diff --git a/class-two-factor-core.php b/class-two-factor-core.php
index 11ccf767..d2ae83f4 100644
--- a/class-two-factor-core.php
+++ b/class-two-factor-core.php
@@ -862,7 +862,7 @@ public static function maybe_show_last_login_failure_notice( $user ) {
* They were also sent an email notification in `send_password_reset_email()`, but email sent from a typical
* web server is not reliable enough to trust completely.
*
- * @param WP_Error $errors
+ * @param WP_Error $errors Error object.
*/
public static function maybe_show_reset_password_notice( $errors ) {
if ( 'incorrect_password' !== $errors->get_error_code() ) {
@@ -904,7 +904,7 @@ public static function maybe_show_reset_password_notice( $errors ) {
/**
* Clear the password reset notice after the user resets their password.
*
- * @param WP_User $user
+ * @param WP_User $user User object.
*/
public static function clear_password_reset_notice( $user ) {
delete_user_meta( $user->ID, self::USER_PASSWORD_WAS_RESET_KEY );
@@ -920,6 +920,7 @@ public static function clear_password_reset_notice( $user ) {
* @param string $redirect_to The URL to which the user would like to be redirected.
* @param string $error_msg Optional. Login error message.
* @param string|object $provider An override to the provider.
+ * @param string $action Action to perform.
*/
public static function login_html( $user, $login_nonce, $redirect_to, $error_msg = '', $provider = null, $action = 'validate_2fa' ) {
$provider = self::get_provider_for_user( $user, $provider );
@@ -965,7 +966,8 @@ public static function login_html( $user, $login_nonce, $redirect_to, $error_msg
authentication_page( $user ); ?>
- $action,
'wp-auth-id' => $user->ID,
@@ -1371,10 +1373,10 @@ public static function rest_api_can_edit_user_and_update_two_factor_options( $us
* @since 0.1-dev
*/
public static function login_form_validate_2fa() {
- $wp_auth_id = ! empty( $_REQUEST['wp-auth-id'] ) ? absint( $_REQUEST['wp-auth-id'] ) : 0;
+ $wp_auth_id = ! empty( $_REQUEST['wp-auth-id'] ) ? absint( $_REQUEST['wp-auth-id'] ) : 0;
$nonce = ! empty( $_REQUEST['wp-auth-nonce'] ) ? wp_unslash( $_REQUEST['wp-auth-nonce'] ) : '';
- $provider = ! empty( $_REQUEST['provider'] ) ? wp_unslash( $_REQUEST['provider'] ) : '';
- $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? wp_unslash( $_REQUEST['redirect_to'] ) : '';
+ $provider = ! empty( $_REQUEST['provider'] ) ? wp_unslash( $_REQUEST['provider'] ) : '';
+ $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? wp_unslash( $_REQUEST['redirect_to'] ) : '';
$is_post_request = ( 'POST' === strtoupper( $_SERVER['REQUEST_METHOD'] ) );
$user = get_user_by( 'id', $wp_auth_id );
@@ -1441,7 +1443,7 @@ public static function _login_form_validate_2fa( $user, $nonce = '', $provider =
$rememberme = true;
}
- $session_information_callback = static function( $session, $user_id ) use( $provider, $user ) {
+ $session_information_callback = static function ( $session, $user_id ) use ( $provider, $user ) {
if ( $user->ID === $user_id ) {
$session['two-factor-login'] = time();
$session['two-factor-provider'] = $provider->get_key();
@@ -1502,9 +1504,9 @@ public static function _login_form_validate_2fa( $user, $nonce = '', $provider =
* @since 0.9.0
*/
public static function login_form_revalidate_2fa() {
- $nonce = ! empty( $_REQUEST['wp-auth-nonce'] ) ? wp_unslash( $_REQUEST['wp-auth-nonce'] ) : '';
- $provider = ! empty( $_REQUEST['provider'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['provider'] ) ) : false;
- $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? wp_unslash( $_REQUEST['redirect_to'] ) : admin_url();
+ $nonce = ! empty( $_REQUEST['wp-auth-nonce'] ) ? wp_unslash( $_REQUEST['wp-auth-nonce'] ) : '';
+ $provider = ! empty( $_REQUEST['provider'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['provider'] ) ) : false;
+ $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? wp_unslash( $_REQUEST['redirect_to'] ) : admin_url();
$is_post_request = ( 'POST' === strtoupper( $_SERVER['REQUEST_METHOD'] ) );
self::_login_form_revalidate_2fa( $nonce, $provider, $redirect_to, $is_post_request );
@@ -1519,10 +1521,10 @@ public static function login_form_revalidate_2fa() {
*
* @since 0.9.0
*
- * @param string $nonce The nonce passed with the request.
- * @param string $provider The provider to use, if known.
- * @param string $redirect_to The redirection location.
- * @param bool $is_post_request Whether the incoming request was a POST request or not.
+ * @param string $nonce The nonce passed with the request.
+ * @param string $provider The provider to use, if known.
+ * @param string $redirect_to The redirection location.
+ * @param bool $is_post_request Whether the incoming request was a POST request or not.
* @return void
*/
public static function _login_form_revalidate_2fa( $nonce = '', $provider = '', $redirect_to = '', $is_post_request = false ) {
@@ -1661,7 +1663,7 @@ public static function process_provider( $provider, $user, $is_post_request ) {
/**
* Determine if the user's password should be reset.
*
- * @param int $user_id
+ * @param int $user_id User ID.
*
* @return bool
*/
@@ -1693,7 +1695,7 @@ public static function should_reset_password( $user_id ) {
* user. `get_user_time_delay()` mitigates brute force attempts, but this acts as an extra layer of defense
* which guarantees that attackers can't brute force it (unless they compromise the new password).
*
- * @param WP_User $user The user who failed to login
+ * @param WP_User $user The user who failed to login.
*/
public static function reset_compromised_password( $user ) {
// Unhook because `wp_password_change_notification()` wouldn't notify the site admin when
@@ -1711,7 +1713,7 @@ public static function reset_compromised_password( $user ) {
/**
* Notify the user and admin that a password was reset for being compromised.
*
- * @param WP_User $user The user whose password should be reset
+ * @param WP_User $user The user whose password should be reset.
*/
public static function send_password_reset_emails( $user ) {
self::notify_user_password_reset( $user );
@@ -1733,7 +1735,7 @@ public static function send_password_reset_emails( $user ) {
/**
* Notify the user that their password has been compromised and reset.
*
- * @param WP_User $user The user to notify
+ * @param WP_User $user The user to notify.
*
* @return bool `true` if the email was sent, `false` if it failed.
*/
@@ -1837,7 +1839,6 @@ public static function manage_users_custom_column( $output, $column_name, $user_
$provider = self::get_primary_provider_for_user( $user_id );
return esc_html( $provider->get_label() );
}
-
}
/**
@@ -2054,8 +2055,8 @@ public static function enable_provider_for_user( $user_id, $new_provider ) {
*
* The caller is responsible for checking the user has permission to do this.
