()
    {
        $this->object->setBaseEntropyOverride(true);
        $baseEntropyOverride = $this->object->getBaseEntropyOverride();
        $this->assertInternalType('bool', $baseEntropyOverride);
        $this->assertEquals(true, $baseEntropyOverride);
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateEntropy
     */
    public function testValidateEntropy()
    {
        $this->assertInternalType('bool', $this->object->validateEntropy());        
        $this->assertEquals(true, $this->object->validateEntropy());
    }
    
    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateEntropy
     */
    public function testValidateEntropyException() {
        $this->setExpectedException('cymapgt\Exception\UserCredentialException','The password does not meet the minimum entropy.');
        $userProfileWeak = array("username"=>"c.ogana",
                          "password"=>"weak_password",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(),
                          "policyinfo"=>array(),
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);        
        $this->object = new UserCredentialManager($userProfileWeak);
        $this->object->validateEntropy();
    }
    
    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateLength
     */
    public function testValidateLength() {
        $this->assertInternalType('bool', $this->object->validateLength());
        $this->assertEquals(true, $this->object->validateLength());
    }
    
    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validateLength
     */
    public function testValidateLengthException() {
        $this->setExpectedException('cymapgt\Exception\UserCredentialException','The password does not meet required length.');
        $userProfileWeak = array("username"=>"c.ogana",
                          "password"=>"tinypw",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(),
                          "policyinfo"=>array(),            
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);        
        $this->object = new UserCredentialManager($userProfileWeak);
        $this->object->validateLength();
    }
    
    
    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicy
     */
    public function testValidatePolicyLoginAttemptSuspendedException() {
         $this->setExpectedException('cymapgt\Exception\UserCredentialException','The account has exceeded login attempts and is locked.');
        $userProfileWeak = array("username"=>"c.ogana",
                          "password"=>"tinypw",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(),
                          "policyinfo"=>array('failed_attempt_count' => 4),            
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_AUTHFAILED);        
        $this->object = new UserCredentialManager($userProfileWeak);
        $this->object->validatePolicy();       
    } 
    
    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicy
     */
    public function testValidatePolicyPasswordExpiredException() {
        $this->setExpectedException('cymapgt\Exception\UserCredentialException','The password has expired and must be changed');
        $userProfile = array("username"=>"c.ogana",
                          "password"=>"m&$1eLe6Ke()",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(
                          ), //in reality, these are bcrypt hashes
                          "policyinfo"=>array(
                              'failed_attempt_count' => 0,
                              'password_last_changed_datetime' => new \DateTime('2014-03-01'),
                              'last_login_attempt_datetime' => new \DateTime('2014-03-01 23:45:10')
                          ),
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);        
        $this->object = new UserCredentialManager($userProfile);
        $this->object->validatePolicy();
    }

    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicy
     */
    public function testValidateEntropyPasswordContainsUsernameException() {
        $this->setExpectedException('cymapgt\Exception\UserCredentialException','Password cannot contain username or any of your names');
        $userProfile = array("username"=>"c.ogana",
                          "password"=>"1CyriL",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(
                          ), //in reality, these are bcrypt hashes
                          "policyinfo"=>array(
                              'failed_attempt_count' => 0,
                              'password_last_changed_datetime' => new \DateTime('2015-05-01'),
                              'last_login_attempt_datetime' => new \DateTime('2015-03-01 23:45:10')
                          ),
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);        
        $this->object = new UserCredentialManager($userProfile);
        $this->object->validateEntropy();
    }
    
    
    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::validatePolicyAtChange
     */
    public function testValidatePolicyPasswordRepeatException() {
        $this->setExpectedException('cymapgt\Exception\UserCredentialException','User cannot repeat any of their ');
        $userProfile = array("username"=>"c.ogana",
                          "password"=>"mno",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(
                            \password_hash('abc', \PASSWORD_DEFAULT),
                            \password_hash('def', \PASSWORD_DEFAULT),
                            \password_hash('ghi', \PASSWORD_DEFAULT),
                            \password_hash('jkl', \PASSWORD_DEFAULT),
                            \password_hash('mno', \PASSWORD_DEFAULT),
                            \password_hash('pqr', \PASSWORD_DEFAULT),
                            \password_hash('stu', \PASSWORD_DEFAULT),
                            \password_hash('vwx', \PASSWORD_DEFAULT),
                            \password_hash('xyz', \PASSWORD_DEFAULT)
                          ), //in reality, these are already bcrypt hashes
                          "policyinfo"=>array(
                              'failed_attempt_count' => 0,
                              'password_last_changed_datetime' => new \DateTime('2014-05-04'),
                              'last_login_attempt_datetime' => new \DateTime('2014-03-01 23:45:10')
                          ),
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);        
        $this->object = new UserCredentialManager($userProfile); 
        $this->object->validatePolicyAtChange();
    }
    
    /**
     * @covers cymapgt\core\application\authentication\UserCredential\UserCredentialManager::canChangePassword
     */
    public function testValidatePolicyCanChangePassword() {
        $userProfile = array("username"=>"c.ogana",
                          "password"=>"mno",
                          "fullname"=>"Cyril Ogana",
                          "passhash"=>"tiger",
                          "passhist"=>array(
                            \password_hash('abc', \PASSWORD_DEFAULT),
                            \password_hash('def', \PASSWORD_DEFAULT),
                            \password_hash('ghi', \PASSWORD_DEFAULT),
                            \password_hash('jkl', \PASSWORD_DEFAULT),
                            \password_hash('mno', \PASSWORD_DEFAULT),
                            \password_hash('pqr', \PASSWORD_DEFAULT),
                            \password_hash('stu', \PASSWORD_DEFAULT),
                            \password_hash('vwx', \PASSWORD_DEFAULT),
                            \password_hash('xyz', \PASSWORD_DEFAULT)
                          ), //in reality, these are already bcrypt hashes
                          "policyinfo"=>array(
                              'failed_attempt_count' => 0,
                              'password_last_changed_datetime' => new \DateTime(),
                              'last_login_attempt_datetime' => new \DateTime('2014-03-01 23:45:10')
                          ),
                          "account_state"=>\USERCREDENTIAL_ACCOUNTSTATE_LOGGEDIN);        
        $this->object = new UserCredentialManager($userProfile); 
        $canChangePassword = $this->object->canChangePassword();
        $this->assertInternalType('bool', $canChangePassword);
        $this->assertEquals(false, $canChangePassword);
    }
}