Make WordPress Core


Ignore:
Timestamp:
10/15/2015 12:10:45 AM (9 years ago)
Author:
wonderboymusic
Message:

Unit Tests: wrestle performance out of Tests_Auth by cloning the same user for a majority of the tests.

See #30017, #33968.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/tests/phpunit/tests/auth.php

    r33744 r35171  
    66 */
    77class Tests_Auth extends WP_UnitTestCase {
    8     var $user_id;
    9     var $wp_hasher;
     8    protected $user;
     9    protected static $_user;
     10    protected static $user_id;
     11    protected static $wp_hasher;
    1012
    1113    /**
     
    1315     */
    1416    protected $nonce_failure_hook = 'wp_verify_nonce_failed';
     17
     18    static function setUpBeforeClass() {
     19        parent::setUpBeforeClass();
     20
     21        $factory = new WP_UnitTest_Factory();
     22
     23        self::$_user = $factory->user->create_and_get( array(
     24            'user_login' => 'password-tests'
     25        ) );
     26
     27        self::$user_id = self::$_user->ID;
     28
     29        require_once( ABSPATH . WPINC . '/class-phpass.php' );
     30        self::$wp_hasher = new PasswordHash( 8, true );
     31    }
    1532
    1633    function setUp() {
    1734        parent::setUp();
    18         $this->user_id = $this->factory->user->create();
    19 
    20         require_once ABSPATH . WPINC . '/class-phpass.php';
    21         $this->wp_hasher = new PasswordHash( 8, true );
     35
     36        $this->user = clone self::$_user;
    2237    }
    2338
    2439    function test_auth_cookie_valid() {
    25         $cookie = wp_generate_auth_cookie( $this->user_id, time() + 3600, 'auth' );
    26         $this->assertEquals( $this->user_id, wp_validate_auth_cookie( $cookie, 'auth' ) );
     40        $cookie = wp_generate_auth_cookie( self::$user_id, time() + 3600, 'auth' );
     41        $this->assertEquals( self::$user_id, wp_validate_auth_cookie( $cookie, 'auth' ) );
    2742    }
    2843
     
    3146        // as an ajax test may have defined DOING_AJAX, failing the test.
    3247
    33         $cookie = wp_generate_auth_cookie( $this->user_id, time() - 7200, 'auth' );
     48        $cookie = wp_generate_auth_cookie( self::$user_id, time() - 7200, 'auth' );
    3449        $this->assertEquals( false, wp_validate_auth_cookie( $cookie, 'auth' ), 'expired cookie' );
    3550
    36         $cookie = wp_generate_auth_cookie( $this->user_id, time() + 3600, 'auth' );
     51        $cookie = wp_generate_auth_cookie( self::$user_id, time() + 3600, 'auth' );
    3752        $this->assertEquals( false, wp_validate_auth_cookie( $cookie, 'logged_in' ), 'wrong auth scheme' );
    3853
    39         $cookie = wp_generate_auth_cookie( $this->user_id, time() + 3600, 'auth' );
     54        $cookie = wp_generate_auth_cookie( self::$user_id, time() + 3600, 'auth' );
    4055        list($a, $b, $c) = explode('|', $cookie);
    4156        $cookie = $a . '|' . ($b + 1) . '|' . $c;
    42         $this->assertEquals( false, wp_validate_auth_cookie( $this->user_id, 'auth' ), 'altered cookie' );
     57        $this->assertEquals( false, wp_validate_auth_cookie( self::$user_id, 'auth' ), 'altered cookie' );
    4358    }
    4459
    4560    function test_auth_cookie_scheme() {
    4661        // arbitrary scheme name
    47         $cookie = wp_generate_auth_cookie( $this->user_id, time() + 3600, 'foo' );
    48         $this->assertEquals( $this->user_id, wp_validate_auth_cookie( $cookie, 'foo' ) );
     62        $cookie = wp_generate_auth_cookie( self::$user_id, time() + 3600, 'foo' );
     63        $this->assertEquals( self::$user_id, wp_validate_auth_cookie( $cookie, 'foo' ) );
    4964
    5065        // wrong scheme name - should fail
    51         $cookie = wp_generate_auth_cookie( $this->user_id, time() + 3600, 'foo' );
     66        $cookie = wp_generate_auth_cookie( self::$user_id, time() + 3600, 'foo' );
    5267        $this->assertEquals( false, wp_validate_auth_cookie( $cookie, 'bar' ) );
    5368    }
     
    5772     */
    5873    function test_password_trimming() {
    59         $another_user = $this->factory->user->create( array( 'user_login' => 'password-triming-tests' ) );
    60 
    6174        $passwords_to_test = array(
    6275            'a password with no trailing or leading spaces',
     
