github.com/cs3org/reva/v2@v2.27.7/pkg/auth/manager/owncloudsql/owncloudsql_test.go

github.com/cs3org/reva/v2@v2.27.7/pkg/auth/manager/owncloudsql/owncloudsql_test.go (about)

     1  // Copyright 2018-2021 CERN
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  //
    15  // In applying this license, CERN does not waive the privileges and immunities
    16  // granted to it by virtue of its status as an Intergovernmental Organization
    17  // or submit itself to any jurisdiction.
    18  
    19  package owncloudsql
    20  
    21  import (
    22  	"testing"
    23  
    24  	"github.com/cs3org/reva/v2/pkg/auth/manager/owncloudsql/accounts"
    25  	"github.com/pkg/errors"
    26  )
    27  
    28  // new returns a dummy auth manager for testing
    29  func new(m map[string]interface{}) (*manager, error) {
    30  	mgr := &manager{}
    31  	err := mgr.Configure(m)
    32  	if err != nil {
    33  		err = errors.Wrap(err, "error creating a new auth manager")
    34  		return nil, err
    35  	}
    36  
    37  	mgr.db, err = accounts.New("unused", nil, false, false, false)
    38  	if err != nil {
    39  		return nil, err
    40  	}
    41  
    42  	return mgr, nil
    43  }
    44  
    45  func TestVerify(t *testing.T) {
    46  	tests := map[string]struct {
    47  		password string
    48  		hash     string
    49  		expected bool
    50  	}{
    51  		// Bogus values
    52  		"bogus-1": {"", "asf32äà$$a.|3", false},
    53  		"bogus-2": {"", "", false},
    54  
    55  		// Valid SHA1 strings
    56  		"valid-sha1-1": {"password", "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", true},
    57  		"valid-sha1-2": {"owncloud.com", "27a4643e43046c3569e33b68c1a4b15d31306d29", true},
    58  
    59  		// Invalid SHA1 strings
    60  		"invalid-sha1-1": {"InvalidString", "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", false},
    61  		"invalid-sha1-2": {"AnotherInvalidOne", "27a4643e43046c3569e33b68c1a4b15d31306d29", false},
    62  
    63  		// Valid legacy password string with password salt "6Wow67q1wZQZpUUeI6G2LsWUu4XKx"
    64  		"valid-legacy-1": {"password", "$2a$08$emCpDEl.V.QwPWt5gPrqrOhdpH6ailBmkj2Hd2vD5U8qIy20HBe7.", true},
    65  		"valid-legacy-2": {"password", "$2a$08$yjaLO4ev70SaOsWZ9gRS3eRSEpHVsmSWTdTms1949mylxJ279hzo2", true},
    66  		"valid-legacy-3": {"password", "$2a$08$.jNRG/oB4r7gHJhAyb.mDupNUAqTnBIW/tWBqFobaYflKXiFeG0A6", true},
    67  		"valid-legacy-4": {"owncloud.com", "$2a$08$YbEsyASX/hXVNMv8hXQo7ezreN17T8Jl6PjecGZvpX.Ayz2aUyaZ2", true},
    68  		"valid-legacy-5": {"owncloud.com", "$2a$11$cHdDA2IkUP28oNGBwlL7jO/U3dpr8/0LIjTZmE8dMPA7OCUQsSTqS", true},
    69  		"valid-legacy-6": {"owncloud.com", "$2a$08$GH.UoIfJ1e.qeZ85KPqzQe6NR8XWRgJXWIUeE1o/j1xndvyTA1x96", true},
    70  
    71  		// Invalid legacy passwords
    72  		"invalid-legacy": {"password", "$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2", false},
    73  
    74  		// Valid passwords "6Wow67q1wZQZpUUeI6G2LsWUu4XKx"
    75  		"valid-1": {"password", "1|$2a$05$ezAE0dkwk57jlfo6z5Pql.gcIK3ReXT15W7ITNxVS0ksfhO/4E4Kq", true},
    76  		"valid-2": {"password", "1|$2a$05$4OQmloFW4yTVez2MEWGIleDO9Z5G9tWBXxn1vddogmKBQq/Mq93pe", true},
    77  		"valid-3": {"password", "1|$2a$11$yj0hlp6qR32G9exGEXktB.yW2rgt2maRBbPgi3EyxcDwKrD14x/WO", true},
    78  		"valid-4": {"owncloud.com", "1|$2a$10$Yiss2WVOqGakxuuqySv5UeOKpF8d8KmNjuAPcBMiRJGizJXjA2bKm", true},
    79  		"valid-5": {"owncloud.com", "1|$2a$10$v9mh8/.mF/Ut9jZ7pRnpkuac3bdFCnc4W/gSumheQUi02Sr.xMjPi", true},
    80  		"valid-6": {"owncloud.com", "1|$2a$05$ST5E.rplNRfDCzRpzq69leRzsTGtY7k88h9Vy2eWj0Ug/iA9w5kGK", true},
    81  
    82  		// Invalid passwords
    83  		"invalid-1": {"password", "0|$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2", false},
    84  		"invalid-2": {"password", "1|$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2", false},
    85  		"invalid-3": {"password", "2|$2a$08$oKAQY5IhnZocP.61MwP7xu7TNeOb7Ostvk3j6UpacvaNMs.xRj7O2", false},
    86  	}
    87  
    88  	u, err := new(map[string]interface{}{
    89  		"legacy_salt": "6Wow67q1wZQZpUUeI6G2LsWUu4XKx",
    90  	})
    91  	if err != nil {
    92  		t.Fatalf("could not initialize owncloudsql auth manager: %v", err)
    93  	}
    94  
    95  	for name := range tests {
    96  		var tc = tests[name]
    97  		t.Run(name, func(t *testing.T) {
    98  			actual := u.verify(tc.password, tc.hash)
    99  			if actual != tc.expected {
   100  				t.Fatalf("%v returned wrong verification:\n\tAct: %v\n\tExp: %v", t.Name(), actual, tc.expected)
   101  			}
   102  		})
   103  	}
   104  }