PersonDirAuthenticationHandlerTest.java

/**
 * Licensed to Apereo under one or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information regarding copyright ownership. Apereo
 * licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain a copy of the License at the
 * following location:
 *
 * <p>http://www.apache.org/licenses/LICENSE-2.0
 *
 * <p>Unless required by applicable law or agreed to in writing, software distributed under the
 * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied. See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apereo.portal.cas.authentication.handler.support;

import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;

import org.easymock.EasyMock;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.junit.Test;

/**
 */
public class PersonDirAuthenticationHandlerTest {

    @Test
    public void testValidMd5Password() throws Exception {
        final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
        EasyMock.expect(userPasswordDao.getPasswordHash("admin"))
                .andReturn("(MD5)OP2Z89LDMIY6gHAwfoFPRSQWDl5Z16Vt");

        final PersonDirAuthenticationHandler authenticationHandler =
                new PersonDirAuthenticationHandler();
        authenticationHandler.setUserPasswordDao(userPasswordDao);

        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
        credentials.setUsername("admin");
        credentials.setPassword("admin");

        EasyMock.replay(userPasswordDao);

        final boolean auth =
                authenticationHandler.authenticateUsernamePasswordInternal(credentials);

        EasyMock.verify(userPasswordDao);

        assertTrue(auth);
    }

    @Test
    public void testInvalidMd5Password() throws Exception {
        final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
        EasyMock.expect(userPasswordDao.getPasswordHash("admin"))
                .andReturn("(MD5)OP2Z89LDMIY5gHAwfoFPRSQWDl5Z16Vt");

        final PersonDirAuthenticationHandler authenticationHandler =
                new PersonDirAuthenticationHandler();
        authenticationHandler.setUserPasswordDao(userPasswordDao);

        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
        credentials.setUsername("admin");
        credentials.setPassword("admin");

        EasyMock.replay(userPasswordDao);

        final boolean auth =
                authenticationHandler.authenticateUsernamePasswordInternal(credentials);

        EasyMock.verify(userPasswordDao);

        assertFalse(auth);
    }

    @Test
    public void testNullPassword() throws Exception {
        final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
        EasyMock.expect(userPasswordDao.getPasswordHash("admin")).andReturn(null);

        final PersonDirAuthenticationHandler authenticationHandler =
                new PersonDirAuthenticationHandler();
        authenticationHandler.setUserPasswordDao(userPasswordDao);

        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
        credentials.setUsername("admin");
        credentials.setPassword("admin");

        EasyMock.replay(userPasswordDao);

        final boolean auth =
                authenticationHandler.authenticateUsernamePasswordInternal(credentials);

        EasyMock.verify(userPasswordDao);

        assertFalse(auth);
    }

    @Test
    public void testValidSHA256Password() throws Exception {
        final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
        EasyMock.expect(userPasswordDao.getPasswordHash("student"))
                .andReturn("(SHA256)KwAQC001SoQq/CjHMLSz2o0aAqx7WrKeRFgWOeM2GEyLXGZd+1/XkA==");

        final PersonDirAuthenticationHandler authenticationHandler =
                new PersonDirAuthenticationHandler();
        authenticationHandler.setUserPasswordDao(userPasswordDao);

        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
        credentials.setUsername("student");
        credentials.setPassword("wombat");

        EasyMock.replay(userPasswordDao);

        final boolean auth =
                authenticationHandler.authenticateUsernamePasswordInternal(credentials);

        EasyMock.verify(userPasswordDao);

        assertTrue(auth);
    }

    @Test
    public void testInvalidSHA256Password() throws Exception {
        final UserPasswordDao userPasswordDao = EasyMock.createMock(UserPasswordDao.class);
        EasyMock.expect(userPasswordDao.getPasswordHash("student"))
                .andReturn("(SHA256)KwAQC001SoPq/CjHMLSz2o0aAqx7WrKeRFgWOeM2GEyLXGZd+1/XkA==");

        final PersonDirAuthenticationHandler authenticationHandler =
                new PersonDirAuthenticationHandler();
        authenticationHandler.setUserPasswordDao(userPasswordDao);

        final UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();
        credentials.setUsername("student");
        credentials.setPassword("student");

        EasyMock.replay(userPasswordDao);

        final boolean auth =
                authenticationHandler.authenticateUsernamePasswordInternal(credentials);

        EasyMock.verify(userPasswordDao);

        assertFalse(auth);
    }
}