MAGETWO-40274: Merge Branches and Stabilize Builds

- Changed AuthObserver to accomodate new changes to the Observer.php class (cause by change of framework class Encryptor).
- Updated its unit test.

Author: Hayder Sharhan

app/code/Magento/User/Model/Backend/Observer/AuthObserver.php

@@ -9,6 +9,7 @@
 use Magento\Framework\Event\Observer as EventObserver;
 use Magento\Framework\Exception\State\UserLockedException;
 use Magento\Framework\Encryption\Encryptor;
+use Magento\User\Model\User;
 
 /**
  * User backend observer model for authentication
@@ -101,6 +102,7 @@ public function __construct(
     public function adminAuthenticate($observer)
     {
         $password = $observer->getEvent()->getPassword();
+        /** @var User $user */
         $user = $observer->getEvent()->getUser();
         $authResult = $observer->getEvent()->getResult();
 
@@ -129,16 +131,9 @@ public function adminAuthenticate($observer)
         $latestPassword = $this->userResource->getLatestPassword($user->getId());
         $this->_checkExpiredPassword($latestPassword);
 
-        // upgrade admin password
-        $isValidHash = $this->encryptor->isValidHash(
-            $password,
-            $user->getPassword()
-        );
-        if (!$isValidHash) {
-            $this->userFactory->create()
-                ->load($user->getId())
-                ->setNewPassword($password)
-                ->setForceNewPassword(true)
+        if (!$this->encryptor->validateHashVersion($user->getPassword(), true)) {
+            $user->setPassword($password)
+                ->setData('force_new_password', true)
                 ->save();
         }
     }

app/code/Magento/User/Test/Unit/Model/Backend/Observer/AuthObserverTest.php

@@ -151,7 +151,7 @@ public function testAdminAuthenticate()
         /** @var \Magento\User\Model\User|\PHPUnit_Framework_MockObject_MockObject $userMock */
         $userMock = $this->getMockBuilder('Magento\User\Model\User')
             ->disableOriginalConstructor()
-            ->setMethods(['getId', 'getLockExpires', 'getPassword'])
+            ->setMethods(['getId', 'getLockExpires', 'getPassword', 'save'])
             ->getMock();
 
         $eventObserverMock->expects($this->atLeastOnce())->method('getEvent')->willReturn($eventMock);
@@ -180,8 +180,7 @@ public function testAdminAuthenticate()
             ->willReturn($this->messageInterfaceMock);
         $this->messageInterfaceMock->expects($this->once())->method('setIdentifier')->willReturnSelf();
         $this->authSessionMock->expects($this->once())->method('setPciAdminUserIsPasswordExpired');
-        $this->encryptorMock->expects($this->once())->method('isValidHashByVersion')->willReturn(true);
-        $userMock->expects($this->once())->method('getPassword')->willReturn($userPassword);
+        $this->encryptorMock->expects($this->once())->method('validateHashVersion')->willReturn(false);
 
         $this->model->adminAuthenticate($eventObserverMock);
     }