‪TYPO3CMS  11.5
PasswordHashFactoryTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing;
19 
20 use Prophecy\PhpUnit\ProphecyTrait;
21 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash;
22 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException;
23 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
24 use ‪TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash;
25 use ‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Fixtures\TestPasswordHash;
26 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
27 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
28 
32 class ‪PasswordHashFactoryTest extends UnitTestCase
33 {
34  use ProphecyTrait;
35 
39  public function ‪getThrowsExceptionIfModeIsNotBeOrFe(): void
40  {
41  $this->expectException(\InvalidArgumentException::class);
42  $this->expectExceptionCode(1533948312);
43  (new ‪PasswordHashFactory())->get('ThisIsNotAValidHash', 'foo');
44  }
45 
49  public function ‪getThrowsExceptionWithBrokenClassNameModeConfiguration(): void
50  {
51  $this->expectException(\LogicException::class);
52  $this->expectExceptionCode(1533949053);
53  ‪$GLOBALS['TYPO3_CONF_VARS']['FE']['passwordHashing']['className'] = '';
54  (new ‪PasswordHashFactory())->get('ThisIsNotAValidHash', 'FE');
55  }
56 
60  public function ‪getThrowsExceptionWithBrokenOptionsModeConfiguration(): void
61  {
62  $this->expectException(\LogicException::class);
63  $this->expectExceptionCode(1533949053);
64  ‪$GLOBALS['TYPO3_CONF_VARS']['FE']['passwordHashing']['options'] = '';
65  (new ‪PasswordHashFactory())->get('ThisIsNotAValidHash', 'FE');
66  }
67 
71  public function ‪getThrowsExceptionIfARegisteredHashDoesNotImplementSaltInterface(): void
72  {
73  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'] = [ \stdClass::class ];
74  $this->expectException(\LogicException::class);
75  $this->expectExceptionCode(1533818569);
76  (new ‪PasswordHashFactory())->get('ThisIsNotAValidHash', 'BE');
77  }
78 
82  public function ‪getThrowsExceptionIfNoClassIsFoundThatHandlesGivenHash(): void
83  {
84  $this->expectException(InvalidPasswordHashException::class);
85  $this->expectExceptionCode(1533818591);
86  (new ‪PasswordHashFactory())->get('ThisIsNotAValidHash', 'BE');
87  }
88 
92  public function ‪getThrowsExceptionIfClassThatHandlesAHashIsNotAvailable(): void
93  {
94  $phpassProphecy = $this->prophesize(PhpassPasswordHash::class);
95  GeneralUtility::addInstance(PhpassPasswordHash::class, $phpassProphecy->reveal());
96  $phpassProphecy->isAvailable()->shouldBeCalled()->willReturn(false);
97  $this->expectException(InvalidPasswordHashException::class);
98  $this->expectExceptionCode(1533818591);
99  (new ‪PasswordHashFactory())->get('$P$C7u7E10SBEie/Jbdz0jDtUcWhzgOPF.', 'BE');
100  }
101 
105  public function ‪getThrowsExceptionIfClassThatHandlesAHashSaysNoToHash(): void
106  {
107  $phpassProphecy = $this->prophesize(PhpassPasswordHash::class);
108  GeneralUtility::addInstance(PhpassPasswordHash::class, $phpassProphecy->reveal());
109  $phpassProphecy->isAvailable()->shouldBeCalled()->willReturn(true);
110  $hash = '$P$C7u7E10SBEie/Jbdz0jDtUcWhzgOPF.';
111  $phpassProphecy->isValidSaltedPW($hash)->shouldBeCalled()->willReturn(false);
112  $this->expectException(InvalidPasswordHashException::class);
113  $this->expectExceptionCode(1533818591);
114  (new ‪PasswordHashFactory())->get($hash, 'BE');
115  }
116 
120  public function ‪getHandsConfiguredOptionsToHashClassIfMethodIsConfiguredDefaultForMode(): void
121  {
122  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'] = [ TestPasswordHash::class ];
123  ‪$GLOBALS['TYPO3_CONF_VARS']['FE']['passwordHashing'] = [
124  'className' => TestPasswordHash::class,
125  'options' => [
126  'foo' => 'bar',
127  ],
128  ];
129  $this->expectException(\RuntimeException::class);
130  $this->expectExceptionCode(1533950385);
131  (new ‪PasswordHashFactory())->get('someHash', 'FE');
132  }
133 
137  public function ‪getReturnsInstanceOfHashClassThatHandlesHash(): void
138  {
139  $phpassProphecy = $this->prophesize(PhpassPasswordHash::class);
140  $phpassRevelation = $phpassProphecy->reveal();
141  GeneralUtility::addInstance(PhpassPasswordHash::class, $phpassRevelation);
142  $phpassProphecy->isAvailable()->shouldBeCalled()->willReturn(true);
143  $hash = '$P$C7u7E10SBEie/Jbdz0jDtUcWhzgOPF.';
144  $phpassProphecy->isValidSaltedPW($hash)->shouldBeCalled()->willReturn(true);
145  self::assertSame($phpassRevelation, (new ‪PasswordHashFactory())->get($hash, 'BE'));
146  }
147 
151  public function ‪getDefaultHashInstanceThrowsExceptionIfModeIsNotBeOrFe(): void
152  {
153  $this->expectException(\InvalidArgumentException::class);
154  $this->expectExceptionCode(1533820041);
155  (new ‪PasswordHashFactory())->getDefaultHashInstance('foo');
156  }
157 
