diff --git a/projects/packages/account-protection/src/class-account-protection.php b/projects/packages/account-protection/src/class-account-protection.php
index b1eb031854e26..d39cd99de3e75 100644
--- a/projects/packages/account-protection/src/class-account-protection.php
+++ b/projects/packages/account-protection/src/class-account-protection.php
@@ -107,7 +107,7 @@ protected function register_hooks(): void {
*/
protected function register_runtime_hooks(): void {
// Validate password after successful login
- add_action( 'wp_authenticate_user', array( $this->password_detection, 'login_form_password_detection' ), 10, 2 );
+ add_filter( 'wp_authenticate_user', array( $this->password_detection, 'login_form_password_detection' ), 10, 2 );
// Handle password detection login failure
add_action( 'wp_login_failed', array( $this->password_detection, 'handle_password_detection_validation_error' ), 10, 2 );
@@ -117,7 +117,7 @@ protected function register_runtime_hooks(): void {
add_action( 'wp_enqueue_scripts', array( $this->password_detection, 'enqueue_styles' ) );
// Add password validation
- add_action( 'user_profile_update_errors', array( $this->password_manager, 'validate_profile_update' ), 10, 3 );
+ add_filter( 'user_profile_update_errors', array( $this->password_manager, 'filter_user_profile_update_errors' ), 10, 3 );
add_action( 'validate_password_reset', array( $this->password_manager, 'validate_password_reset' ), 10, 2 );
// Update recent passwords list
diff --git a/projects/packages/account-protection/src/class-password-detection.php b/projects/packages/account-protection/src/class-password-detection.php
index 8b07789b61b79..1eae7dea3052d 100644
--- a/projects/packages/account-protection/src/class-password-detection.php
+++ b/projects/packages/account-protection/src/class-password-detection.php
@@ -55,7 +55,7 @@ public function login_form_password_detection( $user, string $password ) {
return $user;
}
- if ( $this->validation_service->is_weak_password( $password ) ) {
+ if ( $this->validation_service->is_compromised_password( $password ) ) {
$transient = $this->generate_and_store_transient_data( $user->ID );
$email_sent = $this->email_service->api_send_auth_email( $user, $transient['auth_code'] );
diff --git a/projects/packages/account-protection/src/class-password-manager.php b/projects/packages/account-protection/src/class-password-manager.php
index 5b81924ef009f..07891e11e5b1a 100644
--- a/projects/packages/account-protection/src/class-password-manager.php
+++ b/projects/packages/account-protection/src/class-password-manager.php
@@ -28,15 +28,17 @@ public function __construct( ?Validation_Service $validation_service = null ) {
}
/**
- * Validate the profile update.
+ * Inject additional password validation errors on profile update.
*
- * @param \WP_Error $errors The error object.
- * @param bool $update Whether the user is being updated.
- * @param \stdClass $user A copy of the new user object.
+ * @see https://developer.wordpress.org/reference/hooks/user_profile_update_errors/
+ *
+ * @param \WP_Error $errors WP_Error object (passed by reference).
+ * @param bool $update Whether this is a user update.
+ * @param \stdClass $user User object (passed by reference).
