assertTrue($gateway->isConfigured()); } public function testEncryptDecryptRoundTripThroughGateway(): void { $gateway = new AuthCryptoGateway(); $plaintext = 'sso-client-secret'; $encrypted = $gateway->encryptString($plaintext); $this->assertNotSame($plaintext, $encrypted); $this->assertSame($plaintext, $gateway->decryptString($encrypted)); } public function testDecryptStringThrowsOnMalformedInput(): void { $gateway = new AuthCryptoGateway(); $this->expectException(\RuntimeException::class); $gateway->decryptString('not-a-valid-payload'); } public function testEncryptProducesDifferentCiphertextEachCall(): void { $gateway = new AuthCryptoGateway(); $this->assertNotSame( $gateway->encryptString('same-value'), $gateway->encryptString('same-value'), ); } }