*
- * @param int $user_id The ID of the user.
- * @param string $provider The name of the provider class.
+ * @param int $user_id The ID of the user.
+ * @param string $provider_to_delete The name of the provider class.
*
* @return bool True if the provider was disabled, false otherwise.
*/
@@ -2126,16 +2127,20 @@ public static function user_two_factor_options_update( $user_id ) {
if ( $enabled_providers && ! $existing_providers && ! self::is_current_user_session_two_factor() ) {
// We've enabled two-factor from a non-two-factor session, set the key but not the provider, as no provider has been used yet.
- self::update_current_user_session( array(
- 'two-factor-provider' => '',
- 'two-factor-login' => time(),
- ) );
+ self::update_current_user_session(
+ array(
+ 'two-factor-provider' => '',
+ 'two-factor-login' => time(),
+ )
+ );
} elseif ( $existing_providers && ! $enabled_providers ) {
// We've disabled two-factor, remove session metadata.
- self::update_current_user_session( array(
- 'two-factor-provider' => null,
- 'two-factor-login' => null,
- ) );
+ self::update_current_user_session(
+ array(
+ 'two-factor-provider' => null,
+ 'two-factor-login' => null,
+ )
+ );
}
}
diff --git a/phpcs.xml.dist b/phpcs.xml.dist
index c3a245fe..1e376b84 100644
--- a/phpcs.xml.dist
+++ b/phpcs.xml.dist
@@ -22,6 +22,24 @@
tests/providers/*.php
+
+
+ tests/*.php
+ tests/providers/*.php
+
+
+
+
+ tests/*.php
+ tests/providers/*.php
+
+
+
+
+ tests/*.php
+ tests/providers/*.php
+
+
*/wordpress/*
*/dist/*
*/includes/*
diff --git a/providers/class-two-factor-backup-codes.php b/providers/class-two-factor-backup-codes.php
index a1c9e379..6ee98fc0 100644
--- a/providers/class-two-factor-backup-codes.php
+++ b/providers/class-two-factor-backup-codes.php
@@ -55,11 +55,11 @@ public function register_rest_routes() {
array(
'methods' => WP_REST_Server::CREATABLE,
'callback' => array( $this, 'rest_generate_codes' ),
- 'permission_callback' => function( $request ) {
+ 'permission_callback' => function ( $request ) {
return Two_Factor_Core::rest_api_can_edit_user_and_update_two_factor_options( $request['user_id'] );
},
'args' => array(
- 'user_id' => array(
+ 'user_id' => array(
'required' => true,
'type' => 'integer',
),
@@ -279,13 +279,15 @@ public function generate_codes( $user, $args = '' ) {
* Generates Backup Codes for returning through the WordPress Rest API.
*
* @since 0.8.0
+ * @param WP_REST_Request $request Request object.
+ * @return array|WP_Error
*/
public function rest_generate_codes( $request ) {
$user_id = $request['user_id'];
$user = get_user_by( 'id', $user_id );
// Hardcode these, the user shouldn't be able to choose them.
- $args = array(
+ $args = array(
'number' => self::NUMBER_OF_CODES,
'method' => 'replace',
);
@@ -306,7 +308,7 @@ public function rest_generate_codes( $request ) {
$i = 1;
foreach ( $codes as $code ) {
$download_link .= rawurlencode( "{$i}. {$code}\r\n" );
- $i++;
+ ++$i;
}
$i18n = array(
@@ -350,7 +352,7 @@ public static function codes_remaining_for_user( $user ) {
public function authentication_page( $user ) {
require_once ABSPATH . '/wp-admin/includes/template.php';
- $code_length = $this->get_backup_code_length( $user );
+ $code_length = $this->get_backup_code_length( $user );
$code_placeholder = str_repeat( 'X', $code_length );
?>
diff --git a/providers/class-two-factor-email.php b/providers/class-two-factor-email.php
index ea33f0f2..d1d2d296 100644
--- a/providers/class-two-factor-email.php
+++ b/providers/class-two-factor-email.php
@@ -286,7 +286,7 @@ public function authentication_page( $user ) {
$this->generate_and_email_token( $user );
}
- $token_length = $this->get_token_length();
+ $token_length = $this->get_token_length();
$token_placeholder = str_repeat( 'X', $token_length );
require_once ABSPATH . '/wp-admin/includes/template.php';
diff --git a/providers/class-two-factor-fido-u2f-admin.php b/providers/class-two-factor-fido-u2f-admin.php
index 1869ab8b..8bc9af83 100644
--- a/providers/class-two-factor-fido-u2f-admin.php
+++ b/providers/class-two-factor-fido-u2f-admin.php
@@ -63,8 +63,8 @@ public static function enqueue_assets( $hook ) {
// @todo Ensure that scripts don't fail because of missing u2fL10n.
try {
- $data = Two_Factor_FIDO_U2F::$u2f->getRegisterData( $security_keys );
- list( $req,$sigs ) = $data;
+ $data = Two_Factor_FIDO_U2F::$u2f->getRegisterData( $security_keys );
+ list( $req, $sigs ) = $data;
update_user_meta( $user_id, self::REGISTER_DATA_USER_META_KEY, $req );
} catch ( Exception $e ) {
diff --git a/providers/class-two-factor-fido-u2f.php b/providers/class-two-factor-fido-u2f.php
index cd569997..4d3408dd 100644
--- a/providers/class-two-factor-fido-u2f.php
+++ b/providers/class-two-factor-fido-u2f.php
@@ -122,7 +122,7 @@ public function get_alternative_provider_label() {
public static function enqueue_scripts() {
wp_register_script(
'fido-u2f-api',
- plugins_url( 'includes/Google/u2f-api.js', dirname( __FILE__ ) ),
+ plugins_url( 'includes/Google/u2f-api.js', __DIR__ ),
null,
self::asset_version(),
true
diff --git a/providers/class-two-factor-provider.php b/providers/class-two-factor-provider.php
index b780c4a7..001194f2 100644
--- a/providers/class-two-factor-provider.php
+++ b/providers/class-two-factor-provider.php
@@ -25,7 +25,7 @@ public static function get_instance() {
$class_name = static::class;
if ( ! isset( $instances[ $class_name ] ) ) {
- $instances[ $class_name ] = new $class_name;
+ $instances[ $class_name ] = new $class_name();
}
return $instances[ $class_name ];
diff --git a/providers/class-two-factor-totp.php b/providers/class-two-factor-totp.php
index 88831185..c64fc9ce 100644
--- a/providers/class-two-factor-totp.php
+++ b/providers/class-two-factor-totp.php
@@ -126,6 +126,7 @@ public function get_alternative_provider_label() {
* Enqueue scripts
*
* @codeCoverageIgnore
+ * @param string $hook_suffix Hook suffix.
