From 734f6e4da801fe9b8ad0f0a90faf9320fefc1913 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Tue, 13 Feb 2024 11:06:15 +0100
Subject: [PATCH] tests: Add test to rotate without stored password
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 .../Token/PublicKeyTokenProviderTest.php      | 28 ++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php
index b3f5241877e..0bf4104c3f7 100644
--- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php
+++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php
@@ -564,6 +564,26 @@ class PublicKeyTokenProviderTest extends TestCase {
 		$this->assertSame('password', $this->tokenProvider->getPassword($new, 'newtokentokentokentokentoken'));
 	}
 
+	public function testRotateNoStoreCrypt() {
+		$token = 'oldtokentokentokentokentoken';
+		$uid = 'user';
+		$user = 'User';
+		$password = 'password';
+		$name = 'User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12';
+		$type = IToken::PERMANENT_TOKEN;
+
+		$this->config->method('getSystemValueBool')
+			->willReturnMap([
+				['auth.storeCryptedPassword', true, false],
+			]);
+		$actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER);
+
+		$new = $this->tokenProvider->rotate($actual, 'oldtokentokentokentokentoken', 'newtokentokentokentokentoken');
+
+		$this->expectException(PasswordlessTokenException::class);
+		$this->tokenProvider->getPassword($new, 'newtokentokentokentokentoken');
+	}
+
 	public function testRotateNoPassword() {
 		$token = 'oldtokentokentokentokentoken';
 		$uid = 'user';
@@ -580,7 +600,8 @@ class PublicKeyTokenProviderTest extends TestCase {
 
 		$newPrivate = $new->getPrivateKey();
 
-		$this->assertNotSame($newPrivate, $oldPrivate);
+		$this->assertNull($oldPrivate);
+		$this->assertNull($newPrivate);
 		$this->assertNull($new->getPassword());
 	}
 
@@ -606,6 +627,11 @@ class PublicKeyTokenProviderTest extends TestCase {
 	}
 
 	public function testUpdatePasswords() {
+		$this->config->method('getSystemValueBool')
+			->willReturnMap([
+				['auth.storeCryptedPassword', true, true],
+			]);
+
 		$uid = 'myUID';
 		$token1 = $this->tokenProvider->generateToken(
 			'foobetokentokentokentoken',