    6780
    6881        foreach( $passwords_to_test as $password_to_test ) {
    69             wp_set_password( $password_to_test, $another_user );
    70             $authed_user = wp_authenticate( 'password-triming-tests', $password_to_test );
     82            wp_set_password( $password_to_test, $this->user->ID );
     83            $authed_user = wp_authenticate( $this->user->user_login, $password_to_test );
    7184
    7285            $this->assertInstanceOf( 'WP_User', $authed_user );
    73             $this->assertEquals( $another_user, $authed_user->ID );
     86            $this->assertEquals( $this->user->ID, $authed_user->ID );
    7487        }
    7588    }
     
    141154
    142155    function test_password_length_limit() {
    143         $passwords = array(
    144             str_repeat( 'a', 4095 ), // short
    145             str_repeat( 'a', 4096 ), // limit
    146             str_repeat( 'a', 4097 ), // long
    147         );
    148 
    149         $user_id = $this->factory->user->create( array( 'user_login' => 'password-length-test' ) );
    150 
    151         wp_set_password( $passwords[1], $user_id );
    152         $user = get_user_by( 'id', $user_id );
     156        $limit = str_repeat( 'a', 4096 );
     157
     158        wp_set_password( $limit, self::$user_id );
    153159        // phpass hashed password
    154         $this->assertStringStartsWith( '$P$', $user->data->user_pass );
    155 
    156         $user = wp_authenticate( 'password-length-test', $passwords[0] );
     160        $this->assertStringStartsWith( '$P$', $this->user->data->user_pass );
     161
     162        $user = wp_authenticate( $this->user->user_login, 'aaaaaaaa' );
    157163        // Wrong Password
    158164        $this->assertInstanceOf( 'WP_Error', $user );
    159165
    160         $user = wp_authenticate( 'password-length-test', $passwords[1] );
     166        $user = wp_authenticate( $this->user->user_login, $limit );
    161167        $this->assertInstanceOf( 'WP_User', $user );
    162         $this->assertEquals( $user_id, $user->ID );
    163 
    164         $user = wp_authenticate( 'password-length-test', $passwords[2] );
     168        $this->assertEquals( self::$user_id, $user->ID );
     169
     170        // one char too many
     171        $user = wp_authenticate( $this->user->user_login, $limit . 'a' );
    165172        // Wrong Password
    166173        $this->assertInstanceOf( 'WP_Error', $user );
    167174
    168 
    169         wp_set_password( $passwords[2], $user_id );
    170         $user = get_user_by( 'id', $user_id );
     175        wp_set_password( $limit . 'a', self::$user_id );
     176        $user = get_user_by( 'id', self::$user_id );
    171177        // Password broken by setting it to be too long.
    172178        $this->assertEquals( '*', $user->data->user_pass );
    173179
    174         $user = wp_authenticate( 'password-length-test', '*' );
    175         $this->assertInstanceOf( 'WP_Error', $user );
    176 
    177         $user = wp_authenticate( 'password-length-test', '*0' );
    178         $this->assertInstanceOf( 'WP_Error', $user );
    179 
    180         $user = wp_authenticate( 'password-length-test', '*1' );
    181         $this->assertInstanceOf( 'WP_Error', $user );
    182 
    183         $user = wp_authenticate( 'password-length-test', $passwords[0] );
     180        $user = wp_authenticate( $this->user->user_login, '*' );
     181        $this->assertInstanceOf( 'WP_Error', $user );
     182
     183        $user = wp_authenticate( $this->user->user_login, '*0' );
     184        $this->assertInstanceOf( 'WP_Error', $user );
     185
     186        $user = wp_authenticate( $this->user->user_login, '*1' );
     187        $this->assertInstanceOf( 'WP_Error', $user );
     188
     189        $user = wp_authenticate( $this->user->user_login, 'aaaaaaaa' );
    184190        // Wrong Password
    185191        $this->assertInstanceOf( 'WP_Error', $user );
    186192
    187         $user = wp_authenticate( 'password-length-test', $passwords[1] );
     193        $user = wp_authenticate( $this->user->user_login, $limit );
    188194        // Wrong Password
    189195        $this->assertInstanceOf( 'WP_Error', $user );
    190196
    191         $user = wp_authenticate( 'password-length-test', $passwords[2] );
     197        $user = wp_authenticate( $this->user->user_login, $limit . 'a' );
    192198        // Password broken by setting it to be too long.
    193199        $this->assertInstanceOf( 'WP_Error', $user );
     