*/
public function enqueue_assets( $hook_suffix ) {
$environment_prefix = file_exists( TWO_FACTOR_DIR . '/dist' ) ? '/dist' : '';
diff --git a/tests/bootstrap.php b/tests/bootstrap.php
index 687c37ad..6d3ae4ce 100644
--- a/tests/bootstrap.php
+++ b/tests/bootstrap.php
@@ -33,7 +33,7 @@
// Activate the plugin.
tests_add_filter(
'muplugins_loaded',
- function() {
+ function () {
require_once dirname( __DIR__ ) . '/two-factor.php';
}
);
diff --git a/tests/class-secure-dummy.php b/tests/class-secure-dummy.php
index 96a412d4..bfac618a 100644
--- a/tests/class-secure-dummy.php
+++ b/tests/class-secure-dummy.php
@@ -1,4 +1,10 @@
assertCount( 1, Two_Factor_Core::get_available_providers_for_user( $user->ID ) );
$this->assertCount( 1, Two_Factor_Core::get_enabled_providers_for_user( $user->ID ) );
- // Revert back to the previous user
+ // Revert back to the previous user.
wp_set_current_user( $this->old_user_id );
// Verify the counts are still correct for that user ID.
@@ -353,7 +359,7 @@ public function test_user_api_login_can_be_enabled_via_filter() {
add_filter(
'two_factor_user_api_login_enable',
- function( $enabled, $user_id ) use ( $user_id_enabled ) {
+ function ( $enabled, $user_id ) use ( $user_id_enabled ) {
return ( $user_id === $user_id_enabled );
},
10,
@@ -449,6 +455,8 @@ public function test_can_distroy_auth_sessions() {
}
/**
+ * Test invalid hash input fails.
+ *
* @covers Two_Factor_Core::create_login_nonce()
* @covers Two_Factor_Core::hash_login_nonce()
*/
@@ -460,6 +468,8 @@ public function test_invalid_hash_input_fails() {
}
/**
+ * Test create login nonce.
+ *
* @covers Two_Factor_Core::create_login_nonce()
* @covers Two_Factor_Core::hash_login_nonce()
*/
@@ -560,7 +570,7 @@ public function test_get_user_time_delay() {
update_user_meta( $user->ID, Two_Factor_Core::USER_FAILED_LOGIN_ATTEMPTS_KEY, 5 );
$this->assertEquals( pow( 2, 5 ) * $rate_limit, Two_Factor_Core::get_user_time_delay( $user ) );
- // Simulate 100 failed login attempts, validate that the lockout is not greater than $max_rate_limit
+ // Simulate 100 failed login attempts, validate that the lockout is not greater than $max_rate_limit.
update_user_meta( $user->ID, Two_Factor_Core::USER_FAILED_LOGIN_ATTEMPTS_KEY, 100 );
$this->assertEquals( $max_rate_limit, Two_Factor_Core::get_user_time_delay( $user ) );
}
@@ -633,6 +643,8 @@ public function test_maybe_show_last_login_failure_notice() {
}
/**
+ * Test no reset notice when no errors.
+ *
* @covers Two_Factor_Core::maybe_show_reset_password_notice()
*/
public function test_no_reset_notice_when_no_errors() {
@@ -642,6 +654,8 @@ public function test_no_reset_notice_when_no_errors() {
}
/**
+ * Test no reset notice when different error.
+ *
* @covers Two_Factor_Core::maybe_show_reset_password_notice()
*/
public function test_no_reset_notice_when_different_error() {
@@ -652,6 +666,8 @@ public function test_no_reset_notice_when_different_error() {
}
/**
+ * Test no reset notice when password not reset.
+ *
* @covers Two_Factor_Core::maybe_show_reset_password_notice()
*/
public function test_no_reset_notice_when_password_not_reset() {
@@ -665,6 +681,8 @@ public function test_no_reset_notice_when_password_not_reset() {
}
/**
+ * Test reset notice when password was reset.
+ *
* @covers Two_Factor_Core::maybe_show_reset_password_notice()
*/
public function test_reset_notice_when_password_was_reset() {
@@ -672,13 +690,15 @@ public function test_reset_notice_when_password_was_reset() {
$errors = new WP_Error( 'incorrect_password', 'Incorrect password' );
$_POST['log'] = $user->user_login;
- update_user_meta( $user->ID, Two_Factor_Core::USER_PASSWORD_WAS_RESET_KEY, true );
+ update_user_meta( $user->ID, Two_Factor_Core::USER_PASSWORD_WAS_RESET_KEY, true );
Two_Factor_Core::maybe_show_reset_password_notice( $errors );
$this->assertCount( 1, $errors->get_error_codes() );
$this->assertSame( 'two_factor_password_reset', $errors->get_error_code() );
}
/**
+ * Test clear password reset notice.
+ *
* @covers Two_Factor_Core::clear_password_reset_notice()
*/
public function test_clear_password_reset_notice() {
@@ -690,6 +710,8 @@ public function test_clear_password_reset_notice() {
}
/**
+ * Test should reset password.
+ *
* @covers Two_Factor_Core::should_reset_password()
*/
public function test_should_reset_password() {
@@ -704,7 +726,7 @@ public function test_should_reset_password() {
$this->assertTrue( Two_Factor_Core::should_reset_password( $user->ID ) );
// Test filtered limit.
- $strict_limit = function() {
+ $strict_limit = function () {
return 7;
};
@@ -742,6 +764,8 @@ public function test_reset_compromised_password() {
}
/**
+ * Test both password reset notifications sent.
+ *
* @covers Two_Factor_Core::send_password_reset_emails()
* @covers Two_Factor_Core::notify_user_password_reset()
* @covers Two_Factor_Core::notify_admin_user_password_reset()
@@ -761,6 +785,8 @@ public function test_both_password_reset_notifications_sent() {
}
/**
+ * Test single email sent when admin password reset.
+ *
* @covers Two_Factor_Core::send_password_reset_emails()
* @covers Two_Factor_Core::notify_user_password_reset()
*/
@@ -780,6 +806,8 @@ public function test_single_email_sent_when_admin_password_reset() {
}
/**
+ * Test dont notify admin when filter disabled.
+ *
* @covers Two_Factor_Core::send_password_reset_emails()
* @covers Two_Factor_Core::notify_user_password_reset()
*/
@@ -801,6 +829,8 @@ public function test_dont_notify_admin_when_filter_disabled() {
}
/**
+ * Test show password reset error.
+ *
* @covers Two_Factor_Core::show_password_reset_error
*/
public function test_show_password_reset_error() {
@@ -812,6 +842,8 @@ public function test_show_password_reset_error() {
}
/**
+ * Test enable disable provider for user.
+ *
* @covers Two_Factor_Core::enable_provider_for_user()
* @covers Two_Factor_Core::disable_provider_for_user()
*/
@@ -826,7 +858,7 @@ public function test_enable_disable_provider_for_user() {
// Disabling one that doesn't exist should fail.
