@Test public void test_user_wrong_salt_hash_format() throws Exception { final String providedUsername = "******"; when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername)); final String providedPassword = "******"; when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword)); when(clientCredentialsData.getInetAddress()) .thenReturn(Optional.of(InetAddress.getLoopbackAddress())); final String filePassword = "******"; when(configuration.getUser(providedUsername)).thenReturn(filePassword); when(configuration.isSalted()).thenReturn(true); when(configuration.isHashed()).thenReturn(true); final String algorithm = "SHA-512"; when(configuration.getHashingAlgorithm()).thenReturn(algorithm); final int iterations = 1000000; when(configuration.getHashingIterations()).thenReturn(iterations); final String salt = "salt"; final String hash = "hash"; HashedSaltedPassword abc = new HashedSaltedPassword(hash, salt); fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); when(passwordComparator.validateHashedAndSaltedPassword( algorithm, providedPassword, hash, iterations, salt)) .thenReturn(true); FileAuthenticatorForTest2 fileAuthenticator = new FileAuthenticatorForTest2(configuration, passwordComparator, abc); final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData); assertFalse(isAuthenticated); }
@Test public void test_user_correct_hashed_password() throws Exception { final String providedUsername = "******"; when(clientCredentialsData.getUsername()).thenReturn(Optional.of(providedUsername)); final String providedPassword = "******"; when(clientCredentialsData.getPassword()).thenReturn(Optional.of(providedPassword)); when(clientCredentialsData.getInetAddress()) .thenReturn(Optional.of(InetAddress.getLoopbackAddress())); final String filePassword = "******"; when(configuration.getUser(providedUsername)).thenReturn(filePassword); when(configuration.isSalted()).thenReturn(false); when(configuration.isHashed()).thenReturn(true); final String algorithm = "SHA-512"; when(configuration.getHashingAlgorithm()).thenReturn(algorithm); final int iterations = 1000000; when(configuration.getHashingIterations()).thenReturn(iterations); fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); when(passwordComparator.validateHashedPassword( algorithm, providedPassword, filePassword, iterations)) .thenReturn(true); FileAuthenticator fileAuthenticator = new FileAuthenticator(configuration, passwordComparator); final Boolean isAuthenticated = fileAuthenticator.checkCredentials(clientCredentialsData); assertTrue(isAuthenticated); }