コード例 #1
0
  @Test
  public void test_user_wrong_salt_hash_format() throws Exception {

    final String providedUsername = "******";
    when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
    final String providedPassword = "******";
    when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
    when(clientCredentialsData.getInetAddress())
        .thenReturn(Optional.of(InetAddress.getLoopbackAddress()));

    final String filePassword = "******";
    when(configuration.getUser(providedUsername)).thenReturn(filePassword);
    when(configuration.isSalted()).thenReturn(true);
    when(configuration.isHashed()).thenReturn(true);
    final String algorithm = "SHA-512";
    when(configuration.getHashingAlgorithm()).thenReturn(algorithm);
    final int iterations = 1000000;
    when(configuration.getHashingIterations()).thenReturn(iterations);

    final String salt = "salt";
    final String hash = "hash";
    HashedSaltedPassword abc = new HashedSaltedPassword(hash, salt);

    fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
    when(passwordComparator.validateHashedAndSaltedPassword(
            algorithm, providedPassword, hash, iterations, salt))
        .thenReturn(true);

    FileAuthenticatorForTest2 fileAuthenticator =
        new FileAuthenticatorForTest2(configuration, passwordComparator, abc);
    final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);

    assertFalse(isAuthenticated);
  }
コード例 #2
0
  @Test
  public void test_user_correct_hashed_password() throws Exception {

    final String providedUsername = "******";
    when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
    final String providedPassword = "******";
    when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
    when(clientCredentialsData.getInetAddress())
        .thenReturn(Optional.of(InetAddress.getLoopbackAddress()));

    final String filePassword = "******";
    when(configuration.getUser(providedUsername)).thenReturn(filePassword);
    when(configuration.isSalted()).thenReturn(false);
    when(configuration.isHashed()).thenReturn(true);
    final String algorithm = "SHA-512";
    when(configuration.getHashingAlgorithm()).thenReturn(algorithm);
    final int iterations = 1000000;
    when(configuration.getHashingIterations()).thenReturn(iterations);

    fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
    when(passwordComparator.validateHashedPassword(
            algorithm, providedPassword, filePassword, iterations))
        .thenReturn(true);

    FileAuthenticator fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
    final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);

    assertTrue(isAuthenticated);
  }
コード例 #3
0
  @Test
  public void test_user_correct_plaintext_password() throws Exception {

    final String providedUsername = "******";
    when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
    final String providedPassword = "******";
    when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
    when(clientCredentialsData.getInetAddress())
        .thenReturn(Optional.of(InetAddress.getLoopbackAddress()));

    final String filePassword = "******";
    when(configuration.getUser(providedUsername)).thenReturn(filePassword);
    when(configuration.isHashed()).thenReturn(false);

    when(passwordComparator.validatePlaintextPassword(filePassword, providedPassword))
        .thenReturn(true);

    fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
    final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);

    assertTrue(isAuthenticated);
  }
コード例 #4
0
  @Test
  public void test_user_is_not_present_in_credential_file() throws Exception {

    final String providedUsername = "******";
    when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
    when(clientCredentialsData.getPassword()).thenReturn(Optional.of("password"));
    when(clientCredentialsData.getInetAddress())
        .thenReturn(Optional.of(InetAddress.getLoopbackAddress()));

    when(configuration.getUser(providedUsername)).thenReturn(null);

    fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
    final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);

    assertFalse(isAuthenticated);
  }