*
* @return void
*/
- public function validate_profile_update( \WP_Error $errors, bool $update, \stdClass $user ): void {
+ public function filter_user_profile_update_errors( \WP_Error $errors, bool $update, \stdClass $user ): void {
if ( empty( $user->user_pass ) ) {
return;
}
@@ -47,11 +49,10 @@ public function validate_profile_update( \WP_Error $errors, bool $update, \stdCl
return;
}
- $error = $this->validation_service->get_first_validation_error( $user->user_pass, true, $user );
+ $validation_errors = $this->validation_service->get_validation_errors( $user->user_pass, (array) $user );
- if ( ! empty( $error ) ) {
- $errors->add( 'password_error', $error );
- return;
+ if ( ! empty( $validation_errors ) ) {
+ $errors->add( 'password_error', $validation_errors[0] );
}
}
@@ -80,11 +81,10 @@ public function validate_password_reset( \WP_Error $errors, $user ): void {
}
// phpcs:ignore WordPress.Security.NonceVerification
- $password = sanitize_text_field( wp_unslash( $_POST['pass1'] ) );
- $error = $this->validation_service->get_first_validation_error( $password );
- if ( ! empty( $error ) ) {
- $errors->add( 'password_error', $error );
- return;
+ $password = sanitize_text_field( wp_unslash( $_POST['pass1'] ) );
+ $validation_errors = $this->validation_service->get_validation_errors( $password, (array) $user );
+ if ( ! empty( $validation_errors ) ) {
+ $errors->add( 'password_error', $validation_errors[0] );
}
}
diff --git a/projects/packages/account-protection/src/class-password-strength-meter.php b/projects/packages/account-protection/src/class-password-strength-meter.php
index fbeda04429e37..50c22b5c974a8 100644
--- a/projects/packages/account-protection/src/class-password-strength-meter.php
+++ b/projects/packages/account-protection/src/class-password-strength-meter.php
@@ -41,15 +41,15 @@ public function validate_password_ajax(): void {
wp_send_json_error( array( 'message' => __( 'Invalid nonce.', 'jetpack-account-protection' ) ) );
}
- $user_specific = false;
+ $userdata = null;
if ( isset( $_POST['user_specific'] ) ) {
- $user_specific = filter_var( sanitize_text_field( wp_unslash( $_POST['user_specific'] ) ), FILTER_VALIDATE_BOOLEAN );
+ $userdata = get_userdata( get_current_user_id() );
}
- $password = sanitize_text_field( wp_unslash( $_POST['password'] ) );
- $state = $this->validation_service->get_validation_state( $password, $user_specific );
+ $password = sanitize_text_field( wp_unslash( $_POST['password'] ) );
+ $validation_errors = $this->validation_service->get_validation_errors( $password, $userdata );
- wp_send_json_success( array( 'state' => $state ) );
+ wp_send_json_success( array( 'errors' => $validation_errors ) );
}
/**
@@ -98,15 +98,14 @@ public function localize_jetpack_data( bool $user_specific = false ): void {
'jetpack-password-strength-meter',
'jetpackData',
array(
- 'ajaxurl' => admin_url( 'admin-ajax.php' ),
- 'nonce' => wp_create_nonce( 'validate_password_nonce' ),
- 'userSpecific' => $user_specific,
- 'logo' => plugin_dir_url( __FILE__ ) . 'assets/jetpack-logo.svg',
- 'infoIcon' => plugin_dir_url( __FILE__ ) . 'assets/info.svg',
- 'checkIcon' => plugin_dir_url( __FILE__ ) . 'assets/check.svg',
- 'crossIcon' => plugin_dir_url( __FILE__ ) . 'assets/cross.svg',
- 'loadingIcon' => plugin_dir_url( __FILE__ ) . 'assets/loading.svg',
- 'validationInitialState' => $this->validation_service->get_validation_initial_state( $user_specific ),
+ 'ajaxurl' => admin_url( 'admin-ajax.php' ),
+ 'nonce' => wp_create_nonce( 'validate_password_nonce' ),
+ 'userSpecific' => $user_specific,
+ 'logo' => plugin_dir_url( __FILE__ ) . 'assets/jetpack-logo.svg',
+ 'infoIcon' => plugin_dir_url( __FILE__ ) . 'assets/info.svg',
+ 'checkIcon' => plugin_dir_url( __FILE__ ) . 'assets/check.svg',
+ 'crossIcon' => plugin_dir_url( __FILE__ ) . 'assets/cross.svg',
+ 'loadingIcon' => plugin_dir_url( __FILE__ ) . 'assets/loading.svg',
)
);
}
diff --git a/projects/packages/account-protection/src/class-validation-service.php b/projects/packages/account-protection/src/class-validation-service.php
index bd83739e513ef..e64576fe584dd 100644
--- a/projects/packages/account-protection/src/class-validation-service.php
+++ b/projects/packages/account-protection/src/class-validation-service.php
@@ -22,6 +22,20 @@ class Validation_Service {
*/
private $connection_manager;
+ /**
+ * Validation rules.
+ *
+ * @var array
+ */
+ private $rules = array(
+ Min_Length_Rule::class,
+ Not_Empty_Validation_Rule::class,
+ No_Backslash_Rule::class,
+ Not_Recent_Rule::class,
+ Not_Compromised_Rule::class,
+ No_Userdata_Rule::class,
+ );
+
/**
* Constructor for dependency injection.
*
@@ -50,125 +64,42 @@ protected function request_suffixes( string $password_prefix ) {
}
/**
- * Return validation initial state.
- *
- * @param bool $user_specific Whether or not to include user specific checks.
