Adapt unit tests to PBKDF2_SHA256 password scheme support.

author Mathieu Baudier <mbaudier@argeo.org>

Wed, 24 Jun 2020 07:13:50 +0000 (09:13 +0200)

committer Mathieu Baudier <mbaudier@argeo.org>

Wed, 24 Jun 2020 07:13:50 +0000 (09:13 +0200)
author Mathieu Baudier <mbaudier@argeo.org>
Wed, 24 Jun 2020 07:13:50 +0000 (09:13 +0200)
committer Mathieu Baudier <mbaudier@argeo.org>
Wed, 24 Jun 2020 07:13:50 +0000 (09:13 +0200)
diff --git a/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/LdifUserAdminTest.java b/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/LdifUserAdminTest.java

index 1d6b0f3a5d80bcfef29b0af53b3e01fcd7066c1d..126125b8500f7a3c8c8b46a2e8ff783c42a196ac 100644 (file)
--- a/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/LdifUserAdminTest.java
+++ b/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/LdifUserAdminTest.java
@@ -5,13 +5,13 @@ import java.io.ByteArrayOutputStream;
  import java.io.IOException;
  import java.io.InputStream;
  import java.net.URI;
+import java.nio.charset.StandardCharsets;
  import java.nio.file.FileVisitResult;
  import java.nio.file.Files;
  import java.nio.file.Path;
  import java.nio.file.SimpleFileVisitor;
  import java.nio.file.attribute.BasicFileAttributes;
  import java.util.Arrays;
-import java.util.Base64;
  import java.util.Dictionary;
  import java.util.Hashtable;
  import java.util.List;
@@ -31,7 +31,7 @@ import junit.framework.TestCase;
  public class LdifUserAdminTest extends TestCase implements BasicTestConstants {
         // We have to keep using JUnit because of
         // https://issues.apache.org/jira/browse/SUREFIRE-1669
-       
+
         final static int TM_SIMPLE = 0;
         final static int TM_BITRONIX = 1;
  
@@ -134,10 +134,10 @@ public class LdifUserAdminTest extends TestCase implements BasicTestConstants {
                 assert "root@localhost".equals(rootUser.getProperties().get("mail"));
  
                 // credentials
-               byte[] hashedPassword = ("{SHA}" + Base64.getEncoder().encodeToString(DigestUtils.sha1("demo".getBytes())))
-                               .getBytes();
-               assert rootUser.hasCredential(LdapAttrs.userPassword.name(), hashedPassword);
-               assert demoUser.hasCredential(LdapAttrs.userPassword.name(), hashedPassword);
+               // {SHA}
+               assert rootUser.hasCredential(LdapAttrs.userPassword.name(), "demo".getBytes(StandardCharsets.UTF_8));
+               // {PBKDF2_SHA256}
+               assert demoUser.hasCredential(LdapAttrs.userPassword.name(), "demo".getBytes(StandardCharsets.UTF_8));
  
                 // search
                 Role[] search = userAdmin.getRoles(null);
diff --git a/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/basic.ldif b/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/basic.ldif

index b7328b0b976079f31883b36a06d12927821b22c8..e5b561540b652a7882a61711cdc1e27c13e44a93 100644 (file)
--- a/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/basic.ldif
+++ b/org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/basic.ldif
@@ -25,7 +25,14 @@ givenName: Demo
  mail: demo@localhost
  sn: User
  uid: demo
-userPassword:: e1NIQX1pZVNWNTVRYytlUU9hWURSU2hhL0Fqek5USkU9
+userPassword:: e1BCS0RGMl9TSEEyNTZ9QUFBSUFOMEtpaTA5Z0h5SHA4Q1Y2bHZhbE5DOWJPcjZTVGVpSFU3UDB
+ 5UGVxVUVIdnR2c2pIVmVadW5YV3FNNG5MV090U1gvWS9Jc1FsdXdjR3lFclBJVTRBVWlRVytNb1
+ Y0TTYzaWlPNnlkcXRFZ2dzSGlNK1lPamFZZGl2YUMrRERqRkNBeEN5VFdsdEFYNXZKaWZMMlBwa
+ S93OXFkTWI4YjgyRFFJMUIxZG9IMEdPZ2ZISFQwT2luYm95QlNjUmhvaDN6WGVPd1ZabWlqNHlH
+ Y1JPazhta1lRVm5SQXlyR2pvSHVsSXIwR3ovMnlhR3VFdWJSL2NLOUtsYTQyWWo5RTNRdmJJbkE
+ 3Y0Rjc2xYTlJHTENMZVBhYTdsSWUxc3pUR2JGRVZ4aVQ2M2xQck9RcHNwamRubEFlSjkvWUx5Z3
+ VFTHIrZDJoNmN1SzNmdGFLbmpiRWxTRFJBMy9OanIwRVVzUHBxZDFibWIxbmxMRHR3Mlo5Y3h0Y
+ WljQTdSOHE3eXVhZzFQc0xac2dxdk9HR1hsZ1RVSk4rVitkWkVYdk1BSEgra0YvY1hhU05Q
  
  dn: uid=root,ou=users,dc=example,dc=com
  objectClass: inetOrgPerson
diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java

index f18c148f849c3a0e856396fdc4de098044d74a3f..b3e7f5955579bac5c53dc57c1b8453f0307fa01e 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java
@@ -118,12 +118,12 @@ class LdifUser implements DirectoryUser {
                                 int index = storedBase64.indexOf('}');
                                 if (index > 0) {
                                         passwordScheme = storedBase64.substring(1, index);
-                                       byte[] storedValueBytes = Base64.getDecoder().decode(storedBase64.substring(index + 1));
+                                       String storedValueBase64 = storedBase64.substring(index + 1);
+                                       byte[] storedValueBytes = Base64.getDecoder().decode(storedValueBase64);
                                         char[] passwordValue = DigestUtils.bytesToChars((byte[]) value);
                                         byte[] valueBytes;
                                         if (DigestUtils.PASSWORD_SCHEME_SHA.equals(passwordScheme)) {
-                                               valueBytes = DigestUtils.toPasswordScheme(passwordScheme, passwordValue, null, null,
-                                                               null);
+                                               valueBytes = DigestUtils.toPasswordScheme(passwordScheme, passwordValue, null, null, null);
                                         } else if (DigestUtils.PASSWORD_SCHEME_PBKDF2_SHA256.equals(passwordScheme)) {
                                                 // see https://www.thesubtlety.com/post/a-389-ds-pbkdf2-password-checker/
                                                 byte[] iterationsArr = Arrays.copyOfRange(storedValueBytes, 0, 4);
author	Mathieu Baudier <mbaudier@argeo.org>
	Wed, 24 Jun 2020 07:13:50 +0000 (09:13 +0200)
committer	Mathieu Baudier <mbaudier@argeo.org>
	Wed, 24 Jun 2020 07:13:50 +0000 (09:13 +0200)
org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/LdifUserAdminTest.java		patch \| blob \| history
org.argeo.enterprise/ext/test/org/argeo/osgi/useradmin/basic.ldif		patch \| blob \| history
org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java		patch \| blob \| history