$nonexistent_enabled = Two_Factor_Core::enable_provider_for_user( $user->ID, 'Nonexistent_Provider' );
- $enabled_providers = Two_Factor_Core::get_enabled_providers_for_user( $user->ID );
+ $enabled_providers = Two_Factor_Core::get_enabled_providers_for_user( $user->ID );
$this->assertFalse( $nonexistent_enabled, 'Nonexistent shouldn\'t be allowed to be enabled' );
$this->assertEmpty( $enabled_providers, 'Nonexistent wasn\'t enabled' );
$this->assertNull( Two_Factor_Core::get_primary_provider_for_user( $user->ID ), 'Nonexistent wasn\'t set as primary' );
@@ -834,7 +866,7 @@ public function test_enable_disable_provider_for_user() {
// Enabling a valid one should succeed. The first one that's enabled and configured should be the default primary.
$totp = Two_Factor_Totp::get_instance();
$totp->set_user_totp_key( $user->ID, 'foo' );
- $totp_enabled = Two_Factor_Core::enable_provider_for_user( $user->ID, 'Two_Factor_Totp' );
+ $totp_enabled = Two_Factor_Core::enable_provider_for_user( $user->ID, 'Two_Factor_Totp' );
$enabled_providers = Two_Factor_Core::get_enabled_providers_for_user( $user->ID );
$this->assertTrue( $totp_enabled, 'Can enable a valid provider' );
$this->assertSame( array( 'Two_Factor_Totp' ), $enabled_providers, 'Enabled provider is now listed as enabled' );
@@ -845,7 +877,7 @@ public function test_enable_disable_provider_for_user() {
$this->assertTrue( $totp_enabled, 'Can enable a provider that is already enabled' );
// Enabling another should succeed, and not change the primary.
- $dummy_enabled = Two_Factor_Core::enable_provider_for_user( $user->ID, 'Two_Factor_Dummy' );
+ $dummy_enabled = Two_Factor_Core::enable_provider_for_user( $user->ID, 'Two_Factor_Dummy' );
$enabled_providers = Two_Factor_Core::get_enabled_providers_for_user( $user->ID );
$this->assertTrue( $dummy_enabled, 'Can enable valid provider' );
$this->assertSame( array( 'Two_Factor_Totp', 'Two_Factor_Dummy' ), $enabled_providers, 'Multiple can be enabled at the same time' );
@@ -853,13 +885,13 @@ public function test_enable_disable_provider_for_user() {
// Disabling one that doesn't exist should fail.
$nonexistent_disabled = Two_Factor_Core::disable_provider_for_user( $user->ID, 'Nonexistent_Provider' );
- $enabled_providers = Two_Factor_Core::get_enabled_providers_for_user( $user->ID );
+ $enabled_providers = Two_Factor_Core::get_enabled_providers_for_user( $user->ID );
$this->assertFalse( $nonexistent_disabled, 'Unavailable provider can\'t be disabled' );
$this->assertSame( array( 'Two_Factor_Totp', 'Two_Factor_Dummy' ), $enabled_providers, 'Unavailable wasn\'t added to the list of enabled proviers' );
$this->assertSame( 'Two_Factor_Totp', Two_Factor_Core::get_primary_provider_for_user( $user->ID )->get_key(), 'The primary is still the same after unavailable disable attempt' );
// Disabling one that's enabled should succeed, and change the primary to the next available one.
- $totp_disabled = Two_Factor_Core::disable_provider_for_user( $user->ID, 'Two_Factor_Totp' );
+ $totp_disabled = Two_Factor_Core::disable_provider_for_user( $user->ID, 'Two_Factor_Totp' );
$enabled_providers = Two_Factor_Core::get_enabled_providers_for_user( $user->ID );
$this->assertTrue( $totp_disabled, 'Can disable a provider that is enabled' );
$this->assertSame( array( 1 => 'Two_Factor_Dummy' ), $enabled_providers, 'The other providers are kept enabled' );
@@ -873,7 +905,7 @@ public function test_enable_disable_provider_for_user() {
* @covers Two_Factor_Core::user_two_factor_options_update()
*/
public function test_enabling_two_factor_is_factored_session() {
- $user = self::factory()->user->create_and_get();
+ $user = self::factory()->user->create_and_get();
$this->assertFalse( Two_Factor_Core::is_current_user_session_two_factor() );
@@ -894,7 +926,7 @@ public function test_enabling_two_factor_is_factored_session() {
$_POST[ $key ] = $nonce;
$_REQUEST[ $key ] = $nonce;
- $_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = [ 'Two_Factor_Dummy' => 'Two_Factor_Dummy' ];
+ $_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = array( 'Two_Factor_Dummy' => 'Two_Factor_Dummy' );
Two_Factor_Core::user_two_factor_options_update( $user->ID );
@@ -914,7 +946,6 @@ public function test_enabling_two_factor_is_factored_session() {
$this->assertTrue( Two_Factor_Core::current_user_can_update_two_factor_options() );
// Can save 2FA settings.
$this->assertTrue( Two_Factor_Core::current_user_can_update_two_factor_options( 'save' ) );
-
}
/**
@@ -935,14 +966,14 @@ public function test_disabling_two_factor_is_not_factored_session() {
$_POST[ $key ] = $nonce;
$_REQUEST[ $key ] = $nonce;
- $_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = [ 'Two_Factor_Dummy' => 'Two_Factor_Dummy' ];
+ $_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = array( 'Two_Factor_Dummy' => 'Two_Factor_Dummy' );
Two_Factor_Core::user_two_factor_options_update( $user->ID );
$this->assertNotFalse( Two_Factor_Core::is_current_user_session_two_factor() );
// Disable all providers, and test that the session is invalidated.
- $_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = [];
+ $_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = array();
Two_Factor_Core::user_two_factor_options_update( $user->ID );
$this->assertFalse( Two_Factor_Core::is_current_user_session_two_factor() );
@@ -974,7 +1005,7 @@ public function test_is_current_user_session_two_factor_without_two_factor() {
$this->assertNotEmpty( $_COOKIE[ AUTH_COOKIE ] );
$this->assertNotEmpty( $_COOKIE[ LOGGED_IN_COOKIE ] );
- // Validate that the session is not flagged as 2FA
+ // Validate that the session is not flagged as 2FA.
$this->assertFalse( Two_Factor_Core::is_current_user_session_two_factor() );
$manager = WP_Session_Tokens::get_instance( $user->ID );
@@ -1034,7 +1065,6 @@ public function test_is_current_user_session_two_factor_with_two_factor() {
// Validate that the session provider is as expected.
$this->assertArrayHasKey( 'two-factor-provider', $session );
$this->assertEquals( 'Two_Factor_Dummy', $session['two-factor-provider'] );
-
}
/**
@@ -1135,6 +1165,8 @@ public function test_revalidation_sets_time() {
}
/**
+ * Test current user can update two factor options functionality.
