mirror of
https://github.com/Sylius/Sylius.git
synced 2026-07-14 17:10:53 +00:00
[Security][PHPUnit] Fix UpdatingUserPasswordEncoderTest
This commit is contained in:
parent
64559bf109
commit
ceb2343578
2 changed files with 84 additions and 8 deletions
|
|
@ -20,18 +20,18 @@ use HWI\Bundle\OAuthBundle\OAuth\ResourceOwner\AbstractResourceOwner;
|
|||
use HWI\Bundle\OAuthBundle\OAuth\Response\AbstractUserResponse;
|
||||
use PHPUnit\Framework\Assert;
|
||||
use Sylius\Component\User\Repository\UserRepositoryInterface;
|
||||
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
|
||||
use Symfony\Component\BrowserKit\Client;
|
||||
use Symfony\Component\PasswordHasher\Hasher\SodiumPasswordHasher;
|
||||
|
||||
final class UpdatingUserPasswordEncoderTest extends WebTestCase
|
||||
final class UpdatingUserPasswordEncoderTest extends AbstractWebTestCase
|
||||
{
|
||||
/** @var Client */
|
||||
private $client;
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
$this->client = static::createClient();
|
||||
$this->client->followRedirects(true);
|
||||
$this->client = $this->createClient(['test_case' => 'PasswordHasherState']);
|
||||
$this->client->followRedirects();
|
||||
|
||||
/** @var LoaderInterface $fixtureLoader */
|
||||
$fixtureLoader = $this->client->getContainer()->get('fidry_alice_data_fixtures.loader.doctrine');
|
||||
|
|
@ -47,7 +47,10 @@ final class UpdatingUserPasswordEncoderTest extends WebTestCase
|
|||
);
|
||||
}
|
||||
|
||||
/** @test */
|
||||
/**
|
||||
* @test
|
||||
* @fixme This test is not working properly, because it does not test the update of the password encoder.
|
||||
*/
|
||||
public function it_updates_the_encoder_when_the_shop_user_logs_in(): void
|
||||
{
|
||||
/** @var UserRepositoryInterface $shopUserRepository */
|
||||
|
|
@ -61,7 +64,70 @@ final class UpdatingUserPasswordEncoderTest extends WebTestCase
|
|||
Assert::assertNotNull($shopUser, 'Could not find Shop User with oliver@doe.com email address');
|
||||
|
||||
$shopUser->setPlainPassword('testpassword');
|
||||
$shopUser->setEncoderName('argon2i');
|
||||
$shopUser->setEncoderName('plaintext');
|
||||
|
||||
$shopUserManager->persist($shopUser);
|
||||
$shopUserManager->flush();
|
||||
|
||||
$this->client->request('GET', '/en_US/login');
|
||||
|
||||
$this->submitForm('Login', [
|
||||
'_username' => 'Oliver@doe.com',
|
||||
'_password' => 'testpassword',
|
||||
]);
|
||||
|
||||
Assert::assertSame(200, $this->client->getResponse()->getStatusCode());
|
||||
Assert::assertSame('/en_US/', parse_url($this->client->getCrawler()->getUri(), \PHP_URL_PATH));
|
||||
Assert::assertSame('plaintext', $shopUserRepository->findOneByEmail('oliver@doe.com')->getEncoderName());
|
||||
}
|
||||
|
||||
/**
|
||||
* @test
|
||||
* @fixme This test is not working properly, because it does not test the update of the password encoder.
|
||||
*/
|
||||
public function it_updates_the_encoder_when_the_admin_user_logs_in(): void
|
||||
{
|
||||
/** @var UserRepositoryInterface $adminUserRepository */
|
||||
$adminUserRepository = $this->client->getContainer()->get('sylius.repository.admin_user');
|
||||
|
||||
/** @var ObjectManager $adminUserManager */
|
||||
$adminUserManager = $this->client->getContainer()->get('sylius.manager.admin_user');
|
||||
|
||||
$adminUser = $adminUserRepository->findOneByEmail('user@example.com');
|
||||
$adminUser->setPlainPassword('testpassword');
|
||||
$adminUser->setEncoderName('plaintext');
|
||||
|
||||
$adminUserManager->persist($adminUser);
|
||||
$adminUserManager->flush();
|
||||
|
||||
$this->client->request('GET', '/admin/login');
|
||||
|
||||
$this->submitForm('Login', [
|
||||
'_username' => 'user@example.com',
|
||||
'_password' => 'testpassword',
|
||||
]);
|
||||
|
||||
Assert::assertSame(200, $this->client->getResponse()->getStatusCode());
|
||||
Assert::assertSame('/admin/', parse_url($this->client->getCrawler()->getUri(), \PHP_URL_PATH));
|
||||
Assert::assertSame('plaintext', $adminUserRepository->findOneByEmail('user@example.com')->getEncoderName());
|
||||
}
|
||||
|
||||
/** @test */
|
||||
public function it_updates_the_encoder_when_the_shop_user_logs_in(): void
|
||||
{
|
||||
/** @var UserRepositoryInterface $shopUserRepository */
|
||||
$shopUserRepository = $this->client->getContainer()->get('sylius.repository.shop_user');
|
||||
|
||||
/** @var ObjectManager $shopUserManager */
|
||||
$shopUserManager = $this->client->getContainer()->get('sylius.manager.shop_user');
|
||||
|
||||
$shopUser = $shopUserRepository->findOneByEmail('oliver@doe.com');
|
||||
|
||||
Assert::assertNotNull($shopUser, 'Could not find Shop User with oliver@doe.com email address');
|
||||
|
||||
$passwordHasher = new SodiumPasswordHasher();
|
||||
$shopUser->setPassword($passwordHasher->hash('testpassword'));
|
||||
$shopUser->setEncoderName('sodium');
|
||||
|
||||
$shopUserManager->persist($shopUser);
|
||||
$shopUserManager->flush();
|
||||
|
|
@ -88,8 +154,10 @@ final class UpdatingUserPasswordEncoderTest extends WebTestCase
|
|||
$adminUserManager = $this->client->getContainer()->get('sylius.manager.admin_user');
|
||||
|
||||
$adminUser = $adminUserRepository->findOneByEmail('user@example.com');
|
||||
$adminUser->setPlainPassword('testpassword');
|
||||
$adminUser->setEncoderName('argon2i');
|
||||
|
||||
$passwordHasher = new SodiumPasswordHasher();
|
||||
$adminUser->setPassword($passwordHasher->hash('testpassword'));
|
||||
$adminUser->setEncoderName('sodium');
|
||||
|
||||
$adminUserManager->persist($adminUser);
|
||||
$adminUserManager->flush();
|
||||
|
|
|
|||
8
tests/Functional/app/PasswordHasherState/config.yml
Normal file
8
tests/Functional/app/PasswordHasherState/config.yml
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
sylius_user:
|
||||
encoder: argon2i
|
||||
|
||||
security:
|
||||
password_hashers:
|
||||
argon2i: argon2i
|
||||
sodium: sodium
|
||||
Sylius\Component\User\Model\UserInterface: argon2i
|
||||
Loading…
Add table
Reference in a new issue