- *
- * @return array An array of all validation statuses and messages.
- */
- public function get_validation_initial_state( $user_specific ): array {
- $base_conditions = array(
- 'core' => array(
- 'status' => null,
- 'message' => __( 'Strong password', 'jetpack-account-protection' ),
- 'info' => __( 'Passwords should meet WordPress core security requirements to enhance account protection.', 'jetpack-account-protection' ),
- ),
- 'contains_backslash' => array(
- 'status' => null,
- 'message' => __( "Doesn't contain a backslash (\\) character", 'jetpack-account-protection' ),
- 'info' => null,
- ),
- 'invalid_length' => array(
- 'status' => null,
- 'message' => __( 'Between 6 and 150 characters', 'jetpack-account-protection' ),
- 'info' => null,
- ),
- 'weak' => array(
- 'status' => null,
- 'message' => __( 'Not a leaked password', 'jetpack-account-protection' ),
- 'info' => __( 'If found in a public breach, this password may already be known to attackers.', 'jetpack-account-protection' ),
- ),
- );
-
- if ( ! $user_specific ) {
- return $base_conditions;
- }
-
- $user_specific_conditions = array(
- 'matches_user_data' => array(
- 'status' => null,
- 'message' => __( "Doesn't match existing user data", 'jetpack-account-protection' ),
- 'info' => __( 'Using a password similar to your username or email makes it easier to guess.', 'jetpack-account-protection' ),
- ),
- 'recent' => array(
- 'status' => null,
- 'message' => __( 'Not used recently', 'jetpack-account-protection' ),
- 'info' => __( 'Reusing old passwords may increase security risks. A fresh password improves protection.', 'jetpack-account-protection' ),
- ),
- );
-
- return array_merge( $base_conditions, $user_specific_conditions );
- }
-
- /**
- * Return validation state - client-side.
+ * Get the validation errors.
*
* @param string $password The password to check.
- * @param bool $user_specific Whether or not to run user specific checks.
+ * @param array $userdata The user data to check against, or null if not provided.
*
- * @return array An array of the status of each check.
+ * @return string[] List of broken rule IDs.
*/
- public function get_validation_state( string $password, $user_specific ): array {
- $validation_state = $this->get_validation_initial_state( $user_specific );
-
- $validation_state['contains_backslash']['status'] = $this->contains_backslash( $password );
- $validation_state['invalid_length']['status'] = $this->is_invalid_length( $password );
- $validation_state['weak']['status'] = $this->is_weak_password( $password );
-
- if ( ! $user_specific ) {
- return $validation_state;
- }
-
- // Run checks on existing user data
- $user = wp_get_current_user();
- $validation_state['matches_user_data']['status'] = $this->matches_user_data( $user, $password );
- $validation_state['recent']['status'] = $this->is_recent_password( $user, $password );
-
- return $validation_state;
- }
-
- /**
- * Return first validation error - server-side.
- *
- * @param string $password The password to check.
- * @param bool $user_specific Whether or not to run user specific checks.
- * @param \stdClass|null $user The user data or null.
- *
- * @return string The first validation errors (if any).
- */
- public function get_first_validation_error( string $password, $user_specific = false, $user = null ): string {
- // Update and create-user forms include backlash validation
- if ( ! $user_specific ) {
- if ( $this->contains_backslash( $password ) ) {
- return __( 'Error: The password cannot contain a backslash (\\) character.', 'jetpack-account-protection' );
+ public function get_validation_errors( string $password, array $userdata = null ) {
+ $broken_rules = array();
+
+ foreach ( $this->rules as $rule ) {
+ $rule = new $rule( $this );
+
+ // Get the number of parameters the callback accepts;
+ $param_names = array_map(
+ function ( $param ) {
+ return $param->getName();
+ },
+ ( new \ReflectionMethod( $rule, 'callback' ) )->getParameters()
+ );
+
+ // Assemble the arguments required by the callback.
+ $args = array( $password );
+ if ( in_array( 'userdata', $param_names, true ) ) {
+ $args[] = $userdata;
}
- }
- if ( $this->is_invalid_length( $password ) ) {
- return __( 'Error: The password must be between 6 and 150 characters.', 'jetpack-account-protection' );
- }
+ // Call the callback.
