7aeb400fce
* Run code cleanup * Dotnet format benchmarks project * Fix up Test.Common * Run dotnet format + manual cleanup * Run code cleanup for unit tests * Run dotnet format * Fix up errors * Manual cleanup of Unit test project * Update tests/Umbraco.Tests.Benchmarks/HexStringBenchmarks.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Integration/Testing/TestDbMeta.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Benchmarks/TypeFinderBenchmarks.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Integration/Testing/UmbracoIntegrationTest.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Update tests/Umbraco.Tests.Integration/Umbraco.Core/Events/EventAggregatorTests.cs Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> * Fix according to review * Fix after merge * Fix errors Co-authored-by: Nikolaj Geisle <niko737@edu.ucl.dk> Co-authored-by: Mole <nikolajlauridsen@protonmail.ch> Co-authored-by: Zeegaan <nge@umbraco.dk>
113 lines
4.6 KiB
C#
113 lines
4.6 KiB
C#
using Microsoft.AspNetCore.Identity;
|
|
using Microsoft.Extensions.Logging;
|
|
using Microsoft.Extensions.Logging.Abstractions;
|
|
using Microsoft.Extensions.Options;
|
|
using NUnit.Framework;
|
|
using Umbraco.Cms.Core.Configuration.Models;
|
|
using Umbraco.Cms.Core.Security;
|
|
using Umbraco.Cms.Infrastructure.Serialization;
|
|
|
|
namespace Umbraco.Cms.Tests.Integration.Umbraco.Infrastructure.Security;
|
|
|
|
[TestFixture]
|
|
public class MemberPasswordHasherTests
|
|
{
|
|
[Test]
|
|
[TestCase(
|
|
"Password123!",
|
|
"AQAAAAEAACcQAAAAEGF/tTVoL6ef3bQPZFYfbgKFu1CDQIAMgyY1N4EDt9jqdG/hsOX93X1U6LNvlIQ3mw==",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.Success,
|
|
Description = "AspNetCoreIdentityPasswordHash: Correct password")]
|
|
[TestCase(
|
|
"wrongPassword",
|
|
"AQAAAAEAACcQAAAAEGF/tTVoL6ef3bQPZFYfbgKFu1CDQIAMgyY1N4EDt9jqdG/hsOX93X1U6LNvlIQ3mw==",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "AspNetCoreIdentityPasswordHash: Wrong password")]
|
|
[TestCase(
|
|
"Password123!",
|
|
"yDiU2YyuYZU4jz6F0fpErQ==BxNRHkXBVyJs9gwWF6ktWdfDwYf5bwm+rvV7tOcNNx8=",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.SuccessRehashNeeded,
|
|
Description = "GivenALegacyPasswordHash: Correct password")]
|
|
[TestCase(
|
|
"wrongPassword",
|
|
"yDiU2YyuYZU4jz6F0fpErQ==BxNRHkXBVyJs9gwWF6ktWdfDwYf5bwm+rvV7tOcNNx8=",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "GivenALegacyPasswordHash: Wrong password")]
|
|
[TestCase(
|
|
"Password123!",
|
|
"AJszAsQqxOYbASKfL3JVUu6cjU18ouizXDfX4j7wLlir8SWj2yQaTepE9e5bIohIsQ==",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.SuccessRehashNeeded,
|
|
Description = "GivenALegacyPasswordHash: Correct password")]
|
|
[TestCase(
|
|
"wrongPassword",
|
|
"AJszAsQqxOYbASKfL3JVUu6cjU18ouizXDfX4j7wLlir8SWj2yQaTepE9e5bIohIsQ==",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "GivenALegacyPasswordHash: Wrong password")]
|
|
[TestCase(
|
|
"1234567890",
|
|
"1234567890",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "ClearText: Correct password, but not supported")]
|
|
[TestCase(
|
|
"wrongPassword",
|
|
"1234567890",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "ClearText: Wrong password")]
|
|
[TestCase(
|
|
"1234567890",
|
|
"XyFRG4/xJ5JGQJYqqIFK70BjHdM=",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.SuccessRehashNeeded,
|
|
Description = "Hashed: Correct password")]
|
|
[TestCase(
|
|
"wrongPassword",
|
|
"XyFRG4/xJ5JGQJYqqIFK70BjHdM=",
|
|
null,
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "Hashed: Wrong password")]
|
|
[TestCase(
|
|
"1234567890",
|
|
"K2JPOhoqNoysfnnD67QsWDSliHrjoSTRTvv9yiaKf30=",
|
|
"1D43BFA074DF6DCEF6E44A7F5B5F56CDDD60BE198FBBB0222C96A5BD696F3CAA",
|
|
ExpectedResult = PasswordVerificationResult.SuccessRehashNeeded,
|
|
Description = "Encrypted: Correct password and correct decryptionKey")]
|
|
[TestCase(
|
|
"wrongPassword",
|
|
"K2JPOhoqNoysfnnD67QsWDSliHrjoSTRTvv9yiaKf30=",
|
|
"1D43BFA074DF6DCEF6E44A7F5B5F56CDDD60BE198FBBB0222C96A5BD696F3CAA",
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "Encrypted: Wrong password but correct decryptionKey")]
|
|
[TestCase(
|
|
"1234567890",
|
|
"qiuwRr4K7brpTcIzLFfR3iGG9zj4/z4ewHCVZmYUDKM=",
|
|
"B491B602E0CE1D52450A8089FD2013B340743A7EFCC12B039BD11977A083ACA1",
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "Encrypted: Correct password but wrong decryptionKey")]
|
|
[TestCase(
|
|
"1234567890",
|
|
"qiuwRr4K7brpTcIzLFfR3iGG9zj4/z4ewHCVZmYUDKM=",
|
|
"InvalidDecryptionKey",
|
|
ExpectedResult = PasswordVerificationResult.Failed,
|
|
Description = "Encrypted: Invalid decryptionKey")]
|
|
public PasswordVerificationResult VerifyHashedPassword(string password, string encryptedPassword, string decryptionKey)
|
|
{
|
|
var member = new MemberIdentityUser { PasswordConfig = null };
|
|
|
|
var sut = new MemberPasswordHasher(
|
|
new LegacyPasswordSecurity(),
|
|
new JsonNetSerializer(),
|
|
Options.Create(new LegacyPasswordMigrationSettings { MachineKeyDecryptionKey = decryptionKey }),
|
|
NullLoggerFactory.Instance.CreateLogger<MemberPasswordHasher>());
|
|
|
|
return sut.VerifyHashedPassword(member, encryptedPassword, password);
|
|
}
|
|
}
|