+ *
* @covers Two_Factor_Core::current_user_can_update_two_factor_options()
*/
public function test_current_user_can_update_two_factor_options() {
@@ -1153,7 +1185,7 @@ public function test_current_user_can_update_two_factor_options() {
// Manually setup 2FA, but not through the User Options API, such that the above session is not-2fa.
Two_Factor_Core::enable_provider_for_user( $user->ID, 'Two_Factor_Dummy' );
- // Logged in, user has 2FA, session has no 2FA
+ // Logged in, user has 2FA, session has no 2FA.
$this->assertFalse( Two_Factor_Core::current_user_can_update_two_factor_options() );
// Set the session as 2FA.
@@ -1169,7 +1201,7 @@ public function test_current_user_can_update_two_factor_options() {
$this->assertTrue( Two_Factor_Core::current_user_can_update_two_factor_options() );
// Set the two factor login time to a minute less than the grace time.
- $session['two-factor-login'] = time() - ( 11 * MINUTE_IN_SECONDS );
+ $session['two-factor-login'] = time() - ( 11 * MINUTE_IN_SECONDS );
$manager->update( $token, $session );
// Logged in, user has 2FA, session has 2FA that's longer than the grace period. Can Save, can't Display.
@@ -1177,7 +1209,7 @@ public function test_current_user_can_update_two_factor_options() {
$this->assertFalse( Two_Factor_Core::current_user_can_update_two_factor_options() );
// Set the two factor login time to a older than the saving grace time.
- $session['two-factor-login'] = time() - ( 30 * MINUTE_IN_SECONDS );
+ $session['two-factor-login'] = time() - ( 30 * MINUTE_IN_SECONDS );
$manager->update( $token, $session );
// Logged in, user has 2FA, session has 2FA way past grace period. Can't Save, can't Display.
@@ -1208,11 +1240,13 @@ public function test_session_getter_setter() {
// Check setting keys works.
$this->assertArrayNotHasKey( 'test-key', $session );
- // Set the key
- Two_Factor_Core::update_current_user_session( array(
- 'test-key' => true,
- 'test-key-two' => true,
- ) );
+ // Set the key.
+ Two_Factor_Core::update_current_user_session(
+ array(
+ 'test-key' => true,
+ 'test-key-two' => true,
+ )
+ );
// Retrieve the session again, and verify it's updated.
$session = Two_Factor_Core::get_current_user_session();
@@ -1220,10 +1254,12 @@ public function test_session_getter_setter() {
$this->assertArrayHasKey( 'test-key', $session );
$this->assertArrayHasKey( 'test-key-two', $session );
- // Remove the key by setting it to null
- Two_Factor_Core::update_current_user_session( array(
- 'test-key' => null
- ) );
+ // Remove the key by setting it to null.
+ Two_Factor_Core::update_current_user_session(
+ array(
+ 'test-key' => null,
+ )
+ );
// Check the key is no longer there.
$session = Two_Factor_Core::get_current_user_session();
@@ -1244,11 +1280,13 @@ public function test_get_provider_for_user() {
// Set the cookie without going through two-factor, and fill in $_COOKIE.
wp_set_auth_cookie( $user->ID );
- // Setup the current session as 2fa'd
- Two_Factor_Core::update_current_user_session( array(
- 'two-factor-provider' => 'Two_Factor_Dummy',
- 'two-factor-login' => time()
- ) );
+ // Setup the current session as 2fa'd.
+ Two_Factor_Core::update_current_user_session(
+ array(
+ 'two-factor-provider' => 'Two_Factor_Dummy',
+ 'two-factor-login' => time(),
+ )
+ );
$dummy = Two_Factor_Dummy::get_instance();
$email = Two_Factor_Email::get_instance();
@@ -1269,7 +1307,7 @@ public function test_get_provider_for_user() {
// Validate that upon requesting an invalid provider, valid data comes back.
$this->assertEquals(
'Two_Factor_Dummy',
- Two_Factor_Core::get_provider_for_user( $user, new stdClass )->get_key()
+ Two_Factor_Core::get_provider_for_user( $user, new stdClass() )->get_key()
);
$this->assertEquals(
'Two_Factor_Dummy',
@@ -1298,9 +1336,11 @@ public function test_get_provider_for_user() {
);
// Update the session to say that Email was last-used.
- Two_Factor_Core::update_current_user_session( array(
- 'two-factor-provider' => $email->get_key(),
- ) );
+ Two_Factor_Core::update_current_user_session(
+ array(
+ 'two-factor-provider' => $email->get_key(),
+ )
+ );
// Validate it's now the default for the current session.
$this->assertEquals(
@@ -1354,12 +1394,14 @@ public function test_filter_session_information() {
// Boilerplate ends here.
- // Add a custom meta item to the session
- Two_Factor_Core::update_current_user_session( [
- 'two-factor-test-key1' => 'test-value',
- 'two-factor-test-key2' => 'test-value',
- 'tests-key' => 'test-value',
- ] );
+ // Add a custom meta item to the session.
+ Two_Factor_Core::update_current_user_session(
+ array(
+ 'two-factor-test-key1' => 'test-value',
+ 'two-factor-test-key2' => 'test-value',
+ 'tests-key' => 'test-value',
+ )
+ );
$session = Two_Factor_Core::get_current_user_session();
$this->assertArrayHasKey( 'two-factor-test-key1', $session );
@@ -1419,13 +1461,16 @@ public function test_other_sessions_destroyed_when_enabling_2fa() {
// Generate multiple existing sessions.
$session_manager->create( time() + HOUR_IN_SECONDS );
- $session_manager->create( time() + DAY_IN_SECONDS );
+ $session_manager->create( time() + DAY_IN_SECONDS );
$this->assertCount( 2, $session_manager->get_all(), 'Can fetch active sessions' );
// Shim the cookie... this allows for functions that use sessions to know the current session.
- add_action( 'set_logged_in_cookie', function( $logged_in_cookie ) {
- $_COOKIE[ LOGGED_IN_COOKIE ] = $logged_in_cookie;
- } );
+ add_action(
+ 'set_logged_in_cookie',
+ function ( $logged_in_cookie ) {
+ $_COOKIE[ LOGGED_IN_COOKIE ] = $logged_in_cookie;
+ }
+ );
$user_authenticated = wp_signon(
array(
@@ -1444,7 +1489,7 @@ public function test_other_sessions_destroyed_when_enabling_2fa() {
$_REQUEST[ $key ] = $nonce;
$_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = array(
- 'Two_Factor_Dummy' => 'Two_Factor_Dummy'
+ 'Two_Factor_Dummy' => 'Two_Factor_Dummy',
);
Two_Factor_Core::user_two_factor_options_update( $user->ID );
@@ -1457,7 +1502,7 @@ public function test_other_sessions_destroyed_when_enabling_2fa() {
$this->assertCount( 1, $session_manager->get_all(), 'All known authentication sessions have been destroyed' );
// Create another session, activate another provider, verify sessions are still valid.
