@Test
public void test_user_wrong_hashed_password() throws Exception {
final String providedUsername = "******";
when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
final String providedPassword = "******";
when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
when(clientCredentialsData.getInetAddress())
.thenReturn(Optional.of(InetAddress.getLoopbackAddress()));
final String filePassword = "******";
when(configuration.getUser(providedUsername)).thenReturn(filePassword);
when(configuration.isSalted()).thenReturn(false);
when(configuration.isHashed()).thenReturn(true);
final String algorithm = "SHA-512";
when(configuration.getHashingAlgorithm()).thenReturn(algorithm);
final int iterations = 1000000;
when(configuration.getHashingIterations()).thenReturn(iterations);
fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
when(passwordComparator.validateHashedPassword(
algorithm, providedPassword, filePassword, iterations))
.thenReturn(false);
FileAuthenticator fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);
assertFalse(isAuthenticated);
}
@Test
public void test_no_password() throws Exception {
when(clientCredentialsData.getUsername()).thenReturn(Optional.of("user"));
when(clientCredentialsData.getPassword()).thenReturn(Optional.<String>absent());
when(clientCredentialsData.getInetAddress())
.thenReturn(Optional.of(InetAddress.getLoopbackAddress()));
fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);
assertFalse(isAuthenticated);
}
@Test
public void test_user_is_not_present_in_credential_file() throws Exception {
final String providedUsername = "******";
when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
when(clientCredentialsData.getPassword()).thenReturn(Optional.of("password"));
when(clientCredentialsData.getInetAddress())
.thenReturn(Optional.of(InetAddress.getLoopbackAddress()));
when(configuration.getUser(providedUsername)).thenReturn(null);
fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);
assertFalse(isAuthenticated);
}
@Test
public void test_user_correct_plaintext_password() throws Exception {
final String providedUsername = "******";
when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
final String providedPassword = "******";
when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
when(clientCredentialsData.getInetAddress())
.thenReturn(Optional.of(InetAddress.getLoopbackAddress()));
final String filePassword = "******";
when(configuration.getUser(providedUsername)).thenReturn(filePassword);
when(configuration.isHashed()).thenReturn(false);
when(passwordComparator.validatePlaintextPassword(filePassword, providedPassword))
.thenReturn(true);
fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);
assertTrue(isAuthenticated);
}
