private ParticipantId authenticate(String token) { HttpSession session = provider.sessionManager.getSessionFromToken(token); return provider.sessionManager.getLoggedInUser(session); }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }
public void testGetLoginUrlEncodesQueryParameters() { String url = "/abc123?nested=query&string"; String encoded_url = "/abc123?nested%3Dquery%26string"; assertEquals( SessionManager.SIGN_IN_URL + "?r=" + encoded_url, sessionManager.getLoginUrl(url)); }
public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
public void testNullSessionReturnsNull() { assertNull(sessionManager.getLoggedInUser((HttpSession) null)); assertNull(sessionManager.getLoggedInAccount((HttpSession) null)); }
@Override protected void tearDown() throws Exception { AccountStoreHolder.resetForTesting(); }
public void testEditingExposedBytesDoesntChangeInternalState() { PasswordDigest pwd1 = new PasswordDigest("webernets".toCharArray()); byte[] digest = pwd1.getDigest(); byte[] salt = pwd1.getSalt(); PasswordDigest pwd2 = PasswordDigest.from(salt, digest); // We'll mess with the digest and salt we got back and make sure both // passwords still verify normally. digest[digest.length / 2]++; salt[salt.length / 2]--; assertTrue(pwd1.verify("webernets".toCharArray())); assertTrue(pwd2.verify("webernets".toCharArray())); }
public void testEmptyPasswordVerifiesCorrectly() { PasswordDigest pwd = new PasswordDigest(new char[0]); assertTrue(pwd.verify(new char[0])); assertFalse(pwd.verify(new char[1])); } }
public void testGetLoginUrlWithSimpleRedirect() { assertEquals(SessionManager.SIGN_IN_URL + "?r=/some/other/url", sessionManager.getLoginUrl("/some/other/url")); }
public void testNullSessionReturnsNull() { assertNull(sessionManager.getLoggedInUser(null)); assertNull(sessionManager.getLoggedInAccount(null)); }
@Override protected void tearDown() { AccountStoreHolder.resetForTesting(); }
public void testSerializeDeserialize() { PasswordDigest pwd = new PasswordDigest("tubes".toCharArray()); byte[] digest = pwd.getDigest(); byte[] salt = pwd.getSalt(); PasswordDigest roundtripped = PasswordDigest.from(salt, digest); assertTrue(pwd.verify("tubes".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testReallyLongPasswordWorksRight() { char[] reallyLongPassword = new char[1024]; for (int i = 0; i < reallyLongPassword.length; i++) { // We'll make a password filled with junk. reallyLongPassword[i] = (char) i; } PasswordDigest pwd = new PasswordDigest(reallyLongPassword); assertTrue(pwd.verify(reallyLongPassword)); // Make a new password that misses the last character. It shouldn't work. char[] shorterPassword = Arrays.copyOf(reallyLongPassword, 1023); assertFalse(pwd.verify(shorterPassword)); }
public void testGetLoginUrlEncodesQueryParameters() { String url = "/abc123?nested=query&string"; String encoded_url = "/abc123?nested%3Dquery%26string"; assertEquals( SessionManager.SIGN_IN_URL + "?r=" + encoded_url, sessionManager.getLoginUrl(url)); }
public void testReallyLongPasswordWorksRight() { char[] reallyLongPassword = new char[1024]; for (int i = 0; i < reallyLongPassword.length; i++) { // We'll make a password filled with junk. reallyLongPassword[i] = (char) i; } PasswordDigest pwd = new PasswordDigest(reallyLongPassword); assertTrue(pwd.verify(reallyLongPassword)); // Make a new password that misses the last character. It shouldn't work. char[] shorterPassword = Arrays.copyOf(reallyLongPassword, 1023); assertFalse(pwd.verify(shorterPassword)); }
public void testGetLoginUrlWithNoArgument() { assertEquals(SessionManager.SIGN_IN_URL, sessionManager.getLoginUrl(null)); }
public void testPasswordValidatesItself() { PasswordDigest pwd = new PasswordDigest("internet".toCharArray()); assertTrue(pwd.verify("internet".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testGetLoginUrlWithSimpleRedirect() { assertEquals(SessionManager.SIGN_IN_URL + "?r=/some/other/url", sessionManager.getLoginUrl("/some/other/url")); }
public void testPasswordValidatesItself() { PasswordDigest pwd = new PasswordDigest("internet".toCharArray()); assertTrue(pwd.verify("internet".toCharArray())); assertFalse(pwd.verify("wrongpwd".toCharArray())); }
public void testGetLoginUrlWithNoArgument() { assertEquals(SessionManager.SIGN_IN_URL, sessionManager.getLoginUrl(null)); }