diff --git a/phpunit.xml b/phpunit.xml
index d5e14ad..4e052f2 100644
--- a/phpunit.xml
+++ b/phpunit.xml
@@ -3,6 +3,15 @@
xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/11.0/phpunit.xsd"
bootstrap="tests/bootstrap.php"
colors="true">
+
+
+ config
+ lib
+ modules
+ pages
+ tests
+
+
tests
diff --git a/tests/Service/Access/PermissionServiceTest.php b/tests/Service/Access/PermissionServiceTest.php
index 0b91db8..c2c4c8e 100644
--- a/tests/Service/Access/PermissionServiceTest.php
+++ b/tests/Service/Access/PermissionServiceTest.php
@@ -229,7 +229,7 @@ class PermissionServiceTest extends TestCase
->with(10)
->willReturn(['id' => 10, 'key' => 'custom.perm', 'active' => 0]);
- $this->permissionRepository->expects($this->any())->method('update')->with(10, $this->isType('array'))->willReturn(true);
+ $this->permissionRepository->expects($this->any())->method('update')->with(10, $this->isArray())->willReturn(true);
$this->systemAuditService->expects($this->once())->method('record');
$result = $this->service->updateFromAdmin(10, $input);
diff --git a/tests/Service/Auth/OidcHttpGatewayTest.php b/tests/Service/Auth/OidcHttpGatewayTest.php
deleted file mode 100644
index 05a3abf..0000000
--- a/tests/Service/Auth/OidcHttpGatewayTest.php
+++ /dev/null
@@ -1,131 +0,0 @@
-createMock(OidcHttpGateway::class);
- $mock->method('call')
- ->willReturn(['status' => 200, 'data' => '{"access_token":"abc"}']);
-
- $result = $mock->call('POST', 'https://login.example.com/token', 'grant_type=authorization_code');
-
- $this->assertSame(200, $result['status']);
- $this->assertStringContainsString('access_token', $result['data']);
- }
-
- public function testMockCanSimulateNetworkError(): void
- {
- $mock = $this->createMock(OidcHttpGateway::class);
- $mock->method('call')
- ->willReturn(['status' => 0, 'data' => '']);
-
- $result = $mock->call('GET', 'https://unreachable.example.com');
-
- $this->assertSame(0, $result['status']);
- $this->assertSame('', $result['data']);
- }
-
- public function testMockCanSimulate401Unauthorized(): void
- {
- $mock = $this->createMock(OidcHttpGateway::class);
- $mock->method('call')
- ->willReturn(['status' => 401, 'data' => '{"error":"invalid_client"}']);
-
- $result = $mock->call('POST', 'https://login.example.com/token', 'grant_type=client_credentials');
-
- $this->assertSame(401, $result['status']);
- }
-
- public function testMockCanSimulate500ServerError(): void
- {
- $mock = $this->createMock(OidcHttpGateway::class);
- $mock->method('call')
- ->willReturn(['status' => 500, 'data' => 'Internal Server Error']);
-
- $result = $mock->call('POST', 'https://login.example.com/token');
-
- $this->assertSame(500, $result['status']);
- }
-
- public function testMockCanSimulateMalformedJsonResponse(): void
- {
- $mock = $this->createMock(OidcHttpGateway::class);
- $mock->method('call')
- ->willReturn(['status' => 200, 'data' => '{malformed']);
-
- $result = $mock->call('GET', 'https://login.example.com/.well-known/openid-configuration');
-
- $this->assertSame(200, $result['status']);
- $decoded = json_decode($result['data'], true);
- $this->assertNull($decoded, 'Malformed JSON should decode to null');
- }
-
- // --- Method signature contract ---
-
- public function testCallMethodAcceptsAllParameters(): void
- {
- $mock = $this->createMock(OidcHttpGateway::class);
- $mock->expects($this->once())
- ->method('call')
- ->with(
- 'POST',
- 'https://login.example.com/token',
- 'grant_type=authorization_code&code=abc',
- ['Content-Type' => 'application/x-www-form-urlencoded']
- )
- ->willReturn(['status' => 200, 'data' => '{}']);
-
- $mock->call(
- 'POST',
- 'https://login.example.com/token',
- 'grant_type=authorization_code&code=abc',
- ['Content-Type' => 'application/x-www-form-urlencoded']
- );
- }
-
- public function testCallMethodHasCorrectDefaultParameters(): void
- {
- $gateway = new OidcHttpGateway();
- $reflection = new \ReflectionMethod($gateway, 'call');
- $params = $reflection->getParameters();
-
- $this->assertCount(4, $params);
- $this->assertSame('method', $params[0]->getName());
- $this->assertSame('url', $params[1]->getName());
- $this->assertSame('data', $params[2]->getName());
- $this->assertTrue($params[2]->isDefaultValueAvailable());
- $this->assertSame('', $params[2]->getDefaultValue());
- $this->assertSame('headers', $params[3]->getName());
- $this->assertTrue($params[3]->isDefaultValueAvailable());
- $this->assertSame([], $params[3]->getDefaultValue());
- }
-
- public function testCallMethodReturnTypeIsArray(): void
- {
- $gateway = new OidcHttpGateway();
- $reflection = new \ReflectionMethod($gateway, 'call');
- $returnType = $reflection->getReturnType();
-
- $this->assertNotNull($returnType);
- $this->assertSame('array', (string) $returnType);
- }
-}
diff --git a/tests/Service/Auth/RememberMeServiceTest.php b/tests/Service/Auth/RememberMeServiceTest.php
index fc2ee12..f26e24b 100644
--- a/tests/Service/Auth/RememberMeServiceTest.php
+++ b/tests/Service/Auth/RememberMeServiceTest.php
@@ -16,6 +16,31 @@ use PHPUnit\Framework\TestCase;
class RememberMeServiceTest extends TestCase
{
+ private array $previousSession = [];
+
+ protected function setUp(): void
+ {
+ parent::setUp();
+ $this->previousSession = $_SESSION ?? [];
+
+ if (session_status() !== PHP_SESSION_ACTIVE) {
+ session_start();
+ }
+
+ $_SESSION = [];
+ }
+
+ protected function tearDown(): void
+ {
+ $_SESSION = $this->previousSession;
+
+ if (session_status() === PHP_SESSION_ACTIVE) {
+ session_write_close();
+ }
+
+ parent::tearDown();
+ }
+
// ---------------------------------------------------------------
// rememberUser — creates token and sets cookie
// ---------------------------------------------------------------
diff --git a/tests/Service/Tenant/TenantServiceTest.php b/tests/Service/Tenant/TenantServiceTest.php
index 4308d4d..0baac96 100644
--- a/tests/Service/Tenant/TenantServiceTest.php
+++ b/tests/Service/Tenant/TenantServiceTest.php
@@ -82,7 +82,7 @@ class TenantServiceTest extends TestCase
$this->tenantRepository->expects($this->once())
->method('update')
- ->with(10, $this->isType('array'))
+ ->with(10, $this->isArray())
->willReturn(true);
$this->systemAuditService->expects($this->once())