161  public function ‪getDefaultHashInstanceThrowsExceptionWithBrokenClassNameModeConfiguration(): void
162  {
163  $this->expectException(\LogicException::class);
164  $this->expectExceptionCode(1533950622);
165  ‪$GLOBALS['TYPO3_CONF_VARS']['FE']['passwordHashing']['className'] = '';
166  (new ‪PasswordHashFactory())->getDefaultHashInstance('FE');
167  }
168 
172  public function ‪getDefaultHashInstanceThrowsExceptionWithBrokenOptionsModeConfiguration(): void
173  {
174  $this->expectException(\LogicException::class);
175  $this->expectExceptionCode(1533950622);
176  ‪$GLOBALS['TYPO3_CONF_VARS']['FE']['passwordHashing']['options'] = '';
177  (new ‪PasswordHashFactory())->getDefaultHashInstance('FE');
178  }
179 
183  public function ‪getDefaultHashReturnsInstanceOfConfiguredDefaultFeMethod(): void
184  {
185  ‪$GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['saltedpasswords']['FE']['saltedPWHashingMethod'] = Argon2iPasswordHash::class;
186  $hashInstance = (new ‪PasswordHashFactory())->getDefaultHashInstance('FE');
187  self::assertInstanceOf(Argon2iPasswordHash::class, $hashInstance);
188  }
189 
193  public function ‪getDefaultHashReturnsInstanceOfConfiguredDefaultBeMethod(): void
194  {
195  ‪$GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['saltedpasswords']['BE']['saltedPWHashingMethod'] = Argon2iPasswordHash::class;
196  $hashInstance = (new ‪PasswordHashFactory())->getDefaultHashInstance('BE');
197  self::assertInstanceOf(Argon2iPasswordHash::class, $hashInstance);
198  }
199 
203  public function ‪getDefaultHashThrowsExceptionIfDefaultHashMethodDoesNotImplementSaltInterface(): void
204  {
205  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordHashing']['className'] = \stdClass::class;
206  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'] = [ \stdClass::class ];
207  $this->expectException(\LogicException::class);
208  $this->expectExceptionCode(1533820281);
209  (new ‪PasswordHashFactory())->getDefaultHashInstance('BE');
210  }
211 
215  public function ‪getDefaultHashThrowsExceptionIfDefaultHashMethodIsNotRegistered(): void
216  {
217  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordHashing']['className'] = \stdClass::class;
218  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'] = [ Argon2iPasswordHash::class ];
219  $this->expectException(InvalidPasswordHashException::class);
220  $this->expectExceptionCode(1533820194);
221  (new ‪PasswordHashFactory())->getDefaultHashInstance('BE');
222  }
223 
227  public function ‪getDefaultHashThrowsExceptionIfDefaultHashMethodIsNotAvailable(): void
228  {
229  ‪$GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['saltedpasswords']['BE']['saltedPWHashingMethod'] = Argon2iPasswordHash::class;
230  $argonProphecy = $this->prophesize(Argon2iPasswordHash::class);
231  GeneralUtility::addInstance(Argon2iPasswordHash::class, $argonProphecy->reveal());
232  $argonProphecy->isAvailable()->shouldBeCalled()->willReturn(false);
233  $this->expectException(InvalidPasswordHashException::class);
234  $this->expectExceptionCode(1533822084);
235  (new ‪PasswordHashFactory())->getDefaultHashInstance('BE');
236  }
237 
241  public function ‪getDefaultHoshHandsConfiguredOptionsToHashClass(): void
242  {
243  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'] = [ TestPasswordHash::class ];
244  ‪$GLOBALS['TYPO3_CONF_VARS']['FE']['passwordHashing'] = [
245  'className' => TestPasswordHash::class,
246  'options' => [
247  'foo' => 'bar',
248  ],
249  ];
250  $this->expectException(\RuntimeException::class);
251  $this->expectExceptionCode(1533950385);
252  (new ‪PasswordHashFactory())->getDefaultHashInstance('FE');
253  }
254 
258  public function ‪getRegisteredSaltedHashingMethodsReturnsRegisteredMethods(): void
259  {
260  $methods = [
261  'foo',
262  'bar',
263  ];
264  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'] = $methods;
265  self::assertSame($methods, ‪PasswordHashFactory::getRegisteredSaltedHashingMethods());
266  }
267 
271  public function ‪getRegisteredSaltedHashingMethodsThrowsExceptionIfNoMethodIsConfigured(): void
272  {
273  $this->expectException(\RuntimeException::class);
274  $this->expectExceptionCode(1533948733);
275  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['availablePasswordHashAlgorithms'] = [];
276  ‪PasswordHashFactory::getRegisteredSaltedHashingMethods();
277  }
278 }
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory
Definition: PasswordHashFactory.php:27
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getThrowsExceptionIfModeIsNotBeOrFe
‪getThrowsExceptionIfModeIsNotBeOrFe()
Definition: PasswordHashFactoryTest.php:38
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashReturnsInstanceOfConfiguredDefaultFeMethod
‪getDefaultHashReturnsInstanceOfConfiguredDefaultFeMethod()