- $session_manager->create( time() + DAY_IN_SECONDS );
+ $session_manager->create( time() + DAY_IN_SECONDS );
$this->assertCount( 2, $session_manager->get_all(), 'Failed to create another session' );
$_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = array(
@@ -1487,7 +1532,7 @@ public function test_other_sessions_destroyed_when_enabling_2fa() {
$this->assertCount( 1, $session_manager->get_all(), 'All known authentication sessions have been destroyed' );
// Create another session, deactivate two-factor, verify sessions are still valid.
- $session_manager->create( time() + DAY_IN_SECONDS );
+ $session_manager->create( time() + DAY_IN_SECONDS );
$this->assertCount( 2, $session_manager->get_all(), 'Failed to create another session' );
$_POST[ Two_Factor_Core::ENABLED_PROVIDERS_USER_META_KEY ] = array();
@@ -1509,7 +1554,7 @@ public function test_other_sessions_destroyed_when_enabling_2fa() {
public function test_all_sessions_destroyed_when_enabling_2fa_by_admin() {
$admin_id = self::factory()->user->create(
array(
- 'role' => 'administrator'
+ 'role' => 'administrator',
)
);
wp_set_current_user( $admin_id );
@@ -1517,7 +1562,7 @@ public function test_all_sessions_destroyed_when_enabling_2fa_by_admin() {
// Create an admin session,.
$admin_session_manager = WP_Session_Tokens::get_instance( $admin_id );
- $admin_session_manager->create( time() + DAY_IN_SECONDS );
+ $admin_session_manager->create( time() + DAY_IN_SECONDS );
$this->assertCount( 1, $admin_session_manager->get_all(), 'No admin sessions are present first' );
// Create the target user.
@@ -1533,7 +1578,7 @@ public function test_all_sessions_destroyed_when_enabling_2fa_by_admin() {
$this->assertCount( 0, $session_manager->get_all(), 'No user sessions are present first' );
// Generate multiple existing sessions.
- $session_manager->create( time() + DAY_IN_SECONDS );
+ $session_manager->create( time() + DAY_IN_SECONDS );
$this->assertCount( 1, $session_manager->get_all(), 'Can fetch active sessions' );
$key = '_nonce_user_two_factor_options';
@@ -1556,8 +1601,11 @@ public function test_all_sessions_destroyed_when_enabling_2fa_by_admin() {
$this->assertCount( 1, $admin_session_manager->get_all(), 'No admin sessions are present first' );
}
+ /**
+ * Test filtering registered providers for user.
+ */
public function test_can_filter_registered_providers_for_user() {
- $user = self::factory()->user->create_and_get();
+ $user = self::factory()->user->create_and_get();
$providers = Two_Factor_Core::get_providers();
$this->assertEquals(
@@ -1570,7 +1618,7 @@ public function test_can_filter_registered_providers_for_user() {
add_filter(
'two_factor_providers_for_user',
- function( $providers, $user ) {
+ function ( $providers, $user ) {
$this->assertInstanceOf( WP_User::class, $user, 'A user referenced is passed to the filter' );
return array_diff_key( $providers, array( 'Two_Factor_Email' => null ) );
@@ -1590,9 +1638,12 @@ function( $providers, $user ) {
remove_all_filters( 'two_factor_providers_for_user' );
}
+ /**
+ * Test disabling default providers.
+ */
public function test_can_disable_default_providers() {
- $user = self::factory()->user->create_and_get();
- $providers = Two_Factor_Core::get_providers();
+ $user = self::factory()->user->create_and_get();
+ $providers = Two_Factor_Core::get_providers();
$default_provider = current( $providers );
$this->assertContains( 'Two_Factor_Email', array_keys( $providers ), 'Email provider is enabled by default' );
diff --git a/tests/providers/class-two-factor-backup-codes-rest-api.php b/tests/providers/class-two-factor-backup-codes-rest-api.php
index 368f3230..2cfef2b3 100644
--- a/tests/providers/class-two-factor-backup-codes-rest-api.php
+++ b/tests/providers/class-two-factor-backup-codes-rest-api.php
@@ -35,22 +35,30 @@ class Tests_Two_Factor_Backup_Codes_REST_API extends WP_Test_REST_TestCase {
*/
protected static $editor_id;
+ /**
+ * Set up test fixtures.
+ *
+ * @param WP_UnitTest_Factory $factory Factory instance.
+ */
public static function wpSetUpBeforeClass( WP_UnitTest_Factory $factory ) {
self::$admin_id = $factory->user->create(
- array(
- 'role' => 'administrator',
- )
+ array(
+ 'role' => 'administrator',
+ )
);
self::$editor_id = $factory->user->create(
- array(
- 'role' => 'editor',
- )
+ array(
+ 'role' => 'editor',
+ )
);
self::$provider = Two_Factor_Backup_Codes::get_instance();
}
+ /**
+ * Clean up test fixtures.
+ */
public static function wpTearDownAfterClass() {
self::delete_user( self::$admin_id );
self::delete_user( self::$editor_id );
diff --git a/tests/providers/class-two-factor-backup-codes.php b/tests/providers/class-two-factor-backup-codes.php
index fb134b60..f1b62f57 100644
--- a/tests/providers/class-two-factor-backup-codes.php
+++ b/tests/providers/class-two-factor-backup-codes.php
@@ -157,7 +157,7 @@ public function test_generate_code_and_validate_code_false_different_users() {
* @covers Two_Factor_Backup_Codes::user_options
*/
public function test_user_options() {
- $user = new WP_User( self::factory()->user->create() );
+ $user = new WP_User( self::factory()->user->create() );
ob_start();
$this->provider->user_options( $user );
@@ -195,6 +195,9 @@ public function test_delete_code() {
$this->assertEquals( 1, $this->provider->codes_remaining_for_user( $user ) );
}
+ /**
+ * Test backup code length filter.
+ */
public function test_backup_code_length_filter() {
$user = new WP_User( self::factory()->user->create() );
@@ -202,7 +205,7 @@ public function test_backup_code_length_filter() {
add_filter(
'two_factor_backup_code_length',
- function() {
+ function () {
return 7;
}
);
diff --git a/tests/providers/class-two-factor-dummy-secure.php b/tests/providers/class-two-factor-dummy-secure.php
index e0c54425..99df37a0 100644
--- a/tests/providers/class-two-factor-dummy-secure.php
+++ b/tests/providers/class-two-factor-dummy-secure.php
@@ -32,6 +32,9 @@ public function set_up() {
$this->provider = Two_Factor_Dummy_Secure::get_instance();
}
+ /**
+ * Test get_key method.
