@Test public void test_user_wrong_hashed_password() throws Exception { final String providedUsername = "******"; when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername)); final String providedPassword = "******"; when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword)); when(clientCredentialsData.getInetAddress()) .thenReturn(Optional.of(InetAddress.getLoopbackAddress())); final String filePassword = "******"; when(configuration.getUser(providedUsername)).thenReturn(filePassword); when(configuration.isSalted()).thenReturn(false); when(configuration.isHashed()).thenReturn(true); final String algorithm = "SHA-512"; when(configuration.getHashingAlgorithm()).thenReturn(algorithm); final int iterations = 1000000; when(configuration.getHashingIterations()).thenReturn(iterations); fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); when(passwordComparator.validateHashedPassword( algorithm, providedPassword, filePassword, iterations)) .thenReturn(false); FileAuthenticator fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData); assertFalse(isAuthenticated); }
@Test public void test_no_password() throws Exception { when(clientCredentialsData.getUsername()).thenReturn(Optional.of("user")); when(clientCredentialsData.getPassword()).thenReturn(Optional.<String>absent()); when(clientCredentialsData.getInetAddress()) .thenReturn(Optional.of(InetAddress.getLoopbackAddress())); fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData); assertFalse(isAuthenticated); }
@Test public void test_user_is_not_present_in_credential_file() throws Exception { final String providedUsername = "******"; when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername)); when(clientCredentialsData.getPassword()).thenReturn(Optional.of("password")); when(clientCredentialsData.getInetAddress()) .thenReturn(Optional.of(InetAddress.getLoopbackAddress())); when(configuration.getUser(providedUsername)).thenReturn(null); fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData); assertFalse(isAuthenticated); }
@Test public void test_user_correct_plaintext_password() throws Exception { final String providedUsername = "******"; when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername)); final String providedPassword = "******"; when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword)); when(clientCredentialsData.getInetAddress()) .thenReturn(Optional.of(InetAddress.getLoopbackAddress())); final String filePassword = "******"; when(configuration.getUser(providedUsername)).thenReturn(filePassword); when(configuration.isHashed()).thenReturn(false); when(passwordComparator.validatePlaintextPassword(filePassword, providedPassword)) .thenReturn(true); fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData); assertTrue(isAuthenticated); }