fix: some test cases

Author: matiasperrone-exo

app/libs/Auth/AuthService.php

@@ -187,8 +187,12 @@ public function validateCredentials(string $username, string $password): User
          * @var User|null $user
          */
         $user = $this->user_repository->getByEmailOrName($username);
-        $valid = Auth::getProvider()->validateCredentials($user, ['username' => $username, 'password' => $password]);
-        if (!$valid) {
+        if (!$user) {
+            throw new AuthenticationException();
+        }
+
+        $isUserValid = Auth::getProvider()->validateCredentials($user, ['username' => $username, 'password' => $password]);
+        if (!$isUserValid) {
             throw new AuthenticationException();
         }
 

tests/unit/AuthServiceValidateCredentialsTest.php

@@ -14,6 +14,7 @@
 
 use App\libs\OAuth2\Repositories\IOAuth2OTPRepository;
 use Auth\AuthService;
+use Auth\CustomAuthProvider;
 use Auth\Exceptions\AuthenticationException;
 use Auth\Repositories\IUserRepository;
 use Mockery;
@@ -89,19 +90,19 @@ public function testValidCredentials_returnsUser_withoutEstablishingSession(): v
         $username = 'jane.doe';
         $password = 'Str0ng!Pass';
 
+        $resolved_user = Mockery::mock('Auth\User');
         $this->mock_user_repository
             ->expects($this->once())
             ->method('getByEmailOrName')
             ->with($username)
-            ->willReturn(null);
+            ->willReturn($resolved_user);
 
-        $resolved_user = Mockery::mock('Auth\User');
         $resolved_user->shouldReceive('canLogin')->andReturn(true);
 
-        $provider_mock = Mockery::mock('Illuminate\Contracts\Auth\UserProvider');
-        $provider_mock->shouldReceive('retrieveByCredentials')
+        $provider_mock = Mockery::mock(CustomAuthProvider::class);
+        $provider_mock->shouldReceive('validateCredentials')
             ->once()
-            ->with(['username' => $username, 'password' => $password])
+            ->with($resolved_user, ['username' => $username, 'password' => $password])
             ->andReturn($resolved_user);
 
         $this->auth_mock->shouldReceive('getProvider')->once()->andReturn($provider_mock);
@@ -122,16 +123,17 @@ public function testInvalidCredentials_throwsAuthenticationException(): void
         $username = 'jane.doe';
         $password = 'wrong';
 
+        $resolved_user = Mockery::mock('Auth\User');
         $this->mock_user_repository
             ->expects($this->once())
             ->method('getByEmailOrName')
             ->with($username)
-            ->willReturn(null);
+            ->willReturn($resolved_user);
 
-        $provider_mock = Mockery::mock('Illuminate\Contracts\Auth\UserProvider');
-        $provider_mock->shouldReceive('retrieveByCredentials')
+        $provider_mock = Mockery::mock(CustomAuthProvider::class);
+        $provider_mock->shouldReceive('validateCredentials')
             ->once()
-            ->with(['username' => $username, 'password' => $password])
+            ->with($resolved_user, ['username' => $username, 'password' => $password])
             ->andReturn(null);
 
         $this->auth_mock->shouldReceive('getProvider')->once()->andReturn($provider_mock);
@@ -154,21 +156,20 @@ public function testProviderReturnsUserThatCannotLogin_throwsAuthenticationExcep
         $password = 'Str0ng!Pass';
 
         // Pre-check: user not found in repository, so the locked-account short-circuit is not taken.
+        $resolved_user = Mockery::mock('Auth\User');
         $this->mock_user_repository
             ->expects($this->once())
             ->method('getByEmailOrName')
             ->with($username)
-            ->willReturn(null);
+            ->willReturn($resolved_user);
 
         // Provider returns a valid User instance, but canLogin() is false.
-        $non_loginable_user = Mockery::mock('Auth\User');
-        $non_loginable_user->shouldReceive('canLogin')->andReturn(false);
 
-        $provider_mock = Mockery::mock('Illuminate\Contracts\Auth\UserProvider');
-        $provider_mock->shouldReceive('retrieveByCredentials')
+        $provider_mock = Mockery::mock(CustomAuthProvider::class);
+        $provider_mock->shouldReceive('validateCredentials')
             ->once()
-            ->with(['username' => $username, 'password' => $password])
-            ->andReturn($non_loginable_user);
+            ->with($resolved_user, ['username' => $username, 'password' => $password])
+            ->andReturn(false);
 
         $this->auth_mock->shouldReceive('getProvider')->once()->andReturn($provider_mock);
         $this->auth_mock->shouldNotReceive('login');
@@ -186,6 +187,7 @@ public function testProviderReturnsUserThatCannotLogin_throwsAuthenticationExcep
     public function testLockedAccount_throwsAuthenticationException_withLockedMessage(): void
     {
         $username = 'locked.user';
+        $password = 'Str0ng!Pass';
 
         $locked_user = Mockery::mock('Auth\User');
         $locked_user->shouldReceive('isActive')->andReturn(false);
@@ -197,7 +199,13 @@ public function testLockedAccount_throwsAuthenticationException_withLockedMessag
             ->willReturn($locked_user);
 
         // Provider must NOT be consulted when the user is locked.
-        $this->auth_mock->shouldNotReceive('getProvider');
+        $provider_mock = Mockery::mock(CustomAuthProvider::class);
+        $provider_mock->shouldReceive('validateCredentials')
+            ->once()
+            ->with($locked_user, ['username' => $username, 'password' => $password])
+            ->andReturn(false);
+
+        $this->auth_mock->shouldReceive('getProvider')->once()->andReturn($provider_mock);
         $this->auth_mock->shouldNotReceive('login');
         $this->auth_mock->shouldNotReceive('attempt');