Login and Registration: Improve test coverage for sign on related functions

Adds new tests to ensure that `wp_authenticate_email_password`, `wp_authenticate_username_password`, and `wp_authenticate_cookie` are better tested. This also unsets cookies properly between tests. Props JordanPak, johnregan3. Fixes #36476. git-svn-id: https://develop.svn.wordpress.org/trunk@56454 602fd350-edb4-49c9-b593-d223f7449a82
2025-10-16 12:05:38 +00:00 · 2023-08-24 19:12:33 +00:00 · 2023-08-24 19:12:33 +00:00 · 1fc1e9c888
commit 1fc1e9c888
parent 0d04972be6
1 changed files with 135 additions and 1 deletions
--- a/tests/phpunit/tests/auth.php
+++ b/tests/phpunit/tests/auth.php
@ -5,6 +5,11 @@
 * @group auth
 */
 class Tests_Auth extends WP_UnitTestCase {
+	// Class User values assigned to constants.
+	const USER_EMAIL = 'test@password.com';
+	const USER_LOGIN = 'password-user';
+	const USER_PASS  = 'password';
+
 	protected $user;

 	/**
@ -22,7 +27,9 @@ class Tests_Auth extends WP_UnitTestCase {
 	public static function wpSetUpBeforeClass( WP_UnitTest_Factory $factory ) {
 		self::$_user = $factory->user->create_and_get(
 			array(
-				'user_login' => 'password-tests',
+				'user_login' => self::USER_LOGIN,
+				'user_email' => self::USER_EMAIL,
+				'user_pass'  => self::USER_PASS,
 			)
 		);

@ -46,6 +53,10 @@ class Tests_Auth extends WP_UnitTestCase {
 		// Cleanup all the global state.
 		unset( $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'], $GLOBALS['wp_rest_application_password_status'], $GLOBALS['wp_rest_application_password_uuid'] );

+		// Cleanup manual auth cookie test.
+		unset( $_COOKIE[ AUTH_COOKIE ] );
+		unset( $_COOKIE[ SECURE_AUTH_COOKIE ] );
+
 		parent::tear_down();
 	}

@ -429,6 +440,129 @@ class Tests_Auth extends WP_UnitTestCase {
 		$this->assertInstanceOf( 'WP_User', wp_authenticate( $user_args['user_login'], $user_args['user_pass'] ) );
 	}

+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_username_password_with_wp_user_object() {
+		$result = wp_authenticate_username_password( self::$_user, '', '' );
+		$this->assertSame( $result->ID, self::$user_id );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_username_password_with_login_and_password() {
+		$result = wp_authenticate_username_password( null, self::USER_LOGIN, self::USER_PASS );
+		$this->assertSame( self::$user_id, $result->ID );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_username_password_with_null_password() {
+		$result = wp_authenticate_username_password( null, self::USER_LOGIN, null );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_username_password_with_null_login() {
+		$result = wp_authenticate_username_password( null, null, self::USER_PASS );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_username_password_with_invalid_login() {
+		$result = wp_authenticate_username_password( null, 'invalidlogin', self::USER_PASS );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_username_password_with_invalid_password() {
+		$result = wp_authenticate_username_password( null, self::USER_LOGIN, 'invalidpassword' );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_email_password_with_wp_user_object() {
+		$result = wp_authenticate_email_password( self::$_user, '', '' );
+		$this->assertSame( self::$user_id, $result->ID );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_email_password_with_login_and_password() {
+		$result = wp_authenticate_email_password( null, self::USER_EMAIL, self::USER_PASS );
+		$this->assertSame( self::$user_id, $result->ID );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_email_password_with_null_password() {
+		$result = wp_authenticate_email_password( null, self::USER_EMAIL, null );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_email_password_with_null_email() {
+		$result = wp_authenticate_email_password( null, null, self::USER_PASS );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_email_password_with_invalid_email() {
+		$result = wp_authenticate_email_password( null, 'invalid@example.com', self::USER_PASS );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_email_password_with_invalid_password() {
+		$result = wp_authenticate_email_password( null, self::USER_EMAIL, 'invalidpassword' );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_cookie_with_wp_user_object() {
+		$result = wp_authenticate_cookie( $this->user, null, null );
+		$this->assertSame( self::$user_id, $result->ID );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_cookie_with_null_params() {
+		$result = wp_authenticate_cookie( null, null, null );
+		$this->assertNull( $result );
+	}
+
+	/**
+	 * @ticket 36476
+	 */
+	public function test_wp_authenticate_cookie_with_invalid_cookie() {
+		$_COOKIE[ AUTH_COOKIE ]        = 'invalid_cookie';
+		$_COOKIE[ SECURE_AUTH_COOKIE ] = 'secure_invalid_cookie';
+
+		$result = wp_authenticate_cookie( null, null, null );
+		$this->assertInstanceOf( 'WP_Error', $result );
+	}
+
 	/**
 	 * @ticket 38744
 	 */