+ $validation_callback_result = call_user_func_array( array( $rule, 'callback' ), $args );
- if ( $this->is_weak_password( $password ) ) {
- return __( 'Error: The password was found in a public leak.', 'jetpack-account-protection' );
- }
-
- // Skip user-specific checks during password reset
- if ( $user_specific ) {
- // Reset form includes empty validation
- if ( empty( $password ) ) {
- return __( 'Error: The password cannot be a space or all spaces.', 'jetpack-account-protection' );
- }
-
- // Run checks on new user data
- if ( $this->matches_user_data( $user, $password ) ) {
- return __( 'Error: The password matches new user data.', 'jetpack-account-protection' );
- }
- if ( $this->is_recent_password( $user, $password ) ) {
- return __( 'Error: The password was used recently.', 'jetpack-account-protection' );
+ if ( ! $validation_callback_result ) {
+ $broken_rules[] = $rule->id;
}
}
- return '';
+ return $broken_rules;
}
/**
@@ -197,41 +128,37 @@ public function is_invalid_length( string $password ): bool {
/**
* Check if the password matches any user data.
*
- * @param \WP_User|\stdClass $user The user.
- * @param string $password The password to check.
+ * @param string $password The password to check.
+ * @param array $userdata The user data.
*
* @return bool True if the password matches any user data, false otherwise.
*/
- public function matches_user_data( $user, string $password ): bool {
- if ( ! $user ) {
- return false;
- }
-
- $email_parts = explode( '@', $user->user_email ); // test@example.com
- $email_username = $email_parts[0]; // 'test'
- $email_domain = $email_parts[1]; // 'example.com'
- $email_provider = explode( '.', $email_domain )[0]; // 'example'
-
- $user_data = array(
- $user->user_login ?? '',
- $user->display_name ?? '',
- $user->first_name ?? '',
- $user->last_name ?? '',
- $user->user_email ?? '',
- $email_username ?? '',
- $email_provider ?? '',
- $user->nickname ?? '',
+ public function matches_user_data( string $password, array $userdata ): bool {
+ $data_to_match = array(
+ $userdata['user_login'] ?? '',
+ $userdata['display_name'] ?? '',
+ $userdata['first_name'] ?? '',
+ $userdata['last_name'] ?? '',
+ $userdata['user_email'] ?? '',
+ $userdata['nickname'] ?? '',
);
- $password_lower = strtolower( $password );
+ if ( $userdata['user_email'] ) {
+ $email_parts = explode( '@', $userdata['user_email'] ); // test@example.com
+ $email_username = $email_parts[0]; // 'test'
+ $email_domain = $email_parts[1]; // 'example.com'
+ $email_provider = explode( '.', $email_domain )[0]; // 'example'
- foreach ( $user_data as $data ) {
- // Skip if $data is 3 characters or less.
+ $data_to_match[] = $email_username;
+ $data_to_match[] = $email_provider;
+ }
+
+ foreach ( $data_to_match as $data ) {
if ( strlen( $data ) <= 3 ) {
continue;
}
- if ( ! empty( $data ) && strpos( $password_lower, strtolower( $data ) ) !== false ) {
+ if ( strpos( strtolower( $password ), strtolower( $data ) ) !== false ) {
return true;
}
}
@@ -246,7 +173,7 @@ public function matches_user_data( $user, string $password ): bool {
*
* @return bool True if the password is in the list of compromised/common passwords, false otherwise.
*/
- public function is_weak_password( string $password ): bool {
+ public function is_compromised_password( string $password ): bool {
if ( ! $this->connection_manager->is_connected() ) {
return false;
}
@@ -296,18 +223,21 @@ public function is_current_password( int $user_id, string $password ): bool {
/**
* Check if the password has been used recently by the user.
*
- * @param \WP_User|\stdClass $user The user data.
- * @param string $password The password to check.
+ * @param string $password The password to check.
+ * @param array $userdata The user data.
*
* @return bool True if the password was recently used, false otherwise.
