2021-09-21 11:21:04 +02:00
|
|
|
package hibp
|
|
|
|
|
|
|
|
import (
|
2022-05-08 12:02:58 +02:00
|
|
|
"fmt"
|
2021-09-21 11:21:04 +02:00
|
|
|
"testing"
|
|
|
|
)
|
|
|
|
|
|
|
|
// TestPwnedPasswordString verifies the Pwned Passwords API with the CheckPassword method
|
|
|
|
func TestPwnedPasswordString(t *testing.T) {
|
|
|
|
testTable := []struct {
|
|
|
|
testName string
|
|
|
|
pwString string
|
|
|
|
isLeaked bool
|
|
|
|
}{
|
|
|
|
{"weak password 'test123' is expected to be leaked", "test123", true},
|
|
|
|
{"strong, unknown password is expected to be not leaked",
|
|
|
|
"F/0Ws#.%{Z/NVax=OU8Ajf1qTRLNS12p/?s/adX", false},
|
|
|
|
}
|
|
|
|
hc := New()
|
|
|
|
for _, tc := range testTable {
|
|
|
|
t.Run(tc.testName, func(t *testing.T) {
|
2021-09-21 18:21:23 +02:00
|
|
|
m, _, err := hc.PwnedPassApi.CheckPassword(tc.pwString)
|
2021-09-21 11:21:04 +02:00
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
if m == nil && tc.isLeaked {
|
|
|
|
t.Errorf("password is expected to be leaked but 0 leaks were returned in Pwned Passwords DB")
|
|
|
|
}
|
|
|
|
if m != nil && m.Count > 0 && !tc.isLeaked {
|
|
|
|
t.Errorf("password is not expected to be leaked but %d leaks were found in Pwned Passwords DB",
|
|
|
|
m.Count)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// TestPwnedPasswordHash verifies the Pwned Passwords API with the CheckSHA1 method
|
|
|
|
func TestPwnedPasswordHash(t *testing.T) {
|
|
|
|
testTable := []struct {
|
2022-05-08 12:44:20 +02:00
|
|
|
testName string
|
|
|
|
pwHash string
|
|
|
|
isLeaked bool
|
|
|
|
shouldFail bool
|
2021-09-21 11:21:04 +02:00
|
|
|
}{
|
|
|
|
{"weak password 'test123' is expected to be leaked",
|
2022-05-08 12:44:20 +02:00
|
|
|
"7288edd0fc3ffcbe93a0cf06e3568e28521687bc", true, false},
|
2021-09-21 11:21:04 +02:00
|
|
|
{"strong, unknown password is expected to be not leaked",
|
2022-05-08 12:44:20 +02:00
|
|
|
"90efc095c82eab44e882fda507cfab1a2cd31fc0", false, false},
|
|
|
|
{"empty string should fail",
|
|
|
|
"", false, true},
|
2021-09-21 11:21:04 +02:00
|
|
|
}
|
|
|
|
hc := New()
|
|
|
|
for _, tc := range testTable {
|
|
|
|
t.Run(tc.testName, func(t *testing.T) {
|
2021-09-21 18:21:23 +02:00
|
|
|
m, _, err := hc.PwnedPassApi.CheckSHA1(tc.pwHash)
|
2022-05-08 12:44:20 +02:00
|
|
|
if err != nil && !tc.shouldFail {
|
2021-09-21 11:21:04 +02:00
|
|
|
t.Error(err)
|
2021-09-21 19:46:48 +02:00
|
|
|
return
|
2021-09-21 11:21:04 +02:00
|
|
|
}
|
|
|
|
if m == nil && tc.isLeaked {
|
|
|
|
t.Errorf("password is expected to be leaked but 0 leaks were returned in Pwned Passwords DB")
|
|
|
|
}
|
|
|
|
if m != nil && m.Count > 0 && !tc.isLeaked {
|
|
|
|
t.Errorf("password is not expected to be leaked but %d leaks were found in Pwned Passwords DB",
|
|
|
|
m.Count)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2022-05-08 12:02:58 +02:00
|
|
|
|
2022-05-08 12:44:20 +02:00
|
|
|
// TestPwnedPassApi_apiCall tests the non-public apiCall method (especially for failures that are not
|
|
|
|
// tested by the other tests already)
|
|
|
|
func TestPwnedPassApi_apiCall(t *testing.T) {
|
|
|
|
hc := New()
|
|
|
|
|
|
|
|
// Should return a 404
|
|
|
|
_, _, err := hc.PwnedPassApi.apiCall("ZZZZZZZZZZZZZZ")
|
|
|
|
if err == nil {
|
|
|
|
t.Errorf("apiCall was supposed to fail, but didn't")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Non allowed characters
|
|
|
|
_, _, err = hc.PwnedPassApi.apiCall(string([]byte{0}))
|
|
|
|
if err == nil {
|
|
|
|
t.Errorf("apiCall was supposed to fail, but didn't")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-05-08 12:02:58 +02:00
|
|
|
// ExamplePwnedPassApi_CheckPassword is a code example to show how to check a given password
|
|
|
|
// against the HIBP passwords API
|
|
|
|
func ExamplePwnedPassApi_CheckPassword() {
|
|
|
|
hc := New()
|
|
|
|
m, _, err := hc.PwnedPassApi.CheckPassword("test")
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
if m != nil && m.Count != 0 {
|
|
|
|
fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n",
|
|
|
|
m.Hash, m.Count)
|
|
|
|
// Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86453 times in the pwned passwords DB
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ExamplePwnedPassApi_CheckPassword_withPadding is a code example to show how to check a given password
|
|
|
|
// against the HIBP passwords API with the WithPadding() option set
|
|
|
|
func ExamplePwnedPassApi_CheckPassword_withPadding() {
|
|
|
|
hc := New(WithPwnedPadding())
|
|
|
|
m, _, err := hc.PwnedPassApi.CheckPassword("test")
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
if m != nil && m.Count != 0 {
|
|
|
|
fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n",
|
|
|
|
m.Hash, m.Count)
|
|
|
|
// Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86453 times in the pwned passwords DB
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ExamplePwnedPassApi_CheckSHA1 is a code example to show how to check a given password SHA1 hash
|
|
|
|
// against the HIBP passwords API using the CheckSHA1() method
|
|
|
|
func ExamplePwnedPassApi_CheckSHA1() {
|
|
|
|
hc := New()
|
|
|
|
pwHash := "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" // represents the PW: "test"
|
|
|
|
m, _, err := hc.PwnedPassApi.CheckSHA1(pwHash)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
if m != nil && m.Count != 0 {
|
|
|
|
fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n",
|
|
|
|
m.Hash, m.Count)
|
|
|
|
// Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86453 times in the pwned passwords DB
|
|
|
|
}
|
|
|
|
}
|