🚨 breakdown tests into separate files

Author: willpower232

composer.json

@@ -24,8 +24,8 @@
         "phpunit/phpunit": "@stable"
     },
     "suggest": {
-      "bacon/bacon-qr-code": "Needed for BaconQrCodeProvider provider",
-      "endroid/qr-code": "Needed for EndroidQrCodeProvider"
+        "bacon/bacon-qr-code": "Needed for BaconQrCodeProvider provider",
+        "endroid/qr-code": "Needed for EndroidQrCodeProvider"
     },
     "autoload": {
         "psr-4": {
@@ -34,7 +34,7 @@
     },
     "autoload-dev": {
         "psr-4": {
-            "RobThree\\Auth\\Test\\": "tests"
+            "Tests\\": "tests/"
         }
     }
 }

tests/MightNotMakeAssertions.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace Tests;
+
+trait MightNotMakeAssertions
+{
+    /**
+     * This is a shim to support PHPUnit for php 5.6 and 7.0.
+     *
+     * It has to be named something that doesn't collide with existing
+     * TestCase methods as we can't support PHP return types right now
+     */
+    public function noAssertionsMade()
+    {
+        foreach (class_parents($this) as $parent) {
+            if (method_exists($parent, 'expectNotToPerformAssertions')) {
+                return parent::expectNotToPerformAssertions();
+            }
+        }
+
+        return $this->assertTrue(true);
+    }
+}

tests/Providers/Qr/IQRCodeProviderTest.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace Tests\Providers\Qr;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\TwoFactorAuth;
+use RobThree\Auth\TwoFactorAuthException;
+
+class IQRCodeProviderTest extends TestCase
+{
+    private function DecodeDataUri($datauri)
+    {
+        if (preg_match('/data:(?P<mimetype>[\w\.\-\/]+);(?P<encoding>\w+),(?P<data>.*)/', $datauri, $m) === 1) {
+            return array(
+                'mimetype' => $m['mimetype'],
+                'encoding' => $m['encoding'],
+                'data' => base64_decode($m['data'])
+            );
+        }
+
+        return null;
+    }
+
+    public function testTotpUriIsCorrect()
+    {
+        $qr = new TestQrProvider();
+
+        $tfa = new TwoFactorAuth('Test&Issuer', 6, 30, 'sha1', $qr);
+        $data = $this->DecodeDataUri($tfa->getQRCodeImageAsDataUri('Test&Label', 'VMR466AB62ZBOKHE'));
+        $this->assertEquals('test/test', $data['mimetype']);
+        $this->assertEquals('base64', $data['encoding']);
+        $this->assertEquals('otpauth://totp/Test%26Label?secret=VMR466AB62ZBOKHE&issuer=Test%26Issuer&period=30&algorithm=SHA1&digits=6@200', $data['data']);
+    }
+
+    public function testGetQRCodeImageAsDataUriThrowsOnInvalidSize()
+    {
+        $qr = new TestQrProvider();
+
+        $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', $qr);
+
+        $this->expectException(TwoFactorAuthException::class);
+
+        $tfa->getQRCodeImageAsDataUri('Test', 'VMR466AB62ZBOKHE', 0);
+    }
+}

tests/Providers/Qr/TestQrProvider.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace Tests\Providers\Qr;
+
+use RobThree\Auth\Providers\Qr\IQRCodeProvider;
+
+class TestQrProvider implements IQRCodeProvider
+{
+    public function getQRCodeImage($qrtext, $size)
+    {
+        return $qrtext . '@' . $size;
+    }
+
+    public function getMimeType()
+    {
+        return 'test/test';
+    }
+}

tests/Providers/Rng/CSRNGProviderTest.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use Tests\MightNotMakeAssertions;
+use RobThree\Auth\Providers\Rng\CSRNGProvider;
+
+class CSRNGProviderTest extends TestCase
+{
+    use NeedsRngLengths, MightNotMakeAssertions;
+
+    /**
+     * @requires function random_bytes
+     */
+    public function testCSRNGProvidersReturnExpectedNumberOfBytes()
+    {
+        if (function_exists('random_bytes')) {
+            $rng = new CSRNGProvider();
+            foreach ($this->rngTestLengths as $l) {
+                $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+            }
+            $this->assertTrue($rng->isCryptographicallySecure());
+        } else {
+            $this->noAssertionsMade();
+        }
+    }
+}