    201207
    202208        $key  = wp_generate_password( 20, false );
    203         $user = $this->factory->user->create_and_get();
    204209        $wpdb->update( $wpdb->users, array(
    205             'user_activation_key' => strtotime( '-1 hour' ) . ':' . $this->wp_hasher->HashPassword( $key ),
     210            'user_activation_key' => strtotime( '-1 hour' ) . ':' . self::$wp_hasher->HashPassword( $key ),
    206211        ), array(
    207             'ID' => $user->ID,
     212            'ID' => $this->user->ID,
    208213        ) );
    209214
    210215        // A valid key should be accepted
    211         $check = check_password_reset_key( $key, $user->user_login );
     216        $check = check_password_reset_key( $key, $this->user->user_login );
    212217        $this->assertInstanceOf( 'WP_User', $check );
    213         $this->assertSame( $user->ID, $check->ID );
     218        $this->assertSame( $this->user->ID, $check->ID );
    214219
    215220        // An invalid key should be rejected
    216         $check = check_password_reset_key( 'key', $user->user_login );
     221        $check = check_password_reset_key( 'key', $this->user->user_login );
    217222        $this->assertInstanceOf( 'WP_Error', $check );
    218223
    219224        // An empty key should be rejected
    220         $check = check_password_reset_key( '', $user->user_login );
     225        $check = check_password_reset_key( '', $this->user->user_login );
    221226        $this->assertInstanceOf( 'WP_Error', $check );
    222227
    223228        // A truncated key should be rejected
    224229        $partial = substr( $key, 0, 10 );
    225         $check = check_password_reset_key( $partial, $user->user_login );
     230        $check = check_password_reset_key( $partial, $this->user->user_login );
    226231        $this->assertInstanceOf( 'WP_Error', $check );
    227232    }
     
    234239
    235240        $key  = wp_generate_password( 20, false );
    236         $user = $this->factory->user->create_and_get();
    237241        $wpdb->update( $wpdb->users, array(
    238             'user_activation_key' => strtotime( '-48 hours' ) . ':' . $this->wp_hasher->HashPassword( $key ),
     242            'user_activation_key' => strtotime( '-48 hours' ) . ':' . self::$wp_hasher->HashPassword( $key ),
    239243        ), array(
    240             'ID' => $user->ID,
     244            'ID' => $this->user->ID,
    241245        ) );
    242246
    243247        // An expired but otherwise valid key should be rejected
    244         $check = check_password_reset_key( $key, $user->user_login );
     248        $check = check_password_reset_key( $key, $this->user->user_login );
    245249        $this->assertInstanceOf( 'WP_Error', $check );
    246250    }
     
    250254     */
    251255    function test_empty_user_activation_key_fails_key_check() {
    252         global $wpdb;
    253 
    254         $user = $this->factory->user->create_and_get();
    255 
    256256        // An empty user_activation_key should not allow any key to be accepted
    257         $check = check_password_reset_key( 'key', $user->user_login );
     257        $check = check_password_reset_key( 'key', $this->user->user_login );
    258258        $this->assertInstanceOf( 'WP_Error', $check );
    259259
    260260        // An empty user_activation_key should not allow an empty key to be accepted
    261         $check = check_password_reset_key( '', $user->user_login );
     261        $check = check_password_reset_key( '', $this->user->user_login );
    262262        $this->assertInstanceOf( 'WP_Error', $check );
    263263    }
     
    272272
    273273        $key  = wp_generate_password( 20, false );
    274         $user = $this->factory->user->create_and_get();
    275274        $wpdb->update( $wpdb->users, array(
    276             'user_activation_key' => $this->wp_hasher->HashPassword( $key ),
     275            'user_activation_key' => self::$wp_hasher->HashPassword( $key ),
    277276        ), array(
    278             'ID' => $user->ID,
     277            'ID' => $this->user->ID,
    279278        ) );
    280279
    281280        // A legacy user_activation_key should not be accepted
    282         $check = check_password_reset_key( $key, $user->user_login );
     281        $check = check_password_reset_key( $key, $this->user->user_login );
    283282        $this->assertInstanceOf( 'WP_Error', $check );
    284283
    285284        // An empty key with a legacy user_activation_key should be rejected
    286         $check = check_password_reset_key( '', $user->user_login );
     285        $check = check_password_reset_key( '', $this->user->user_login );
    287286        $this->assertInstanceOf( 'WP_Error', $check );
    288287    }
     
    298297
    299298        $key  = wp_generate_password( 20, false );
    300         $user = $this->factory->user->create_and_get();
    301299        $wpdb->update( $wpdb->users, array(
    302300            'user_activation_key' => $key,
    303301        ), array(
    304             'ID' => $user->ID,
     302            'ID' => $this->user->ID,
    305303        ) );
    306304
    307305        // A plaintext user_activation_key should not allow an otherwise valid key to be accepted
    308         $check = check_password_reset_key( $key, $user->user_login );
     306        $check = check_password_reset_key( $key, $this->user->user_login );
    309307        $this->assertInstanceOf( 'WP_Error', $check );
    310308
    311309        // A plaintext user_activation_key should not allow an empty key to be accepted
    312         $check = check_password_reset_key( '', $user->user_login );
     310        $check = check_password_reset_key( '', $this->user->user_login );
    313311        $this->assertInstanceOf( 'WP_Error', $check );
    314312    }
Note: See TracChangeset for help on using the changeset viewer.