From 96f918e0bc860e6d1fa978ceb657379da1d546e3 Mon Sep 17 00:00:00 2001
From: flippi321 <90700334+flippi321@users.noreply.github.com>
Date: Tue, 8 Mar 2022 10:12:49 +0100
Subject: [PATCH] Fixed Password Tests
---
src/main/java/dao/UserDAO.java | 5 +--
src/main/java/resources/UserResource.java | 3 +-
src/test/java/UserDAOTest.java | 49 +++++++++++++++++++----
src/test/java/UserResourceTest.java | 4 +-
4 files changed, 49 insertions(+), 12 deletions(-)
diff --git a/src/main/java/dao/UserDAO.java b/src/main/java/dao/UserDAO.java
index 42f0b37..2d9134a 100644
--- a/src/main/java/dao/UserDAO.java
+++ b/src/main/java/dao/UserDAO.java
@@ -1,7 +1,6 @@
package dao;
import data.User;
-import sun.security.provider.SHA;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
@@ -124,7 +123,7 @@ public class UserDAO {
* @param user User object
* @return new User or already registered user
*/
- public User addUser(User user) {
+ public User addUser(User user) throws NoSuchAlgorithmException {
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
@@ -218,7 +217,7 @@ public class UserDAO {
* @param password password as String, if null it should not be updated
* @return true if success on new username, false if not
*/
- public boolean editUser (int userId, String username, String password) {
+ public boolean editUser (int userId, String username, String password) throws NoSuchAlgorithmException {
Connection connection = null;
PreparedStatement preparedStatement = null;
boolean updatePassword = false;
diff --git a/src/main/java/resources/UserResource.java b/src/main/java/resources/UserResource.java
index e406fae..e6601de 100644
--- a/src/main/java/resources/UserResource.java
+++ b/src/main/java/resources/UserResource.java
@@ -5,6 +5,7 @@ import data.User;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
+import java.security.NoSuchAlgorithmException;
import java.time.LocalDateTime;
import java.util.Date;
import java.util.List;
@@ -35,7 +36,7 @@ public class UserResource {
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
- public User newUser(User user){
+ public User newUser(User user) throws NoSuchAlgorithmException {
UserDAO userDAO = new UserDAO();
return userDAO.addUser(user);
}
diff --git a/src/test/java/UserDAOTest.java b/src/test/java/UserDAOTest.java
index 6cdadd1..a540ca1 100644
--- a/src/test/java/UserDAOTest.java
+++ b/src/test/java/UserDAOTest.java
@@ -9,6 +9,7 @@ import org.junit.Before;
import org.junit.Test;
import javax.ws.rs.core.Application;
+import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
@@ -170,7 +171,7 @@ public class UserDAOTest extends JerseyTest {
}
@Test
- public void testUpdateUser () {
+ public void testUpdateUser () throws NoSuchAlgorithmException {
assertTrue(userDAO.editUser(1,"newuser",null));
List<User> userlist = userDAO.getUsers();
assertEquals(userlist.get(0).getUsername(),"newuser");
@@ -178,7 +179,7 @@ public class UserDAOTest extends JerseyTest {
@Test
- public void testAddUser () {
+ public void testAddUser () throws NoSuchAlgorithmException {
List<User> beforeNewUser = userDAO.getUsers();
User user = new User(3,"username3", "password",userDAO.generateSalt());
userDAO.addUser(user);
@@ -196,10 +197,44 @@ public class UserDAOTest extends JerseyTest {
}
@Test
- public void generateSalt () {
- List<User> userlist = userDAO.getUsers();
- assertEquals(userlist.get(0).getUserId(),1);
- assertEquals(userlist.get(0).getUsername(),"username1");
- assertEquals(2,userDAO.getUsers().size());
+ public void generatesUniqueSalt () {
+ UserDAO user= new UserDAO();
+ assertNotEquals(user.generateSalt(),user.generateSalt());
+ }
+
+ @Test
+ public void sameSaltAndPassword () throws NoSuchAlgorithmException {
+ UserDAO user = new UserDAO();
+ String password = "Password123";
+ byte[] salt = user.generateSalt();
+ assertEquals(user.hashPassword(password,salt),user.hashPassword(password,salt));
+ }
+
+ @Test
+ public void sameSaltDifferentPassword () throws NoSuchAlgorithmException {
+ UserDAO user = new UserDAO();
+ String password1 = "Password123";
+ String password2 = "ShrekIsLove";
+ byte[] salt = user.generateSalt();
+ assertNotEquals(user.hashPassword(password1,salt),user.hashPassword(password2,salt));
+ }
+
+ @Test
+ public void differentSaltSamePassword () throws NoSuchAlgorithmException {
+ UserDAO user = new UserDAO();
+ String password = "Password123";
+ byte[] salt1 = user.generateSalt();
+ byte[] salt2 = user.generateSalt();
+ assertNotEquals(user.hashPassword(password,salt1),user.hashPassword(password,salt2));
+ }
+
+ @Test
+ public void differentSaltAndPassword () throws NoSuchAlgorithmException {
+ UserDAO user = new UserDAO();
+ String password1 = "Password123";
+ String password2 = "ShrekIsLove";
+ byte[] salt1 = user.generateSalt();
+ byte[] salt2 = user.generateSalt();
+ assertNotEquals(user.hashPassword(password1,salt1),user.hashPassword(password2,salt2));
}
}
\ No newline at end of file
diff --git a/src/test/java/UserResourceTest.java b/src/test/java/UserResourceTest.java
index 2846b35..8f95cb6 100644
--- a/src/test/java/UserResourceTest.java
+++ b/src/test/java/UserResourceTest.java
@@ -11,6 +11,8 @@ import javax.ws.rs.core.Application;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
+import java.security.NoSuchAlgorithmException;
+
import static org.junit.Assert.*;
public class UserResourceTest extends JerseyTest {
@@ -27,7 +29,7 @@ public class UserResourceTest extends JerseyTest {
}
@Test
- public void testNewUser(){
+ public void testNewUser() throws NoSuchAlgorithmException {
Response output = target("/user").request().post(Entity.entity(user, MediaType.APPLICATION_JSON));
assertEquals("Should return status 200",200,output.getStatus());
assertEquals("application/json",output.getHeaderString("Content-type"));
--
GitLab