+ */
public function test_get_key() {
$this->assertEquals( 'Two_Factor_Dummy', $this->provider->get_key() );
}
@@ -50,7 +53,6 @@ public function test_authentication_page() {
$this->assertStringContainsString( 'Are you really you?', $contents );
$this->assertStringContainsString( '', $contents );
$this->assertStringContainsString( 'Yup', $contents );
-
}
/**
@@ -61,7 +63,6 @@ public function test_authentication_page() {
public function test_validate_authentication() {
$this->assertFalse( $this->provider->validate_authentication( false ) );
-
}
/**
@@ -75,16 +76,21 @@ public function test_provider_classname_filter() {
$filtered = Two_Factor_Core::get_providers();
remove_filter( 'two_factor_provider_classname_Two_Factor_Dummy', array( $this, 'filter_change_provider' ) );
- $this->assertEquals( 'Two_Factor_Dummy', get_class( $providers['Two_Factor_Dummy'] ) );
- $this->assertNotEquals( 'Two_Factor_Dummy', get_class( $filtered['Two_Factor_Dummy'] ) );
+ $this->assertEquals( 'Two_Factor_Dummy', get_class( $providers['Two_Factor_Dummy'] ) );
+ $this->assertNotEquals( 'Two_Factor_Dummy', get_class( $filtered['Two_Factor_Dummy'] ) );
$this->assertEquals( 'Two_Factor_Dummy_Secure', get_class( $filtered['Two_Factor_Dummy'] ) );
$this->assertEquals( 'Two_Factor_Dummy', $providers['Two_Factor_Dummy']->get_key() );
$this->assertEquals( 'Two_Factor_Dummy', $filtered['Two_Factor_Dummy']->get_key() );
}
+ /**
+ * Filter to change provider class.
+ *
+ * @param string $provider_key Provider key.
+ * @return string
+ */
public function filter_change_provider( $provider_key ) {
return 'Two_Factor_Dummy_Secure';
}
-
}
diff --git a/tests/providers/class-two-factor-dummy.php b/tests/providers/class-two-factor-dummy.php
index 12765804..9fc8a182 100644
--- a/tests/providers/class-two-factor-dummy.php
+++ b/tests/providers/class-two-factor-dummy.php
@@ -40,7 +40,6 @@ public function set_up() {
public function test_get_instance() {
$this->assertNotNull( $this->provider->get_instance() );
-
}
/**
@@ -51,7 +50,6 @@ public function test_get_instance() {
public function test_get_label() {
$this->assertStringContainsString( 'Dummy Method', $this->provider->get_label() );
-
}
/**
@@ -68,7 +66,6 @@ public function test_authentication_page() {
$this->assertStringContainsString( 'Are you really you?', $contents );
$this->assertStringContainsString( '
', $contents );
$this->assertStringContainsString( 'Yup', $contents );
-
}
/**
@@ -79,7 +76,6 @@ public function test_authentication_page() {
public function test_validate_authentication() {
$this->assertTrue( $this->provider->validate_authentication( false ) );
-
}
/**
@@ -90,7 +86,5 @@ public function test_validate_authentication() {
public function test_is_available_for_user() {
$this->assertTrue( $this->provider->is_available_for_user( false ) );
-
}
-
}
diff --git a/tests/providers/class-two-factor-email.php b/tests/providers/class-two-factor-email.php
index bfcfb681..f3d990fc 100644
--- a/tests/providers/class-two-factor-email.php
+++ b/tests/providers/class-two-factor-email.php
@@ -352,6 +352,9 @@ public function test_tokens_can_expire() {
);
}
+ /**
+ * Test custom token length filter.
+ */
public function test_custom_token_length() {
$user_id = self::factory()->user->create();
@@ -359,7 +362,7 @@ public function test_custom_token_length() {
add_filter(
'two_factor_email_token_length',
- function() {
+ function () {
return 15;
}
);
@@ -386,7 +389,7 @@ public function test_email_token_ttl() {
add_filter(
'two_factor_email_token_ttl',
- function() {
+ function () {
return 42;
}
);
@@ -401,7 +404,7 @@ function() {
add_filter(
'two_factor_token_ttl',
- function() {
+ function () {
return 66;
}
);
@@ -414,5 +417,4 @@ function() {
remove_all_filters( 'two_factor_token_ttl' );
}
-
}
diff --git a/tests/providers/class-two-factor-provider.php b/tests/providers/class-two-factor-provider.php
index a92586e9..d51081d4 100644
--- a/tests/providers/class-two-factor-provider.php
+++ b/tests/providers/class-two-factor-provider.php
@@ -13,9 +13,11 @@
*/
class Tests_Two_Factor_Provider extends WP_UnitTestCase {
/**
+ * Test get_code method.
+ *
* @covers Two_Factor_Provider::get_code
*/
- function test_get_code() {
+ public function test_get_code() {
$code = Two_Factor_Provider::get_code( 3, '1' );
$this->assertEquals( '111', $code );
@@ -40,8 +42,12 @@ function test_get_code() {
*
* @covers Two_Factor_Provider::sanitize_code_from_request
* @dataProvider provider_sanitize_code_from_request
+ * @param mixed $expected Expected result.
+ * @param string $field Field name.
+ * @param mixed $value Field value.
+ * @param int $length Expected length.
*/
- function test_sanitize_code_from_request( $expected, $field, $value, $length = 0) {
+ public function test_sanitize_code_from_request( $expected, $field, $value, $length = 0 ) {
$_REQUEST[ $field ] = '';
if ( $value ) {
$_REQUEST[ $field ] = $value;
@@ -52,17 +58,22 @@ function test_sanitize_code_from_request( $expected, $field, $value, $length = 0
unset( $_REQUEST[ $field ] );
}
- function provider_sanitize_code_from_request() {
- return [
- [ '123123', 'authcode', '123123', 6 ],
- [ false, 'authcode', '123123123', 6 ],
- [ '123123', 'code', '123 123' ],
- [ '123123', 'code', "\n123123\n" ],
- [ '123123', 'code', "123\t123", 6 ],
- [ false, 'code', '' ],
- [ 'helloworld', 'code', 'helloworld' ],
- [ false, false, false ],
- ];
+ /**
+ * Data provider for test_sanitize_code_from_request.
+ *
+ * @return array
+ */
+ public function provider_sanitize_code_from_request() {
+ return array(
+ array( '123123', 'authcode', '123123', 6 ),
+ array( false, 'authcode', '123123123', 6 ),
+ array( '123123', 'code', '123 123' ),
+ array( '123123', 'code', "\n123123\n" ),
+ array( '123123', 'code', "123\t123", 6 ),
+ array( false, 'code', '' ),
+ array( 'helloworld', 'code', 'helloworld' ),
+ array( false, false, false ),
+ );
}
/**
@@ -70,7 +81,7 @@ function provider_sanitize_code_from_request() {
*
* @covers Two_Factor_Provider::get_instance
*/
- function test_get_instance() {
+ public function test_get_instance() {
$instance_one = Two_Factor_Dummy::get_instance();
$instance_two = Two_Factor_Dummy::get_instance();
diff --git a/tests/providers/class-two-factor-totp-rest-api.php b/tests/providers/class-two-factor-totp-rest-api.php
index 0dfc38bf..c94db127 100644
--- a/tests/providers/class-two-factor-totp-rest-api.php
+++ b/tests/providers/class-two-factor-totp-rest-api.php
@@ -35,22 +35,30 @@ class Tests_Two_Factor_Totp_REST_API extends WP_Test_REST_TestCase {
*/
protected static $editor_id;
+ /**
+ * Set up test fixtures.
