ILIAS  trunk Revision v11.0_alpha-2662-g519ff7d528f
ilArgon2IdPasswordEncoderTest.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use PHPUnit\Framework\Attributes\Depends;
22 
23 class ilArgon2IdPasswordEncoderTest extends ilPasswordBaseTestCase
24 {
25  private const string PASSWORD = 'password';
26  private const string WRONG_PASSWORD = 'wrong_password';
27 
28  public function testInstanceCanBeCreated(): ilArgon2idPasswordEncoder
29  {
30  $encoder = new ilArgon2idPasswordEncoder();
31  $this->assertInstanceOf(ilArgon2idPasswordEncoder::class, $encoder);
32 
33  if (!$encoder->isSupportedByRuntime()) {
34  $this->markTestSkipped('Argon2id is not supported by the runtime.');
35  }
36 
37  return $encoder;
38  }
39 
40  #[Depends('testInstanceCanBeCreated')]
41  public function testPasswordShouldBeCorrectlyEncodedAndVerified(
42  ilArgon2idPasswordEncoder $encoder
43  ): ilArgon2idPasswordEncoder {
44  $encoded_password = $encoder->encodePassword(self::PASSWORD, '');
45  $this->assertTrue($encoder->isPasswordValid($encoded_password, self::PASSWORD, ''));
46  $this->assertFalse($encoder->isPasswordValid($encoded_password, self::WRONG_PASSWORD, ''));
47  return $encoder;
48  }
49 
50  #[Depends('testInstanceCanBeCreated')]
51  public function testExceptionIsRaisedIfThePasswordExceedsTheSupportedLengthOnEncoding(
52  ilArgon2idPasswordEncoder $encoder
53  ): void {
54  $this->expectException(ilPasswordException::class);
55  $encoder->encodePassword(str_repeat('a', 5000), '');
56  }
57 
58  #[Depends('testInstanceCanBeCreated')]
59  public function testPasswordVerificationShouldFailIfTheRawPasswordExceedsTheSupportedLength(
60  ilArgon2idPasswordEncoder $encoder
61  ): void {
62  $this->assertFalse($encoder->isPasswordValid('encoded', str_repeat('a', 5000), ''));
63  }
64 
65  #[Depends('testInstanceCanBeCreated')]
66  public function testNameShouldBeArgon2id(ilArgon2idPasswordEncoder $encoder): void
67  {
68  $this->assertSame('argon2id', $encoder->getName());
69  }
70 
71  #[Depends('testInstanceCanBeCreated')]
72  public function testEncoderDoesNotRelyOnSalts(ilArgon2idPasswordEncoder $encoder): void
73  {
74  $this->assertFalse($encoder->requiresSalt());
75  }
76 
77  #[Depends('testInstanceCanBeCreated')]
78  public function testReencodingIsDetectedWhenNecessary(ilArgon2idPasswordEncoder $encoder): void
79  {
80  $raw = self::PASSWORD;
81 
82  $encoder->setThreads(2);
83  $encoder->setMemoryCost(4096);
84  $encoder->setTimeCost(8);
85  $encoded = $encoder->encodePassword($raw, '');
86 
87  $encoder->setThreads(2);
88  $encoder->setMemoryCost(4096);
89  $encoder->setTimeCost(8);
90  $this->assertFalse($encoder->requiresReencoding($encoded));
91 
92  $encoder->setThreads(2);
93  $encoder->setMemoryCost(4096);
94  $encoder->setTimeCost(4);
95  $this->assertTrue($encoder->requiresReencoding($encoded));
96 
97  $encoder->setThreads(1);
98  $encoder->setMemoryCost(4096);
99  $encoder->setTimeCost(8);
100  $this->assertTrue($encoder->requiresReencoding($encoded));
101 
102  $encoder->setThreads(2);
103  $encoder->setMemoryCost(2048);
104  $encoder->setTimeCost(8);
105  $this->assertTrue($encoder->requiresReencoding($encoded));
106  }
107 }
ilArgon2idPasswordEncoder\getName
getName()
Returns a unique name/id of the concrete password encoder.
Definition: class.ilArgon2IdPasswordEncoder.php:97
ilArgon2IdPasswordEncoderTest\testPasswordVerificationShouldFailIfTheRawPasswordExceedsTheSupportedLength
testPasswordVerificationShouldFailIfTheRawPasswordExceedsTheSupportedLength(ilArgon2idPasswordEncoder $encoder)
Definition: ilArgon2IdPasswordEncoderTest.php:59
ilArgon2idPasswordEncoder\isPasswordValid
isPasswordValid(string $encoded, string $raw, string $salt)
Checks a raw password against an encoded password.
Definition: class.ilArgon2IdPasswordEncoder.php:124
ilArgon2IdPasswordEncoderTest\testEncoderDoesNotRelyOnSalts
testEncoderDoesNotRelyOnSalts(ilArgon2idPasswordEncoder $encoder)
Definition: ilArgon2IdPasswordEncoderTest.php:72
ilBasePasswordEncoder\requiresSalt
requiresSalt()
Returns whether the encoder requires a salt.
Definition: class.ilBasePasswordEncoder.php:67
ilArgon2idPasswordEncoder\requiresReencoding
requiresReencoding(string $encoded)
Returns whether the encoded password needs to be re-encoded.
Definition: class.ilArgon2IdPasswordEncoder.php:129
ilArgon2IdPasswordEncoderTest\testExceptionIsRaisedIfThePasswordExceedsTheSupportedLengthOnEncoding
testExceptionIsRaisedIfThePasswordExceedsTheSupportedLengthOnEncoding(ilArgon2idPasswordEncoder $encoder)
Definition: ilArgon2IdPasswordEncoderTest.php:51
ilArgon2IdPasswordEncoderTest\testReencodingIsDetectedWhenNecessary
testReencodingIsDetectedWhenNecessary(ilArgon2idPasswordEncoder $encoder)
Definition: ilArgon2IdPasswordEncoderTest.php:78
ilArgon2IdPasswordEncoderTest\testPasswordShouldBeCorrectlyEncodedAndVerified
testPasswordShouldBeCorrectlyEncodedAndVerified(ilArgon2idPasswordEncoder $encoder)
Definition: ilArgon2IdPasswordEncoderTest.php:41
ilArgon2IdPasswordEncoderTest\testNameShouldBeArgon2id
testNameShouldBeArgon2id(ilArgon2idPasswordEncoder $encoder)
Definition: ilArgon2IdPasswordEncoderTest.php:66
ilArgon2idPasswordEncoder\encodePassword
encodePassword(string $raw, string $salt)
Encodes the raw password.
Definition: class.ilArgon2IdPasswordEncoder.php:111