*/
- public function is_recent_password( $user, string $password ): bool {
- $user_data = $user instanceof \WP_User ? $user : get_userdata( $user->ID );
- if ( $this->is_current_password( $user_data->ID, $password ) ) {
+ public function is_recent_password( string $password, array $userdata ): bool {
+ if ( ! array_key_exists( 'ID', $userdata ) ) {
+ return false;
+ }
+
+ if ( $this->is_current_password( $userdata['ID'], $password ) ) {
return true;
}
- $recent_passwords = get_user_meta( $user->ID, Config::PASSWORD_MANAGER_RECENT_PASSWORD_HASHES_USER_META_KEY, true );
+ $recent_passwords = get_user_meta( $userdata['ID'], Config::PASSWORD_MANAGER_RECENT_PASSWORD_HASHES_USER_META_KEY, true );
if ( empty( $recent_passwords ) || ! is_array( $recent_passwords ) ) {
return false;
}
diff --git a/projects/packages/account-protection/src/password-rules/class-min-length-rule.php b/projects/packages/account-protection/src/password-rules/class-min-length-rule.php
new file mode 100644
index 0000000000000..7bf7fe3f272c7
--- /dev/null
+++ b/projects/packages/account-protection/src/password-rules/class-min-length-rule.php
@@ -0,0 +1,71 @@
+Error: The password must be between 6 and 150 characters.', 'jetpack-account-protection' );
+ }
+
+ /**
+ * Validate the password.
+ *
+ * @param string $password The password to validate.
+ * @param array $userdata (Optional) The user data.
+ *
+ * @return bool True if the password is valid, false otherwise.
+ */
+ public function callback( string $password, ?array $userdata = null ): bool { // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
+ if ( strlen( $password ) < Config::VALIDATION_SERVICE_MIN_LENGTH ) {
+ return false;
+ }
+
+ if ( strlen( $password ) > Config::VALIDATION_SERVICE_MAX_LENGTH ) {
+ return false;
+ }
+
+ return true;
+ }
+}
diff --git a/projects/packages/account-protection/src/password-rules/class-no-backslash-rule.php b/projects/packages/account-protection/src/password-rules/class-no-backslash-rule.php
new file mode 100644
index 0000000000000..252e2c787122b
--- /dev/null
+++ b/projects/packages/account-protection/src/password-rules/class-no-backslash-rule.php
@@ -0,0 +1,63 @@
+Error: The password matches existing user data.', 'jetpack-account-protection' );
+ }
+
+ /**
+ * Check if the password matches any user data.
+ *
+ * @param string $password The password to check.
+ * @param array $userdata The user data.
+ *
+ * @return bool True if the password matches any user data, false otherwise.
+ */
+ public function callback( string $password, ?array $userdata = null ): bool {
+ if ( empty( $userdata ) ) {
+ return false;
+ }
+
+ $data_to_match = array(
+ $userdata['user_login'] ?? '',
+ $userdata['display_name'] ?? '',
+ $userdata['first_name'] ?? '',
+ $userdata['last_name'] ?? '',
+ $userdata['user_email'] ?? '',
+ $userdata['nickname'] ?? '',
+ );
+
+ if ( ! empty( $userdata['user_email'] ) ) {
+ $email_parts = explode( '@', $userdata['user_email'] ); // test@example.com
+ $email_username = $email_parts[0]; // 'test'
+ $email_domain = $email_parts[1]; // 'example.com'
+ $email_provider = explode( '.', $email_domain )[0]; // 'example'
+
+ $data_to_match[] = $email_username;
+ $data_to_match[] = $email_provider;
+ }
+
+ foreach ( $data_to_match as $data ) {
+ if ( strlen( $data ) <= 3 ) {
+ continue;
+ }
+
+ if ( strpos( strtolower( $password ), strtolower( $data ) ) !== false ) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+}
diff --git a/projects/packages/account-protection/src/password-rules/class-not-compromised-rule.php b/projects/packages/account-protection/src/password-rules/class-not-compromised-rule.php
new file mode 100644
index 0000000000000..9ce97bc57ba1b
--- /dev/null
+++ b/projects/packages/account-protection/src/password-rules/class-not-compromised-rule.php
@@ -0,0 +1,72 @@
+validation_service = $validation_service;
+ }
+
+ /**
+ * Get the label of the rule.
+ *
+ * @return string The label of the rule.
+ */
+ public function get_label(): string {
+ return __( 'Not a leaked password', 'jetpack-account-protection' );
+ }
+
+ /**
+ * Get the description of the rule.
+ *
+ * @return string The description of the rule.
+ */
+ public function get_description(): string {
+ return __( 'If found in a public breach, this password may already be known to attackers.', 'jetpack-account-protection' );
+ }
+
+ /**
+ * Get the error message of the rule.
+ *
+ * @return string The error message of the rule.
