mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-07 12:07:40 +00:00
2089992d75
* feat(crypto): use passwap for machine and app secrets * fix command package tests * add hash generator command test * naming convention, fix query tests * rename PasswordHasher and cleanup start commands * add reducer tests * fix intergration tests, cleanup old config * add app secret unit tests * solve setup panics * fix push of updated events * add missing event translations * update documentation * solve linter errors * remove nolint:SA1019 as it doesn't seem to help anyway * add nolint to deprecated filter usage * update users migration version * remove unused ClientSecret from APIConfigChangedEvent --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
210 lines
4.4 KiB
Go
210 lines
4.4 KiB
Go
package crypto
|
|
|
|
import (
|
|
"testing"
|
|
"time"
|
|
|
|
"go.uber.org/mock/gomock"
|
|
)
|
|
|
|
func TestIsCodeExpired(t *testing.T) {
|
|
type args struct {
|
|
creationDate time.Time
|
|
expiry time.Duration
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
want bool
|
|
}{
|
|
{
|
|
"not expired",
|
|
args{
|
|
creationDate: time.Now(),
|
|
expiry: time.Duration(5 * time.Minute),
|
|
},
|
|
false,
|
|
},
|
|
{
|
|
"never expires",
|
|
args{
|
|
creationDate: time.Now().Add(-5 * time.Minute),
|
|
expiry: 0,
|
|
},
|
|
false,
|
|
},
|
|
{
|
|
"expired",
|
|
args{
|
|
creationDate: time.Now().Add(-5 * time.Minute),
|
|
expiry: time.Duration(5 * time.Minute),
|
|
},
|
|
true,
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if got := IsCodeExpired(tt.args.creationDate, tt.args.expiry); got != tt.want {
|
|
t.Errorf("IsCodeExpired() = %v, want %v", got, tt.want)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestVerifyCode(t *testing.T) {
|
|
type args struct {
|
|
creationDate time.Time
|
|
expiry time.Duration
|
|
cryptoCode *CryptoValue
|
|
verificationCode string
|
|
g Generator
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
wantErr bool
|
|
}{
|
|
{
|
|
"expired",
|
|
args{
|
|
creationDate: time.Now().Add(-5 * time.Minute),
|
|
expiry: 5 * time.Minute,
|
|
cryptoCode: nil,
|
|
verificationCode: "",
|
|
g: createMockGenerator(t, createMockCrypto(t)),
|
|
},
|
|
true,
|
|
},
|
|
{
|
|
"unsupported alg err",
|
|
args{
|
|
creationDate: time.Now(),
|
|
expiry: 5 * time.Minute,
|
|
cryptoCode: nil,
|
|
verificationCode: "code",
|
|
g: createMockGenerator(t, createMockCrypto(t)),
|
|
},
|
|
true,
|
|
},
|
|
{
|
|
"encryption alg ok",
|
|
args{
|
|
creationDate: time.Now(),
|
|
expiry: 5 * time.Minute,
|
|
cryptoCode: &CryptoValue{
|
|
CryptoType: TypeEncryption,
|
|
Algorithm: "enc",
|
|
KeyID: "id",
|
|
Crypted: []byte("code"),
|
|
},
|
|
verificationCode: "code",
|
|
g: createMockGenerator(t, CreateMockEncryptionAlg(gomock.NewController(t))),
|
|
},
|
|
false,
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if err := VerifyCode(tt.args.creationDate, tt.args.expiry, tt.args.cryptoCode, tt.args.verificationCode, tt.args.g.Alg()); (err != nil) != tt.wantErr {
|
|
t.Errorf("VerifyCode() error = %v, wantErr %v", err, tt.wantErr)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func Test_verifyEncryptedCode(t *testing.T) {
|
|
type args struct {
|
|
cryptoCode *CryptoValue
|
|
verificationCode string
|
|
alg EncryptionAlgorithm
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
wantErr bool
|
|
}{
|
|
{
|
|
"nil error",
|
|
args{
|
|
cryptoCode: nil,
|
|
verificationCode: "",
|
|
alg: CreateMockEncryptionAlg(gomock.NewController(t)),
|
|
},
|
|
true,
|
|
},
|
|
{
|
|
"wrong cryptotype error",
|
|
args{
|
|
cryptoCode: &CryptoValue{
|
|
CryptoType: TypeHash,
|
|
Crypted: nil,
|
|
},
|
|
verificationCode: "",
|
|
alg: CreateMockEncryptionAlg(gomock.NewController(t)),
|
|
},
|
|
true,
|
|
},
|
|
{
|
|
"wrong algorithm error",
|
|
args{
|
|
cryptoCode: &CryptoValue{
|
|
CryptoType: TypeEncryption,
|
|
Algorithm: "enc2",
|
|
Crypted: nil,
|
|
},
|
|
verificationCode: "",
|
|
alg: CreateMockEncryptionAlg(gomock.NewController(t)),
|
|
},
|
|
true,
|
|
},
|
|
{
|
|
"wrong key id error",
|
|
args{
|
|
cryptoCode: &CryptoValue{
|
|
CryptoType: TypeEncryption,
|
|
Algorithm: "enc",
|
|
Crypted: nil,
|
|
},
|
|
verificationCode: "wrong",
|
|
alg: CreateMockEncryptionAlg(gomock.NewController(t)),
|
|
},
|
|
true,
|
|
},
|
|
{
|
|
"wrong verification code error",
|
|
args{
|
|
cryptoCode: &CryptoValue{
|
|
CryptoType: TypeEncryption,
|
|
Algorithm: "enc",
|
|
KeyID: "id",
|
|
Crypted: []byte("code"),
|
|
},
|
|
verificationCode: "wrong",
|
|
alg: CreateMockEncryptionAlg(gomock.NewController(t)),
|
|
},
|
|
true,
|
|
},
|
|
{
|
|
"verification code ok",
|
|
args{
|
|
cryptoCode: &CryptoValue{
|
|
CryptoType: TypeEncryption,
|
|
Algorithm: "enc",
|
|
KeyID: "id",
|
|
Crypted: []byte("code"),
|
|
},
|
|
verificationCode: "code",
|
|
alg: CreateMockEncryptionAlg(gomock.NewController(t)),
|
|
},
|
|
false,
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if err := verifyEncryptedCode(tt.args.cryptoCode, tt.args.verificationCode, tt.args.alg); (err != nil) != tt.wantErr {
|
|
t.Errorf("verifyEncryptedCode() error = %v, wantErr %v", err, tt.wantErr)
|
|
}
|
|
})
|
|
}
|
|
}
|