/**
* @requires PHP 5.3.7
*/
public function testCheckPasswordLength()
{
$encoder = new BCryptPasswordEncoder(self::VALID_COST);
$result = $encoder->encodePassword(str_repeat('a', 72), null);
$this->assertFalse($encoder->isPasswordValid($result, str_repeat('a', 73), 'salt'));
$this->assertTrue($encoder->isPasswordValid($result, str_repeat('a', 72), 'salt'));
}
public function testValidation()
{
$this->skipIfPhpVersionIsNotSupported();
$encoder = new BCryptPasswordEncoder(self::VALID_COST);
$result = $encoder->encodePassword(self::PASSWORD, null);
$this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null));
$this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null));
}
public function testValidationKnownPassword()
{
$encoder = new BCryptPasswordEncoder($this->secureRandom, self::VALID_COST);
$prefix = '$' . (version_compare(phpversion(), '5.3.7', '>=') ? '2y' : '2a') . '$';
$encrypted = $prefix . '04$ABCDEFGHIJKLMNOPQRSTU.uTmwd4KMSHxbUsG7bng8x7YdA0PM1iq';
$this->assertTrue($encoder->isPasswordValid($encrypted, self::PASSWORD, null));
}
public function testEncodePasswordBcrypt()
{
$this->passwordEncoderCommandTester->execute(array('command' => 'security:encode-password', 'password' => 'password', 'user-class' => 'Custom\\Class\\Bcrypt\\User'), array('interactive' => false));
$output = $this->passwordEncoderCommandTester->getDisplay();
$this->assertContains('Password encoding succeeded', $output);
$encoder = new BCryptPasswordEncoder(17);
preg_match('# Encoded password\\s{1,}([\\w+\\/$.]+={0,2})\\s+#', $output, $matches);
$hash = $matches[1];
$this->assertTrue($encoder->isPasswordValid($hash, 'password', null));
}
public function testResetPassword()
{
$passwordReset = new PasswordReset($this->dataUser, $this->dataPasswordReset);
$app = TestDBSetup::createAppAndDB(false);
$user = $this->dataUser->createEmpty();
$user->set('username', 'user2');
$user->set('password', 'asdasd');
$user->set('email', '*****@*****.**');
$this->dataUser->create($user);
$hash = $user->get('password');
$salt = $user->get('salt');
$encoder = new BCryptPasswordEncoder(13);
$this->assertTrue($encoder->isPasswordValid($hash, 'asdasd', $salt));
$token = $passwordReset->requestPasswordReset('email', '*****@*****.**');
$read = $passwordReset->resetPassword('asdasd', 'dsadsa');
$this->assertFalse($read);
$read = $passwordReset->resetPassword('', 'dsadsa');
$this->assertFalse($read);
$read = $passwordReset->resetPassword(null, 'dsadsa');
$this->assertFalse($read);
$read = $passwordReset->resetPassword($token, 'dsadsa');
$this->assertTrue($read);
$updatedUser = $this->dataUser->get($user->get('id'));
$newHash = $updatedUser->get('password');
$this->assertTrue($encoder->isPasswordValid($newHash, 'dsadsa', $salt));
// A token can be only used once
$read = $passwordReset->resetPassword($token, 'dsadsa');
$this->assertFalse($read);
// A password reset must be used within 48h
$token = $passwordReset->requestPasswordReset('email', '*****@*****.**');
$passwordResets = $this->dataPasswordReset->listEntries(['token' => $token]);
if (count($passwordResets) !== 1) {
$this->fail();
}
$oldCreatedAt = gmdate('Y-m-d H:i:s', time() - 3 * 24 * 60 * 60);
$app['db']->executeUpdate('UPDATE password_reset SET created_at = ? WHERE token = ?', [$oldCreatedAt, $token]);
$read = $passwordReset->resetPassword($token, 'dsadsa');
$this->assertFalse($read);
}
public function testCheckPasswordLength()
{
$encoder = new BCryptPasswordEncoder(self::VALID_COST);
$this->assertFalse($encoder->isPasswordValid('encoded', str_repeat('a', 5000), 'salt'));
}
/**
* @param string $hash
* @param string $rawPassword
*
* @return bool
*/
protected function isValidPassword($hash, $rawPassword)
{
$encoder = new BCryptPasswordEncoder(self::BCRYPT_FACTOR);
return $encoder->isPasswordValid($hash, $rawPassword, self::BCRYPT_SALT);
}
/**
* A utility function to verify if the password in the db matches the given password
* This is primarily used in tests
* @param string $passwordToVerify
* @return bool true if the password matches, false if not
*/
public function verifyPassword($passwordToVerify)
{
$bcrypt = new BCryptPasswordEncoder(BCRYPT_COST);
return $bcrypt->isPasswordValid($this->password, $passwordToVerify, null);
}
