Laravel Auth

PHP MIT

Laravel Auth by GhostCompiler adds advanced authentication for Laravel with TOTP 2FA, passkeys via WebAuthn, OTP channels (email, SMS, WhatsApp), trusted devices, and tenant-aware social login.

Stars
2
Forks
0
Downloads
N/A
Open Issues
0
Files main

Repository Files

Loading file structure...
tests/Unit/Base32Test.php
<?php

declare(strict_types=1);

namespace GhostCompiler\LaravelAuth\Tests\Unit;

use GhostCompiler\LaravelAuth\Support\Base32;
use GhostCompiler\LaravelAuth\Tests\TestCase;

class Base32Test extends TestCase
{
    public function test_encode_returns_empty_string_for_empty_input(): void
    {
        self::assertSame('', Base32::encode(''));
    }

    public function test_decode_returns_empty_string_for_empty_input(): void
    {
        self::assertSame('', Base32::decode(''));
    }

    public function test_encode_produces_valid_base32_alphabet(): void
    {
        $encoded = Base32::encode('Hello');
        self::assertMatchesRegularExpression('/^[A-Z2-7]+$/', $encoded);
    }

    public function test_encode_and_decode_are_inverse_operations(): void
    {
        $inputs = ['Hello', 'secret123', "\x00\xFF\x10", 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'];

        foreach ($inputs as $input) {
            self::assertSame($input, Base32::decode(Base32::encode($input)), "Round-trip failed for: {$input}");
        }
    }

    public function test_decode_is_case_insensitive(): void
    {
        $encoded = Base32::encode('test');
        self::assertSame(Base32::decode($encoded), Base32::decode(strtolower($encoded)));
    }

    public function test_decode_strips_non_base32_characters(): void
    {
        // Spaces, dashes, and invalid chars should be silently removed
        $encoded = Base32::encode('Hello');
        $withJunk = str_split($encoded, 2);
        $paddedEncoded = implode('-', $withJunk);

        self::assertSame('Hello', Base32::decode($paddedEncoded));
    }

    public function test_encode_produces_known_output_for_known_input(): void
    {
        // 'f' → 'MY' in base32 (RFC 4648)
        self::assertSame('MY', Base32::encode('f'));
    }

    public function test_totp_secret_can_be_encoded_and_decoded(): void
    {
        // Simulates a 20-byte random secret (typical TOTP secret size)
        $raw = random_bytes(20);
        $encoded = Base32::encode($raw);
        $decoded = Base32::decode($encoded);

        self::assertSame($raw, $decoded);
    }
}