+ *
+ * @param WP_UnitTest_Factory $factory Factory instance.
+ */
public static function wpSetUpBeforeClass( WP_UnitTest_Factory $factory ) {
self::$admin_id = $factory->user->create(
- array(
- 'role' => 'administrator',
- )
+ array(
+ 'role' => 'administrator',
+ )
);
self::$editor_id = $factory->user->create(
- array(
- 'role' => 'editor',
- )
+ array(
+ 'role' => 'editor',
+ )
);
self::$provider = Two_Factor_Totp::get_instance();
}
+ /**
+ * Clean up test fixtures.
+ */
public static function wpTearDownAfterClass() {
self::delete_user( self::$admin_id );
self::delete_user( self::$editor_id );
@@ -69,7 +77,7 @@ public function test_user_two_factor_rest_key_bad_auth_code() {
$request->set_body_params(
array(
'user_id' => self::$admin_id,
- 'key' => 'abcdef'
+ 'key' => 'abcdef',
)
);
@@ -123,7 +131,7 @@ public function test_user_two_factor_rest_set_key_bad_auth_code() {
array(
'user_id' => self::$admin_id,
'key' => $key,
- 'code' => 'abcdef'
+ 'code' => 'abcdef',
)
);
@@ -274,5 +282,4 @@ public function test_user_cannot_delete_secret_for_others() {
'Secret has not been deleted'
);
}
-
}
diff --git a/tests/providers/class-two-factor-totp.php b/tests/providers/class-two-factor-totp.php
index 62663323..cba2613d 100644
--- a/tests/providers/class-two-factor-totp.php
+++ b/tests/providers/class-two-factor-totp.php
@@ -84,7 +84,7 @@ public function test_user_two_factor_options_generates_key() {
*/
public function test_generate_qr_code_url() {
$user = new WP_User( self::factory()->user->create() );
- $expected = 'otpauth://totp/Test%20Blog%3A'. rawurlencode( $user->user_login ) .'?secret=my%20secret%20key&issuer=Test%20Blog';
+ $expected = 'otpauth://totp/Test%20Blog%3A' . rawurlencode( $user->user_login ) . '?secret=my%20secret%20key&issuer=Test%20Blog';
$actual = $this->provider->generate_qr_code_url( $user, 'my secret key' );
$this->assertSame( $expected, $actual );
@@ -113,7 +113,6 @@ public function test_base32_decode() {
$string_base32 = 'IVLDKWCXG5KE6TBUKFEESS2CJFDVMRKVGIZUWQKGKJHEINRWJRMQ';
$this->assertEquals( $string, $this->provider->base32_decode( $string_base32 ) );
-
}
/**
@@ -210,7 +209,7 @@ public function test_is_valid_key() {
* @covers Two_Factor_Totp::validate_code_for_user
* @covers Two_Factor_Totp::get_authcode_valid_ticktime
*/
- function test_validate_authentication() {
+ public function test_validate_authentication() {
$user = new WP_User( self::factory()->user->create() );
$key = $this->provider->generate_key();
@@ -240,7 +239,7 @@ function test_validate_authentication() {
*
* @covers Two_Factor_Totp::validate_authentication
*/
- function test_validate_authentication_invalid_chars_spaces() {
+ public function test_validate_authentication_invalid_chars_spaces() {
$user = new WP_User( self::factory()->user->create() );
$key = $this->provider->generate_key();
@@ -258,7 +257,7 @@ function test_validate_authentication_invalid_chars_spaces() {
$this->assertFalse( $this->provider->validate_authentication( $user ), $_REQUEST['authcode'] );
// Validate that an authcode with leading, trailing, and middle whitespace is accepted.
- $_REQUEST['authcode'] = ' ' . substr( $authcode, 0, 3 ) . ' ' . substr( $authcode, 3 ) . " \n"; // eg ' 123 456 \n'
+ $_REQUEST['authcode'] = ' ' . substr( $authcode, 0, 3 ) . ' ' . substr( $authcode, 3 ) . " \n"; // eg ' 123 456 \n'.
$this->assertTrue( $this->provider->validate_authentication( $user ), $_REQUEST['authcode'] );
}
@@ -268,7 +267,7 @@ function test_validate_authentication_invalid_chars_spaces() {
* @covers Two_Factor_Totp::validate_code_for_user
* @covers Two_Factor_Totp::get_authcode_valid_ticktime
*/
- function test_validate_code_for_user() {
+ public function test_validate_code_for_user() {
$user = new WP_User( self::factory()->user->create() );
$key = $this->provider->generate_key();
@@ -289,13 +288,12 @@ function test_validate_code_for_user() {
// Validate that a second attempt with the same authcode will fail.
$this->assertFalse( $this->provider->validate_code_for_user( $user, $authcode ) );
- // Validate that the future authcode will succeed (but not more than once)
+ // Validate that the future authcode will succeed (but not more than once).
$this->assertTrue( $this->provider->validate_code_for_user( $user, $nextcode ) );
$this->assertFalse( $this->provider->validate_code_for_user( $user, $nextcode ) );
// Validate that the older unused authcode will not succeed.
$this->assertFalse( $this->provider->validate_code_for_user( $user, $oldcode ) );
-
}
/**
@@ -303,7 +301,7 @@ function test_validate_code_for_user() {
*
* @covers Two_Factor_Totp::get_authcode_valid_ticktime
*/
- function test_get_authcode_valid_ticktime() {
+ public function test_get_authcode_valid_ticktime() {
$key = $this->provider->generate_key();
$max_grace_period = Two_Factor_Totp::DEFAULT_TIME_STEP_ALLOWANCE;
diff --git a/tests/two-factor.php b/tests/two-factor.php
index 26c5d49e..39a9bd1e 100644
--- a/tests/two-factor.php
+++ b/tests/two-factor.php
@@ -19,7 +19,6 @@ class Tests_Two_Factor extends WP_UnitTestCase {
public function test_constant_defined() {
$this->assertTrue( defined( 'TWO_FACTOR_DIR' ) );
-
}
/**
@@ -29,6 +28,5 @@ public function test_classes_exist() {
$this->assertTrue( class_exists( 'Two_Factor_Provider' ) );
$this->assertTrue( class_exists( 'Two_Factor_Core' ) );
-
}
}