+ */
+ public function get_error(): string {
+ return __( 'Error: The password was found in a public leak.', 'jetpack-account-protection' );
+ }
+
+ /**
+ * Validate the password.
+ *
+ * @param string $password The password to validate.
+ * @param array $userdata (Optional) The user data.
+ *
+ * @return bool True if the password is valid, false otherwise.
+ */
+ public function callback( string $password, ?array $userdata = null ): bool { // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
+ return ! $this->validation_service->is_compromised_password( $password );
+ }
+}
diff --git a/projects/packages/account-protection/src/password-rules/class-not-empty-rule.php b/projects/packages/account-protection/src/password-rules/class-not-empty-rule.php
new file mode 100644
index 0000000000000..62a1079761646
--- /dev/null
+++ b/projects/packages/account-protection/src/password-rules/class-not-empty-rule.php
@@ -0,0 +1,63 @@
+Error: The password cannot be a space or all spaces', 'jetpack-account-protection' );
+ }
+
+ /**
+ * Validate the password.
+ *
+ * @param string $password The password to validate.
+ * @param array $userdata (Optional) The user data.
+ *
+ * @return bool True if the password is valid, false otherwise.
+ */
+ public function callback( string $password, ?array $userdata = null ): bool { // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
+ return ! empty( $password );
+ }
+}
diff --git a/projects/packages/account-protection/src/password-rules/class-not-recent-rule.php b/projects/packages/account-protection/src/password-rules/class-not-recent-rule.php
new file mode 100644
index 0000000000000..3cfd7d76a5a31
--- /dev/null
+++ b/projects/packages/account-protection/src/password-rules/class-not-recent-rule.php
@@ -0,0 +1,63 @@
+Error: The password was used recently.', 'jetpack-account-protection' );
+ }
+
+ /**
+ * Validate the password.
+ *
+ * @param string $password The password to validate.
+ * @param array $userdata (Optional) The user data.
+ *
+ * @return bool True if the password is valid, false otherwise.
+ */
+ public function callback( string $password, ?array $userdata = null ): bool {
+ return ! $this->validation_service->is_recent_password( $password, $userdata );
+ }
+}
diff --git a/projects/packages/account-protection/src/password-rules/class-password-rule.php b/projects/packages/account-protection/src/password-rules/class-password-rule.php
new file mode 100644
index 0000000000000..5b554a86e6baa
--- /dev/null
+++ b/projects/packages/account-protection/src/password-rules/class-password-rule.php
@@ -0,0 +1,97 @@
+Error: The password was used recently."
+ *
+ * @var string
+ */
+ public $error;
+
+ /**
+ * Constructor for the Password_Rule class.
+ *
+ * @param Validation_Service $validation_service The validation service instance.
+ */
+ public function __construct( Validation_Service $validation_service ) {
+ $this->validation_service = $validation_service;
+ $this->description = $this->get_description();
+ $this->label = $this->get_label();
+ $this->error = $this->get_error();
+ }
+
+ /**
+ * The callback function for the rule.
+ *
+ * @param string $password The password to validate.
+ * @param array $userdata (Optional) The user data.
+ *
+ * @return bool
+ */
+ abstract public function callback( string $password, ?array $userdata = null ): bool;
+
+ /**
+ * Get the description of the rule.
+ *
+ * @return string
+ */
+ abstract protected function get_description(): string;
+
+ /**
+ * Get the short label for the rule.
+ *
+ * @return string
+ */
+ abstract protected function get_label(): string;
+
+ /**
+ * Get the error message of the rule.