Definition: PasswordHashFactoryTest.php:182
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getReturnsInstanceOfHashClassThatHandlesHash
‪getReturnsInstanceOfHashClassThatHandlesHash()
Definition: PasswordHashFactoryTest.php:136
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getThrowsExceptionWithBrokenClassNameModeConfiguration
‪getThrowsExceptionWithBrokenClassNameModeConfiguration()
Definition: PasswordHashFactoryTest.php:48
‪TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
Definition: InvalidPasswordHashException.php:25
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getThrowsExceptionIfClassThatHandlesAHashSaysNoToHash
‪getThrowsExceptionIfClassThatHandlesAHashSaysNoToHash()
Definition: PasswordHashFactoryTest.php:104
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashReturnsInstanceOfConfiguredDefaultBeMethod
‪getDefaultHashReturnsInstanceOfConfiguredDefaultBeMethod()
Definition: PasswordHashFactoryTest.php:192
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashThrowsExceptionIfDefaultHashMethodIsNotRegistered
‪getDefaultHashThrowsExceptionIfDefaultHashMethodIsNotRegistered()
Definition: PasswordHashFactoryTest.php:214
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getThrowsExceptionIfARegisteredHashDoesNotImplementSaltInterface
‪getThrowsExceptionIfARegisteredHashDoesNotImplementSaltInterface()
Definition: PasswordHashFactoryTest.php:70
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getRegisteredSaltedHashingMethodsReturnsRegisteredMethods
‪getRegisteredSaltedHashingMethodsReturnsRegisteredMethods()
Definition: PasswordHashFactoryTest.php:257
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getThrowsExceptionIfNoClassIsFoundThatHandlesGivenHash
‪getThrowsExceptionIfNoClassIsFoundThatHandlesGivenHash()
Definition: PasswordHashFactoryTest.php:81
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashInstanceThrowsExceptionIfModeIsNotBeOrFe
‪getDefaultHashInstanceThrowsExceptionIfModeIsNotBeOrFe()
Definition: PasswordHashFactoryTest.php:150
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashInstanceThrowsExceptionWithBrokenClassNameModeConfiguration
‪getDefaultHashInstanceThrowsExceptionWithBrokenClassNameModeConfiguration()
Definition: PasswordHashFactoryTest.php:160
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getThrowsExceptionWithBrokenOptionsModeConfiguration
‪getThrowsExceptionWithBrokenOptionsModeConfiguration()
Definition: PasswordHashFactoryTest.php:59
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashInstanceThrowsExceptionWithBrokenOptionsModeConfiguration
‪getDefaultHashInstanceThrowsExceptionWithBrokenOptionsModeConfiguration()
Definition: PasswordHashFactoryTest.php:171
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getHandsConfiguredOptionsToHashClassIfMethodIsConfiguredDefaultForMode
‪getHandsConfiguredOptionsToHashClassIfMethodIsConfiguredDefaultForMode()
Definition: PasswordHashFactoryTest.php:119
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashThrowsExceptionIfDefaultHashMethodDoesNotImplementSaltInterface
‪getDefaultHashThrowsExceptionIfDefaultHashMethodDoesNotImplementSaltInterface()
Definition: PasswordHashFactoryTest.php:202
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory\getRegisteredSaltedHashingMethods
‪static array getRegisteredSaltedHashingMethods()
Definition: PasswordHashFactory.php:139
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getRegisteredSaltedHashingMethodsThrowsExceptionIfNoMethodIsConfigured
‪getRegisteredSaltedHashingMethodsThrowsExceptionIfNoMethodIsConfigured()
Definition: PasswordHashFactoryTest.php:270
‪TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash
Definition: PhpassPasswordHash.php:35
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHashThrowsExceptionIfDefaultHashMethodIsNotAvailable
‪getDefaultHashThrowsExceptionIfDefaultHashMethodIsNotAvailable()
Definition: PasswordHashFactoryTest.php:226
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\Fixtures\TestPasswordHash
Definition: TestPasswordHash.php:24
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getThrowsExceptionIfClassThatHandlesAHashIsNotAvailable
‪getThrowsExceptionIfClassThatHandlesAHashIsNotAvailable()
Definition: PasswordHashFactoryTest.php:91
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest
Definition: PasswordHashFactoryTest.php:33
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:50
‪TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash
Definition: Argon2iPasswordHash.php:31
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing\PasswordHashFactoryTest\getDefaultHoshHandsConfiguredOptionsToHashClass
‪getDefaultHoshHandsConfiguredOptionsToHashClass()
Definition: PasswordHashFactoryTest.php:240
‪TYPO3\CMS\Core\Tests\Unit\Crypto\PasswordHashing
Definition: Argon2idPasswordHashTest.php:18