/**
* Licensed to Apereo under one or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information regarding copyright ownership. Apereo
* licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use
* this file except in compliance with the License. You may obtain a copy of the License at the
* following location:
*
* <p>http://www.apache.org/licenses/LICENSE-2.0
*
* <p>Unless required by applicable law or agreed to in writing, software distributed under the
* License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apereo.portal.cas.authentication.handler.support;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import org.easymock.EasyMock;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.junit.Test;
/**
*/
public class PersonDirAuthenticationHandlerTest {
@Test
public void testValidMd5Password() throws Exception {
final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
EasyMock.expect(userPasswordDao.getPasswordHash("admin"))
.andReturn("(MD5)OP2Z89LDMIY6gHAwfoFPRSQWDl5Z16Vt");
final PersonDirAuthenticationHandler authenticationHandler =
new PersonDirAuthenticationHandler();
authenticationHandler.setUserPasswordDao(userPasswordDao);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
credentials.setUsername("admin");
credentials.setPassword("admin");
EasyMock.replay(userPasswordDao);
final boolean auth =
authenticationHandler.authenticateUsernamePasswordInternal(credentials);
EasyMock.verify(userPasswordDao);
assertTrue(auth);
}
@Test
public void testInvalidMd5Password() throws Exception {
final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
EasyMock.expect(userPasswordDao.getPasswordHash("admin"))
.andReturn("(MD5)OP2Z89LDMIY5gHAwfoFPRSQWDl5Z16Vt");
final PersonDirAuthenticationHandler authenticationHandler =
new PersonDirAuthenticationHandler();
authenticationHandler.setUserPasswordDao(userPasswordDao);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
credentials.setUsername("admin");
credentials.setPassword("admin");
EasyMock.replay(userPasswordDao);
final boolean auth =
authenticationHandler.authenticateUsernamePasswordInternal(credentials);
EasyMock.verify(userPasswordDao);
assertFalse(auth);
}
@Test
public void testNullPassword() throws Exception {
final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
EasyMock.expect(userPasswordDao.getPasswordHash("admin")).andReturn(null);
final PersonDirAuthenticationHandler authenticationHandler =
new PersonDirAuthenticationHandler();
authenticationHandler.setUserPasswordDao(userPasswordDao);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
credentials.setUsername("admin");
credentials.setPassword("admin");
EasyMock.replay(userPasswordDao);
final boolean auth =
authenticationHandler.authenticateUsernamePasswordInternal(credentials);
EasyMock.verify(userPasswordDao);
assertFalse(auth);
}
@Test
public void testValidSHA256Password() throws Exception {
final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
EasyMock.expect(userPasswordDao.getPasswordHash("student"))
.andReturn("(SHA256)KwAQC001SoQq/CjHMLSz2o0aAqx7WrKeRFgWOeM2GEyLXGZd+1/XkA==");
final PersonDirAuthenticationHandler authenticationHandler =
new PersonDirAuthenticationHandler();
authenticationHandler.setUserPasswordDao(userPasswordDao);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
credentials.setUsername("student");
credentials.setPassword("wombat");
EasyMock.replay(userPasswordDao);
final boolean auth =
authenticationHandler.authenticateUsernamePasswordInternal(credentials);
EasyMock.verify(userPasswordDao);
assertTrue(auth);
}
@Test
public void testInvalidSHA256Password() throws Exception {
final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
EasyMock.expect(userPasswordDao.getPasswordHash("student"))
.andReturn("(SHA256)KwAQC001SoPq/CjHMLSz2o0aAqx7WrKeRFgWOeM2GEyLXGZd+1/XkA==");
final PersonDirAuthenticationHandler authenticationHandler =
new PersonDirAuthenticationHandler();
authenticationHandler.setUserPasswordDao(userPasswordDao);
final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
credentials.setUsername("student");
credentials.setPassword("student");
EasyMock.replay(userPasswordDao);
final boolean auth =
authenticationHandler.authenticateUsernamePasswordInternal(credentials);
EasyMock.verify(userPasswordDao);
assertFalse(auth);
}
}