From 7e06aa1068fb6481834ca95017b4f206d39c2c30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E0=BE=85=E0=BC=BB=20=C7=AC=C9=80=C4=A7=20=E0=BC=84?=
 =?UTF-8?q?=E0=BC=86=E0=BD=89?= <ozh@ozh.org>
Date: Tue, 24 Aug 2021 22:03:10 +0200
Subject: [PATCH] Update auth tests to match #3034 (#3035)

---
 tests/tests/auth/login_base.php | 13 ++++++++++---
 tests/tests/auth/logout.php     | 32 +++++++++++++++++++++++++++-----
 2 files changed, 37 insertions(+), 8 deletions(-)

diff --git a/tests/tests/auth/login_base.php b/tests/tests/auth/login_base.php
index bcf060662..f98928827 100644
--- a/tests/tests/auth/login_base.php
+++ b/tests/tests/auth/login_base.php
@@ -10,10 +10,12 @@ abstract class Login_Base extends PHPUnit\Framework\TestCase {
 
     protected function setUp(): void {
         $this->backup_request = $_REQUEST;
+        $_REQUEST['nonce'] = yourls_create_nonce('admin_login');
     }
 
     protected function tearDown(): void {
         $_REQUEST = $this->backup_request;
+        yourls_remove_all_actions('pre_yourls_die');
     }
 
 	/**
@@ -86,10 +88,15 @@ public function test_login_with_random_credentials() {
         $login        = yourls_did_action( 'login' );
         $login_failed = yourls_did_action( 'login_failed' );
 
-        $this->assertNotTrue( yourls_is_valid_user() );
+        // with "normal" logins, we simulate the login forms and the presence of a nonce
+        if (get_class($this) == 'Auth_Login_Normal_Tests') {
+            $this->expectException(Exception::class);
+            $this->expectExceptionMessage('I have died');
+            // intercept yourls_die() before it actually dies
+            yourls_add_action( 'pre_yourls_die', function() { throw new Exception( 'I have died' ); } );
+        }
 
-		$this->assertEquals( $login, yourls_did_action( 'login' ) );
-		$this->assertEquals( $login_failed + 1, yourls_did_action( 'login_failed' ) );
+        $this->assertNotTrue( yourls_is_valid_user() );
     }
 
 }
diff --git a/tests/tests/auth/logout.php b/tests/tests/auth/logout.php
index de196f7d9..4dde4bcb3 100644
--- a/tests/tests/auth/logout.php
+++ b/tests/tests/auth/logout.php
@@ -7,19 +7,41 @@
  */
 class Logout_Func_Tests extends PHPUnit\Framework\TestCase {
 
+    protected $backup_get;
+
+    protected function setUp(): void {
+        $this->backup_get = $_GET;
+        $_REQUEST['nonce'] = yourls_create_nonce('admin_login');
+    }
+
+    protected function tearDown(): void {
+        $_GET = $this->backup_get;
+        yourls_remove_all_actions('pre_yourls_die');
+    }
+
     /**
-     * Check logout procedure
+     * Check logout procedure - phase 1
      */
-    public function test_logout() {
-
+    public function test_logout_user_is_logged_in() {
         $valid = yourls_is_valid_user();
-        $this->assertTrue( $valid );
+        $this->assertTrue($valid);
+    }
 
+    /**
+     * Check logout procedure - phase 2
+     * @depends test_logout_user_is_logged_in
+     */
+    public function test_logout_user_logs_out() {
         $_GET['action'] = 'logout';
         $invalid = yourls_is_valid_user();
         $this->assertNotTrue( $invalid );
+    }
 
-        unset( $_GET['action'] );
+    /**
+     * Check logout procedure - phase 3
+     * @depends test_logout_user_logs_out
+     */
+    public function test_logout_user_is_logged_in_back() {
         $valid = yourls_is_valid_user();
         $this->assertTrue( $valid );
     }