@Test
public void test_user_wrong_salt_hash_format() throws Exception {
final String providedUsername = "******";
when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
final String providedPassword = "******";
when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
when(clientCredentialsData.getInetAddress())
.thenReturn(Optional.of(InetAddress.getLoopbackAddress()));
final String filePassword = "******";
when(configuration.getUser(providedUsername)).thenReturn(filePassword);
when(configuration.isSalted()).thenReturn(true);
when(configuration.isHashed()).thenReturn(true);
final String algorithm = "SHA-512";
when(configuration.getHashingAlgorithm()).thenReturn(algorithm);
final int iterations = 1000000;
when(configuration.getHashingIterations()).thenReturn(iterations);
final String salt = "salt";
final String hash = "hash";
HashedSaltedPassword abc = new HashedSaltedPassword(hash, salt);
fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
when(passwordComparator.validateHashedAndSaltedPassword(
algorithm, providedPassword, hash, iterations, salt))
.thenReturn(true);
FileAuthenticatorForTest2 fileAuthenticator =
new FileAuthenticatorForTest2(configuration, passwordComparator, abc);
final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);
assertFalse(isAuthenticated);
}
@Test
public void test_user_correct_hashed_password() throws Exception {
final String providedUsername = "******";
when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
final String providedPassword = "******";
when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
when(clientCredentialsData.getInetAddress())
.thenReturn(Optional.of(InetAddress.getLoopbackAddress()));
final String filePassword = "******";
when(configuration.getUser(providedUsername)).thenReturn(filePassword);
when(configuration.isSalted()).thenReturn(false);
when(configuration.isHashed()).thenReturn(true);
final String algorithm = "SHA-512";
when(configuration.getHashingAlgorithm()).thenReturn(algorithm);
final int iterations = 1000000;
when(configuration.getHashingIterations()).thenReturn(iterations);
fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
when(passwordComparator.validateHashedPassword(
algorithm, providedPassword, filePassword, iterations))
.thenReturn(true);
FileAuthenticator fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);
assertTrue(isAuthenticated);
}
@Test
public void test_user_correct_plaintext_password() throws Exception {
final String providedUsername = "******";
when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername));
final String providedPassword = "******";
when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword));
when(clientCredentialsData.getInetAddress())
.thenReturn(Optional.of(InetAddress.getLoopbackAddress()));
final String filePassword = "******";
when(configuration.getUser(providedUsername)).thenReturn(filePassword);
when(configuration.isHashed()).thenReturn(false);
when(passwordComparator.validatePlaintextPassword(filePassword, providedPassword))
.thenReturn(true);
fileAuthenticator = new FileAuthenticator(configuration, passwordComparator);
final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData);
assertTrue(isAuthenticated);
}