+ *
+ * @return string
+ */
+ abstract protected function get_error(): string;
+}
diff --git a/projects/packages/account-protection/tests/php/test-password-detection.php b/projects/packages/account-protection/tests/php/test-password-detection.php
index 79562b2b59120..ea9bb3ce7c1fc 100644
--- a/projects/packages/account-protection/tests/php/test-password-detection.php
+++ b/projects/packages/account-protection/tests/php/test-password-detection.php
@@ -23,7 +23,7 @@ public function test_handle_password_detection_validation_error_redirects_to_log
public function test_login_form_password_detection_does_not_ask_validation_service_if_user_doesnt_require_protection(): void {
$validation_service_mock = $this->createMock( Validation_Service::class );
$validation_service_mock->expects( $this->never() )
- ->method( 'is_weak_password' );
+ ->method( 'is_compromised_password' );
$sut = new Password_Detection( null, $validation_service_mock );
@@ -35,7 +35,7 @@ public function test_login_form_password_detection_does_not_ask_validation_servi
public function test_login_form_password_detection_does_not_ask_validation_service_if_user_has_wrong_password(): void {
$validation_service_mock = $this->createMock( Validation_Service::class );
$validation_service_mock->expects( $this->never() )
- ->method( 'is_weak_password' );
+ ->method( 'is_compromised_password' );
$sut = new Password_Detection( null, $validation_service_mock );
@@ -51,7 +51,7 @@ public function test_login_form_password_detection_asks_validation_service_if_us
$validation_service_mock = $this->createMock( Validation_Service::class );
$validation_service_mock->expects( $this->once() )
- ->method( 'is_weak_password' )
+ ->method( 'is_compromised_password' )
->with( 'pw' )
->willReturn( false );
@@ -72,7 +72,7 @@ public function test_login_form_password_detection_sends_email_and_returns_error
$validation_service_mock = $this->createMock( Validation_Service::class );
$validation_service_mock->expects( $this->once() )
- ->method( 'is_weak_password' )
+ ->method( 'is_compromised_password' )
->with( 'pw' )
->willReturn( true );
@@ -108,7 +108,7 @@ public function test_login_form_password_detection_sets_transient_error_if_unabl
$validation_service_mock = $this->createMock( Validation_Service::class );
$validation_service_mock->expects( $this->once() )
- ->method( 'is_weak_password' )
+ ->method( 'is_compromised_password' )
->with( 'pw' )
->willReturn( true );
diff --git a/projects/packages/account-protection/tests/php/test-validation-service.php b/projects/packages/account-protection/tests/php/test-validation-service.php
index e342b935de09c..22b1f348d42fb 100644
--- a/projects/packages/account-protection/tests/php/test-validation-service.php
+++ b/projects/packages/account-protection/tests/php/test-validation-service.php
@@ -19,7 +19,7 @@ public function test_returns_false_if_not_connected() {
->willReturn( false );
$validation_service = new Validation_Service( $connection );
- $this->assertFalse( $validation_service->is_weak_password( 'somepassword' ) );
+ $this->assertFalse( $validation_service->is_compromised_password( 'somepassword' ) );
}
private function get_connection_manager() {
@@ -51,7 +51,7 @@ public function test_returns_false_if_remote_request_fails() {
->method( 'request_suffixes' )
->willReturn( new \WP_Error( 'something went wrong' ) );
- $this->assertFalse( $validation_service->is_weak_password( 'somepassword' ) );
+ $this->assertFalse( $validation_service->is_compromised_password( 'somepassword' ) );
}
public function test_returns_false_if_response_code_is_not_200() {
@@ -71,7 +71,7 @@ public function test_returns_false_if_response_code_is_not_200() {
)
);
- $this->assertFalse( $validation_service->is_weak_password( 'somepassword' ) );
+ $this->assertFalse( $validation_service->is_compromised_password( 'somepassword' ) );
}
public function test_returns_false_if_response_code_is_empty_body() {
@@ -91,7 +91,7 @@ public function test_returns_false_if_response_code_is_empty_body() {
)
);
- $this->assertFalse( $validation_service->is_weak_password( 'somepassword' ) );
+ $this->assertFalse( $validation_service->is_compromised_password( 'somepassword' ) );
}
public function test_returns_true_if_password_is_compromised() {
@@ -115,7 +115,7 @@ public function test_returns_true_if_password_is_compromised() {
)
);
- $this->assertTrue( $validation_service->is_weak_password( 'somepassword' ) );
+ $this->assertTrue( $validation_service->is_compromised_password( 'somepassword' ) );
}
public function test_returns_true_if_password_is_common() {
@@ -139,7 +139,7 @@ public function test_returns_true_if_password_is_common() {
)
);
- $this->assertTrue( $validation_service->is_weak_password( 'somepassword' ) );
+ $this->assertTrue( $validation_service->is_compromised_password( 'somepassword' ) );
}
public function test_returns_false_if_password_is_not_weak() {
@@ -164,7 +164,7 @@ public function test_returns_false_if_password_is_not_weak() {
)
);
- $this->assertFalse( $validation_service->is_weak_password( 'somepassword' ) );
+ $this->assertFalse( $validation_service->is_compromised_password( 'somepassword' ) );
}
public function test_returns_true_if_password_is_current_password() {