Added test

Author: glye

tests/integration/Core/Repository/UserServiceTest.php

@@ -1325,7 +1325,7 @@ public function testCreateUserWithWeakPasswordThrowsUserPasswordValidationExcept
 
         try {
             // This call will fail with a "UserPasswordValidationException" because the
-            // the password does not follow specified rules.
+            // password does not follow specified rules.
             $this->createTestUserWithPassword('pass', $userContentType);
         } catch (ContentFieldValidationException $e) {
             // Exception is caught, as there is no other way to check exception properties.
@@ -2177,13 +2177,41 @@ public function testUpdateUserPasswordWithUnsupportedHashType(): void
         $wrongHashType = 1;
         $this->updateRawPasswordHash($user->getUserId(), $wrongHashType);
         $newPassword = 'new_secret123';
-        // no need to invalidate cache since there was no load between create & raw database update
+        // no need to invalidate cache since there was no load between creation
+        // and raw database update
         $user = $userService->updateUserPassword($user, $newPassword);
 
         self::assertTrue($userService->checkUserCredentials($user, $newPassword));
         self::assertNotEquals($oldPasswordHash, $user->passwordHash);
     }
 
+    /**
+     * @throws \Doctrine\DBAL\Exception
+     * @throws \ErrorException
+     * @throws \Ibexa\Contracts\Core\Repository\Exceptions\ContentFieldValidationException
+     * @throws \Ibexa\Contracts\Core\Repository\Exceptions\UnauthorizedException
+     */
+    public function testUpdateUserPasswordHashToArgon2Id(): void
+    {
+        $repository = $this->getRepository();
+        $userService = $repository->getUserService();
+
+        $user = $this->createUser('john.doe', 'John', 'Doe');
+        $oldPasswordHash = $user->passwordHash;
+
+        $argon2IdHashType = User::PASSWORD_HASH_ARGON2ID;
+        $this->updateRawPasswordHash($user->getUserId(), $argon2IdHashType);
+        $newPassword = 'new_secret123';
+        // no need to invalidate cache since there was no load between creation
+        // and raw database update
+        $user = $userService->updateUserPassword($user, $newPassword);
+        $passwordInfo = password_get_info($user->passwordHash);
+
+        self::assertTrue($userService->checkUserCredentials($user, $newPassword));
+        self::assertNotEquals($oldPasswordHash, $user->passwordHash);
+        self::assertEquals(PASSWORD_ARGON2ID, $passwordInfo['algo']);
+    }
+
     /**
      * Test for the loadUserGroupsOfUser() method.
      *

tests/lib/Repository/User/PasswordHashServiceTest.php

@@ -30,6 +30,8 @@ public function testGetSupportedHashTypes(): void
             [
                 User::PASSWORD_HASH_BCRYPT,
                 User::PASSWORD_HASH_PHP_DEFAULT,
+                User::PASSWORD_HASH_ARGON2I,
+                User::PASSWORD_HASH_ARGON2ID,
                 User::PASSWORD_HASH_INVALID,
             ],
             $this->passwordHashService->getSupportedHashTypes()