BCryptPasswordSecurityTest.java

/*
 * Copyright 2013 ArcBees Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License. You may obtain a copy of
 * the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations under
 * the License.
 */

package com.gwtplatform.carstore.server.authentication;

import org.junit.Test;
import org.mindrot.jbcrypt.BCrypt;

import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;

public class BCryptPasswordSecurityTest {
    private static final String VALID_PASSWORD = "a";
    private static final String INVALID_PASSWORD = "b";

    @Test
    public void checkingAValidPasswordShouldReturnTrue() {
        // Given
        PasswordSecurity passwordSecurity = new BCryptPasswordSecurity();
        String hashPassword = BCrypt.hashpw(VALID_PASSWORD, BCrypt.gensalt());

        // When
        Boolean check = passwordSecurity.check(VALID_PASSWORD, hashPassword);

        // Then
        assertTrue(check);
    }

    @Test
    public void checkingAnInvalidPasswordShouldReturnFalse() {
        // Given
        PasswordSecurity passwordSecurity = new BCryptPasswordSecurity();
        String hashPassword = BCrypt.hashpw(VALID_PASSWORD, BCrypt.gensalt());

        // When
        Boolean check = passwordSecurity.check(INVALID_PASSWORD, hashPassword);

        // Then
        assertFalse(check);
    }
}