From: Max Semenik Date: Sun, 17 Mar 2019 07:36:12 +0000 (-0700) Subject: Hard deprecate Password::equals() X-Git-Tag: 1.34.0-rc.0~1747^2 X-Git-Url: http://git.cyclocoop.org/?a=commitdiff_plain;h=382851ca07bbd31098ac3119bd130d5d1be8efa3;p=lhc%2Fweb%2Fwiklou.git Hard deprecate Password::equals() Change-Id: I8d655a4f7a57f2186b1457d956af74bf21d4db08 --- diff --git a/includes/password/Argon2Password.php b/includes/password/Argon2Password.php index 9138c3309c..c03da3bd2f 100644 --- a/includes/password/Argon2Password.php +++ b/includes/password/Argon2Password.php @@ -81,6 +81,8 @@ class Argon2Password extends Password { * @inheritDoc */ public function equals( $other ) { + wfDeprecated( __METHOD__, '1.33' ); + if ( is_string( $other ) ) { return $this->verify( $other ); } diff --git a/includes/password/InvalidPassword.php b/includes/password/InvalidPassword.php index 978118f43f..105937c737 100644 --- a/includes/password/InvalidPassword.php +++ b/includes/password/InvalidPassword.php @@ -38,6 +38,8 @@ class InvalidPassword extends Password { } public function equals( $other ) { + wfDeprecated( __METHOD__, '1.33' ); + return false; } diff --git a/includes/password/Password.php b/includes/password/Password.php index 4caff8ef5b..342995a01e 100644 --- a/includes/password/Password.php +++ b/includes/password/Password.php @@ -155,11 +155,14 @@ abstract class Password { * custom comparison, but it is not recommended unless necessary. * * @deprecated since 1.33, use verify() + * @codeCoverageIgnore * * @param Password|string $other The other password * @return bool True if equal, false otherwise */ public function equals( $other ) { + wfDeprecated( __METHOD__, '1.33' ); + if ( is_string( $other ) ) { return $this->verify( $other ); } diff --git a/tests/phpunit/includes/password/PasswordTestCase.php b/tests/phpunit/includes/password/PasswordTestCase.php index d1e257895e..4557aceeec 100644 --- a/tests/phpunit/includes/password/PasswordTestCase.php +++ b/tests/phpunit/includes/password/PasswordTestCase.php @@ -82,8 +82,6 @@ abstract class PasswordTestCase extends MediaWikiTestCase { $invalid = $this->passwordFactory->newFromCiphertext( null ); $normal = $this->passwordFactory->newFromCiphertext( $hash ); - $this->assertFalse( $invalid->equals( $normal ) ); - $this->assertFalse( $normal->equals( $invalid ) ); $this->assertFalse( $invalid->verify( $hash ) ); } diff --git a/tests/phpunit/includes/user/BotPasswordTest.php b/tests/phpunit/includes/user/BotPasswordTest.php index bc0946fbf7..4ef8ea90a1 100644 --- a/tests/phpunit/includes/user/BotPasswordTest.php +++ b/tests/phpunit/includes/user/BotPasswordTest.php @@ -184,11 +184,12 @@ class BotPasswordTest extends MediaWikiTestCase { } public function testGetPassword() { + /** @var BotPassword $bp */ $bp = TestingAccessWrapper::newFromObject( BotPassword::newFromCentralId( 42, 'BotPassword' ) ); $password = $bp->getPassword(); $this->assertInstanceOf( Password::class, $password ); - $this->assertTrue( $password->equals( 'foobaz' ) ); + $this->assertTrue( $password->verify( 'foobaz' ) ); $bp->centralId = 44; $password = $bp->getPassword(); @@ -373,11 +374,12 @@ class BotPasswordTest extends MediaWikiTestCase { $this->assertEquals( $bp->getToken(), $bp2->getToken() ); $this->assertEquals( $bp->getRestrictions(), $bp2->getRestrictions() ); $this->assertEquals( $bp->getGrants(), $bp2->getGrants() ); + /** @var Password $pw */ $pw = TestingAccessWrapper::newFromObject( $bp )->getPassword(); if ( $password === null ) { $this->assertInstanceOf( InvalidPassword::class, $pw ); } else { - $this->assertTrue( $pw->equals( $password ) ); + $this->assertTrue( $pw->verify( $password ) ); } $token = $bp->getToken(); @@ -389,19 +391,21 @@ class BotPasswordTest extends MediaWikiTestCase { $bp2 = BotPassword::newFromCentralId( 42, 'TestSave', BotPassword::READ_LATEST ); $this->assertInstanceOf( BotPassword::class, $bp2 ); $this->assertEquals( $bp->getToken(), $bp2->getToken() ); + /** @var Password $pw */ $pw = TestingAccessWrapper::newFromObject( $bp )->getPassword(); if ( $password === null ) { $this->assertInstanceOf( InvalidPassword::class, $pw ); } else { - $this->assertTrue( $pw->equals( $password ) ); + $this->assertTrue( $pw->verify( $password ) ); } $passwordHash = $passwordFactory->newFromPlaintext( 'XXX' ); $token = $bp->getToken(); $this->assertTrue( $bp->save( 'update', $passwordHash ) ); $this->assertNotEquals( $token, $bp->getToken() ); + /** @var Password $pw */ $pw = TestingAccessWrapper::newFromObject( $bp )->getPassword(); - $this->assertTrue( $pw->equals( 'XXX' ) ); + $this->assertTrue( $pw->verify( 'XXX' ) ); $this->assertTrue( $bp->delete() ); $this->assertFalse( $bp->isSaved() );