VerifyPBKDF2Realm.java

package com.occamlab.te.realm;

import java.security.Principal;
import java.util.Collections;

import static com.occamlab.te.realm.PasswordStorage.*;
import static org.junit.Assert.*;
import static org.mockito.Mockito.*;

import org.apache.catalina.realm.GenericPrincipal;
import org.junit.BeforeClass;
import org.junit.Test;

public class VerifyPBKDF2Realm {

    private static final String USERNAME = "alpha";
    private static GenericPrincipal principal;

    @BeforeClass
    public static void initPrincipal() throws CannotPerformOperationException {
        String hash = PasswordStorage.createHash("correct");
        principal = new GenericPrincipal(USERNAME, hash, Collections.singletonList("user"));
    }

    @Test
    public void correctPassword() {
        PBKDF2Realm iut = new PBKDF2Realm();
        PBKDF2Realm realmSpy = spy(iut);
        doReturn(principal).when(realmSpy).getPrincipal(USERNAME);
        Principal thePrincipal = realmSpy.authenticate(USERNAME, "correct");
        assertNotNull("Expected authentication to succeed.", thePrincipal);
    }

    @Test
    public void incorrectPassword() {
        PBKDF2Realm iut = new PBKDF2Realm();
        PBKDF2Realm realmSpy = spy(iut);
        doReturn(principal).when(realmSpy).getPrincipal(USERNAME);
        Principal thePrincipal = realmSpy.authenticate(USERNAME, "incorrect");
        assertNull("Expected authentication failure.", thePrincipal);
    }

    @Test
    public void invalidHash() {
        Principal other = new GenericPrincipal(USERNAME, "3179a65eff2523bbde53c99b299b719c10a35235",
                Collections.singletonList("user"));
        PBKDF2Realm iut = new PBKDF2Realm();
        PBKDF2Realm realmSpy = spy(iut);
        doReturn(other).when(realmSpy).getPrincipal(USERNAME);
        Principal thePrincipal = realmSpy.authenticate(USERNAME, "correct");
        assertNull("Expected authentication failure.", thePrincipal);
    }
}