password_hash_spec.rb 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. require 'rails_helper'
  2. RSpec.describe PasswordHash do
  3. let(:pw_plain) { 'zammad' }
  4. context 'stable API' do
  5. it 'responds to crypt' do
  6. expect(described_class).to respond_to(:crypt)
  7. end
  8. it 'responds to verified?' do
  9. expect(described_class).to respond_to(:verified?)
  10. end
  11. it 'responds to crypted?' do
  12. expect(described_class).to respond_to(:crypted?)
  13. end
  14. it 'responds to legacy?' do
  15. expect(described_class).to respond_to(:legacy?)
  16. end
  17. it 'responds to sha2' do
  18. expect(described_class).to respond_to(:sha2)
  19. end
  20. it 'responds to hashed_sha2?' do
  21. expect(described_class).to respond_to(:hashed_sha2?)
  22. end
  23. it 'responds to hashed_argon2?' do
  24. expect(described_class).to respond_to(:hashed_argon2?)
  25. end
  26. end
  27. context 'encryption' do
  28. it 'crypts passwords' do
  29. pw_crypted = described_class.crypt(pw_plain)
  30. expect(pw_crypted).not_to eq(pw_plain)
  31. end
  32. it 'verifies crypted passwords' do
  33. pw_crypted = described_class.crypt(pw_plain)
  34. expect(described_class.verified?(pw_crypted, pw_plain)).to be true
  35. end
  36. it 'detects crypted passwords' do
  37. pw_crypted = described_class.crypt(pw_plain)
  38. expect(described_class.crypted?(pw_crypted)).to be true
  39. end
  40. end
  41. context 'legacy' do
  42. let(:zammad_sha2) { '{sha2}dd9c764fa7ea18cd992c8600006d3dc3ac983d1ba22e9ba2d71f6207456be0ba' }
  43. it 'requires hash to be not blank' do
  44. expect(described_class.legacy?(nil, pw_plain)).to be_falsy
  45. expect(described_class.legacy?('', pw_plain)).to be_falsy
  46. end
  47. it 'requires password to be not nil' do
  48. expect(described_class.legacy?(zammad_sha2, nil)).to be_falsy
  49. end
  50. it 'detects sha2 hashes' do
  51. expect(described_class.legacy?(zammad_sha2, pw_plain)).to be true
  52. end
  53. it 'detects crypted passwords' do
  54. expect(described_class.crypted?(zammad_sha2)).to be true
  55. end
  56. describe '::sha2' do
  57. it 'creates sha2 hashes' do
  58. hashed = described_class.sha2(pw_plain)
  59. expect(hashed).to eq zammad_sha2
  60. end
  61. end
  62. describe '::hashed_sha2?' do
  63. it 'detects sha2 hashes' do
  64. expect(described_class.hashed_sha2?(zammad_sha2)).to be true
  65. end
  66. end
  67. end
  68. end