From 61096dd7ac0122e83703910352c912feb6e78688 Mon Sep 17 00:00:00 2001 From: Ori Livneh Date: Thu, 12 May 2016 03:40:41 -0700 Subject: [PATCH] Speed up password-handling in the unit tests * Speed up password generation and verification by setting MWOldPassword as the default password type. Do this once, in MediaWikiTestCase::makeTestConfig(), rather than in five different places. * Rename '$pwhash' to '$passwordHash', for consistency. It's ugly to have both '$passwordFactory' and '$pwhash' in the same scope. * Make TestUser::setPasswordForUser() check first whether the desired password is already set. This is actually the common case, since the password is reset in the setup code for every test, but only a few tests actually change the password. Change-Id: I423f09ff7472b6cbde21cb709ea7c7ef9e298f18 --- tests/phpunit/MediaWikiTestCase.php | 3 +++ tests/phpunit/includes/TestUser.php | 10 ++++++---- tests/phpunit/includes/api/ApiLoginTest.php | 5 ++--- .../BotPasswordSessionProviderTest.php | 6 ++---- .../phpunit/includes/user/BotPasswordTest.php | 20 ++++++++----------- 5 files changed, 21 insertions(+), 23 deletions(-) diff --git a/tests/phpunit/MediaWikiTestCase.php b/tests/phpunit/MediaWikiTestCase.php index 25e0e31760..ce09edaea5 100644 --- a/tests/phpunit/MediaWikiTestCase.php +++ b/tests/phpunit/MediaWikiTestCase.php @@ -221,6 +221,9 @@ abstract class MediaWikiTestCase extends PHPUnit_Framework_TestCase { $defaultOverrides->set( 'ObjectCaches', $objectCaches ); $defaultOverrides->set( 'MainCacheType', CACHE_NONE ); + // Use a fast hash algorithm to hash passwords. + $defaultOverrides->set( 'PasswordDefault', 'A' ); + $testConfig = $customOverrides ? new MultiConfig( [ $customOverrides, $defaultOverrides, $baseConfig ] ) : new MultiConfig( [ $defaultOverrides, $baseConfig ] ); diff --git a/tests/phpunit/includes/TestUser.php b/tests/phpunit/includes/TestUser.php index 142c77f932..13bfa46a2f 100644 --- a/tests/phpunit/includes/TestUser.php +++ b/tests/phpunit/includes/TestUser.php @@ -129,14 +129,16 @@ class TestUser { throw new MWException( "Passed User has not been added to the database yet!" ); } + if ( $user->checkPassword( $password ) === true ) { + return; // Nothing to do. + } + $passwordFactory = new PasswordFactory(); $passwordFactory->init( RequestContext::getMain()->getConfig() ); - // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only - $passwordFactory->setDefaultType( 'A' ); - $pwhash = $passwordFactory->newFromPlaintext( $password ); + $passwordHash = $passwordFactory->newFromPlaintext( $password ); wfGetDB( DB_MASTER )->update( 'user', - [ 'user_password' => $pwhash->toString() ], + [ 'user_password' => $passwordHash->toString() ], [ 'user_id' => $user->getId() ], __METHOD__ ); diff --git a/tests/phpunit/includes/api/ApiLoginTest.php b/tests/phpunit/includes/api/ApiLoginTest.php index bcd884eaed..510d8bf410 100644 --- a/tests/phpunit/includes/api/ApiLoginTest.php +++ b/tests/phpunit/includes/api/ApiLoginTest.php @@ -226,8 +226,7 @@ class ApiLoginTest extends ApiTestCase { $passwordFactory = new PasswordFactory(); $passwordFactory->init( RequestContext::getMain()->getConfig() ); // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only - $passwordFactory->setDefaultType( 'A' ); - $pwhash = $passwordFactory->newFromPlaintext( 'foobaz' ); + $passwordHash = $passwordFactory->newFromPlaintext( 'foobaz' ); $dbw = wfGetDB( DB_MASTER ); $dbw->insert( @@ -235,7 +234,7 @@ class ApiLoginTest extends ApiTestCase { [ 'bp_user' => $centralId, 'bp_app_id' => 'foo', - 'bp_password' => $pwhash->toString(), + 'bp_password' => $passwordHash->toString(), 'bp_token' => '', 'bp_restrictions' => MWRestrictions::newDefault()->toJson(), 'bp_grants' => '["test"]', diff --git a/tests/phpunit/includes/session/BotPasswordSessionProviderTest.php b/tests/phpunit/includes/session/BotPasswordSessionProviderTest.php index edab0dcf4a..d4b15879c8 100644 --- a/tests/phpunit/includes/session/BotPasswordSessionProviderTest.php +++ b/tests/phpunit/includes/session/BotPasswordSessionProviderTest.php @@ -65,9 +65,7 @@ class BotPasswordSessionProviderTest extends MediaWikiTestCase { public function addDBDataOnce() { $passwordFactory = new \PasswordFactory(); $passwordFactory->init( \RequestContext::getMain()->getConfig() ); - // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only - $passwordFactory->setDefaultType( 'A' ); - $pwhash = $passwordFactory->newFromPlaintext( 'foobaz' ); + $passwordHash = $passwordFactory->newFromPlaintext( 'foobaz' ); $userId = \CentralIdLookup::factory( 'local' )->centralIdFromName( 'UTSysop' ); @@ -82,7 +80,7 @@ class BotPasswordSessionProviderTest extends MediaWikiTestCase { [ 'bp_user' => $userId, 'bp_app_id' => 'BotPasswordSessionProvider', - 'bp_password' => $pwhash->toString(), + 'bp_password' => $passwordHash->toString(), 'bp_token' => 'token!', 'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}', 'bp_grants' => '["test"]', diff --git a/tests/phpunit/includes/user/BotPasswordTest.php b/tests/phpunit/includes/user/BotPasswordTest.php index 27ce287e32..629c6e5a09 100644 --- a/tests/phpunit/includes/user/BotPasswordTest.php +++ b/tests/phpunit/includes/user/BotPasswordTest.php @@ -49,9 +49,7 @@ class BotPasswordTest extends MediaWikiTestCase { public function addDBData() { $passwordFactory = new \PasswordFactory(); $passwordFactory->init( \RequestContext::getMain()->getConfig() ); - // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only - $passwordFactory->setDefaultType( 'A' ); - $pwhash = $passwordFactory->newFromPlaintext( 'foobaz' ); + $passwordHash = $passwordFactory->newFromPlaintext( 'foobaz' ); $dbw = wfGetDB( DB_MASTER ); $dbw->delete( @@ -65,7 +63,7 @@ class BotPasswordTest extends MediaWikiTestCase { [ 'bp_user' => 42, 'bp_app_id' => 'BotPassword', - 'bp_password' => $pwhash->toString(), + 'bp_password' => $passwordHash->toString(), 'bp_token' => 'token!', 'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}', 'bp_grants' => '["test"]', @@ -73,7 +71,7 @@ class BotPasswordTest extends MediaWikiTestCase { [ 'bp_user' => 43, 'bp_app_id' => 'BotPassword', - 'bp_password' => $pwhash->toString(), + 'bp_password' => $passwordHash->toString(), 'bp_token' => 'token!', 'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}', 'bp_grants' => '["test"]', @@ -311,8 +309,6 @@ class BotPasswordTest extends MediaWikiTestCase { public function testSave( $password ) { $passwordFactory = new \PasswordFactory(); $passwordFactory->init( \RequestContext::getMain()->getConfig() ); - // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only - $passwordFactory->setDefaultType( 'A' ); $bp = BotPassword::newUnsaved( [ 'centralId' => 42, @@ -325,9 +321,9 @@ class BotPasswordTest extends MediaWikiTestCase { BotPassword::newFromCentralId( 42, 'TestSave', BotPassword::READ_LATEST ), 'sanity check' ); - $pwhash = $password ? $passwordFactory->newFromPlaintext( $password ) : null; - $this->assertFalse( $bp->save( 'update', $pwhash ) ); - $this->assertTrue( $bp->save( 'insert', $pwhash ) ); + $passwordHash = $password ? $passwordFactory->newFromPlaintext( $password ) : null; + $this->assertFalse( $bp->save( 'update', $passwordHash ) ); + $this->assertTrue( $bp->save( 'insert', $passwordHash ) ); $bp2 = BotPassword::newFromCentralId( 42, 'TestSave', BotPassword::READ_LATEST ); $this->assertInstanceOf( 'BotPassword', $bp2 ); $this->assertEquals( $bp->getUserCentralId(), $bp2->getUserCentralId() ); @@ -356,9 +352,9 @@ class BotPasswordTest extends MediaWikiTestCase { $this->assertTrue( $pw->equals( $password ) ); } - $pwhash = $passwordFactory->newFromPlaintext( 'XXX' ); + $passwordHash = $passwordFactory->newFromPlaintext( 'XXX' ); $token = $bp->getToken(); - $this->assertTrue( $bp->save( 'update', $pwhash ) ); + $this->assertTrue( $bp->save( 'update', $passwordHash ) ); $this->assertNotEquals( $token, $bp->getToken() ); $pw = TestingAccessWrapper::newFromObject( $bp )->getPassword(); $this->assertTrue( $pw->equals( 'XXX' ) ); -- 2.20.1