feat(spring-sec): add PasswordEncorder decorator to speed-up password validation on REST API's

author: Thomas <> 2022-09-29 14:03:44 +0200
committer: Thomas <> 2022-09-29 14:03:44 +0200
commit: 28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1 (patch)
tree: e4952efa59a3e3ed1d971c93c28bb71302b9d3f8 /eaaf-springboot-utils/src/test/java/at/gv/egiz
parent: d33fcbca761e07ca87c004e45565bf97268d496e (diff)
download: EAAF-Components-28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1.tar.gz
EAAF-Components-28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1.tar.bz2
EAAF-Components-28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1.zip
1 files changed, 54 insertions, 0 deletions
diff --git a/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/CachingPasswordEncoderTest.java b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/CachingPasswordEncoderTest.java
new file mode 100644
index 00000000..bae19cac
--- /dev/null
+++ b/eaaf-springboot-utils/src/test/java/at/gv/egiz/eaaf/utils/springboot/test/utils/CachingPasswordEncoderTest.java
@@ -0,0 +1,54 @@
+package at.gv.egiz.eaaf.utils.springboot.test.utils;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import at.gv.egiz.eaaf.utils.springboot.utils.CachingPasswordEncoder;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class CachingPasswordEncoderTest {
+
+  PasswordEncoder orgEncoder = new BCryptPasswordEncoder();
+  PasswordEncoder testEncoder = new CachingPasswordEncoder(orgEncoder);
+  
+  @Test
+  public void upgradeEncoding() {    
+    String enc = new BCryptPasswordEncoder().encode(RandomStringUtils.randomAlphabetic(5));
+            
+    assertEquals("upgradeEncoding",
+        orgEncoder.upgradeEncoding(enc),
+        testEncoder.upgradeEncoding(enc));
+    
+  }
+  
+  @Test
+  public void encodePassword() {    
+    String plain = RandomStringUtils.randomAlphabetic(5);    
+    assertNotNull("password encoded", testEncoder.encode(plain));
+    
+  }
+  
+  @Test
+  public void matchPassword() {        
+    String plain = RandomStringUtils.randomAlphabetic(5);
+    String encoded = testEncoder.encode(plain);
+    
+    assertTrue("valid password", testEncoder.matches(plain, encoded));
+    assertTrue("valid password again", testEncoder.matches(plain, encoded));        
+            
+    assertFalse("password in cache, but changed on server", 
+        testEncoder.matches(plain, RandomStringUtils.randomAlphabetic(10)));
+    assertFalse("wrong password send", testEncoder.matches(RandomStringUtils.randomAlphabetic(5), encoded));
+    
+  }
+  
+}
author	Thomas <>	2022-09-29 14:03:44 +0200
committer	Thomas <>	2022-09-29 14:03:44 +0200
commit	28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1 (patch)
tree	e4952efa59a3e3ed1d971c93c28bb71302b9d3f8 /eaaf-springboot-utils/src/test/java/at/gv/egiz
parent	d33fcbca761e07ca87c004e45565bf97268d496e (diff)
download	EAAF-Components-28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1.tar.gz EAAF-Components-28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1.tar.bz2 EAAF-Components-28f4e988d7e7f7d2aea76d4d4667d9f7106bf5b1.zip