tests/Providers/Rng/HashRNGProviderTest.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\Providers\Rng\HashRNGProvider;
+
+class HashRNGProviderTest extends TestCase
+{
+    use NeedsRngLengths;
+
+    public function testHashRNGProvidersReturnExpectedNumberOfBytes()
+    {
+        $rng = new HashRNGProvider();
+        foreach ($this->rngTestLengths as $l) {
+            $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+        }
+
+        $this->assertFalse($rng->isCryptographicallySecure());
+    }
+}

tests/Providers/Rng/IRNGProviderTest.php

@@ -0,0 +1,49 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\TwoFactorAuth;
+use RobThree\Auth\TwoFactorAuthException;
+
+class IRNGProviderTest extends TestCase
+{
+    public function testCreateSecretThrowsOnInsecureRNGProvider()
+    {
+        $rng = new TestRNGProvider();
+
+        $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+
+        $this->expectException(TwoFactorAuthException::class);
+        $tfa->createSecret();
+    }
+
+    public function testCreateSecretOverrideSecureDoesNotThrowOnInsecureRNG()
+    {
+        $rng = new TestRNGProvider();
+
+        $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+        $this->assertEquals('ABCDEFGHIJKLMNOP', $tfa->createSecret(80, false));
+    }
+
+    public function testCreateSecretDoesNotThrowOnSecureRNGProvider()
+    {
+        $rng = new TestRNGProvider(true);
+
+        $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+        $this->assertEquals('ABCDEFGHIJKLMNOP', $tfa->createSecret());
+    }
+
+    public function testCreateSecretGeneratesDesiredAmountOfEntropy()
+    {
+        $rng = new TestRNGProvider(true);
+
+        $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+        $this->assertEquals('A', $tfa->createSecret(5));
+        $this->assertEquals('AB', $tfa->createSecret(6));
+        $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ', $tfa->createSecret(128));
+        $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', $tfa->createSecret(160));
+        $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', $tfa->createSecret(320));
+        $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567ABCDEFGHIJKLMNOPQRSTUVWXYZ234567A', $tfa->createSecret(321));
+    }
+}

tests/Providers/Rng/MCryptRNGProviderTest.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use Tests\MightNotMakeAssertions;
+use RobThree\Auth\Providers\Rng\MCryptRNGProvider;
+
+class MCryptRNGProviderTest extends TestCase
+{
+    use NeedsRngLengths, MightNotMakeAssertions;
+
+    /**
+     * @requires function mcrypt_create_iv
+     */
+    public function testMCryptRNGProvidersReturnExpectedNumberOfBytes()
+    {
+        if (function_exists('mcrypt_create_iv')) {
+            $rng = new MCryptRNGProvider();
+
+            foreach ($this->rngTestLengths as $l) {
+                $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+            }
+
+            $this->assertTrue($rng->isCryptographicallySecure());
+        } else {
+            $this->noAssertionsMade();
+        }
+    }
+}

tests/Providers/Rng/NeedsRngLengths.php

@@ -0,0 +1,8 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+trait NeedsRngLengths
+{
+    protected $rngTestLengths = array(1, 16, 32, 256);
+}

tests/Providers/Rng/OpenSSLRNGProviderTest.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\Providers\Rng\OpenSSLRNGProvider;
+
+class OpenSSLRNGProviderTest extends TestCase
+{
+    use NeedsRngLengths;
+
+    public function testStrongOpenSSLRNGProvidersReturnExpectedNumberOfBytes()
+    {
+        $rng = new OpenSSLRNGProvider(true);
+        foreach ($this->rngTestLengths as $l) {
+            $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+        }
+
+        $this->assertTrue($rng->isCryptographicallySecure());
+    }
+
+    public function testNonStrongOpenSSLRNGProvidersReturnExpectedNumberOfBytes()
+    {
+        $rng = new OpenSSLRNGProvider(false);
+        foreach ($this->rngTestLengths as $l) {
+            $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+        }
+
+        $this->assertFalse($rng->isCryptographicallySecure());
+    }
+}