Remove external API calls in `TestPassword` (#30716)

+2

go.mod

··· 57 57 github.com/google/uuid v1.6.0 58 58 github.com/gorilla/feeds v1.1.2 59 59 github.com/gorilla/sessions v1.2.2 60 + github.com/h2non/gock v1.2.0 60 61 github.com/hashicorp/go-version v1.6.0 61 62 github.com/hashicorp/golang-lru/v2 v2.0.7 62 63 github.com/huandu/xstrings v1.4.0 ··· 202 203 github.com/gorilla/handlers v1.5.2 // indirect 203 204 github.com/gorilla/mux v1.8.1 // indirect 204 205 github.com/gorilla/securecookie v1.1.2 // indirect 206 + github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 // indirect 205 207 github.com/hashicorp/go-cleanhttp v0.5.2 // indirect 206 208 github.com/hashicorp/go-retryablehttp v0.7.5 // indirect 207 209 github.com/hashicorp/hcl v1.0.0 // indirect

+6

go.sum

··· 477 477 github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= 478 478 github.com/gorilla/sessions v1.2.2 h1:lqzMYz6bOfvn2WriPUjNByzeXIlVzURcPmgMczkmTjY= 479 479 github.com/gorilla/sessions v1.2.2/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ= 480 + github.com/h2non/gock v1.2.0 h1:K6ol8rfrRkUOefooBC8elXoaNGYkpp7y2qcxGG6BzUE= 481 + github.com/h2non/gock v1.2.0/go.mod h1:tNhoxHYW2W42cYkYb1WqzdbYIieALC99kpYr7rH/BQk= 482 + github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw= 483 + github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI= 480 484 github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= 481 485 github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= 482 486 github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= ··· 641 645 github.com/mschoch/smat v0.2.0/go.mod h1:kc9mz7DoBKqDyiRL7VZN8KvXQMWeTaVnttLRXOlotKw= 642 646 github.com/msteinert/pam v1.2.0 h1:mYfjlvN2KYs2Pb9G6nb/1f/nPfAttT/Jee5Sq9r3bGE= 643 647 github.com/msteinert/pam v1.2.0/go.mod h1:d2n0DCUK8rGecChV3JzvmsDjOY4R7AYbsNxAT+ftQl0= 648 + github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32 h1:W6apQkHrMkS0Muv8G/TipAy/FJl/rCYT0+EuS8+Z0z4= 649 + github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uYLpLIr5fm8diHn0JbqRycJi6w0Ms= 644 650 github.com/niklasfasching/go-org v1.7.0 h1:vyMdcMWWTe/XmANk19F4k8XGBYg0GQ/gJGMimOjGMek= 645 651 github.com/niklasfasching/go-org v1.7.0/go.mod h1:WuVm4d45oePiE0eX25GqTDQIt/qPW1T9DGkRscqLW5o= 646 652 github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=

+23 -76

modules/auth/password/pwn/pwn_test.go

··· 4 4 package pwn 5 5 6 6 import ( 7 - "math/rand/v2" 8 7 "net/http" 9 - "strings" 10 8 "testing" 11 9 "time" 12 10 11 + "github.com/h2non/gock" 13 12 "github.com/stretchr/testify/assert" 14 13 ) 15 14 ··· 18 17 })) 19 18 20 19 func TestPassword(t *testing.T) { 21 - // Check input error 22 - _, err := client.CheckPassword("", false) 20 + defer gock.Off() 21 + 22 + count, err := client.CheckPassword("", false) 23 23 assert.ErrorIs(t, err, ErrEmptyPassword, "blank input should return ErrEmptyPassword") 24 + assert.Equal(t, -1, count) 24 25 25 - // Should fail 26 - fail := "password1234" 27 - count, err := client.CheckPassword(fail, false) 28 - assert.NotEmpty(t, count, "%s should fail as a password", fail) 26 + gock.New("https://api.pwnedpasswords.com").Get("/range/5c1d8").Times(1).Reply(200).BodyString("EAF2F254732680E8AC339B84F3266ECCBB5:1\r\nFC446EB88938834178CB9322C1EE273C2A7:2") 27 + count, err = client.CheckPassword("pwned", false) 29 28 assert.NoError(t, err) 29 + assert.Equal(t, 1, count) 30 30 31 - // Should fail (with padding) 32 - failPad := "administrator" 33 - count, err = client.CheckPassword(failPad, true) 34 - assert.NotEmpty(t, count, "%s should fail as a password", failPad) 31 + gock.New("https://api.pwnedpasswords.com").Get("/range/ba189").Times(1).Reply(200).BodyString("FD4CB34F0378BCB15D23F6FFD28F0775C9E:3\r\nFDF342FCD8C3611DAE4D76E8A992A3E4169:4") 32 + count, err = client.CheckPassword("notpwned", false) 35 33 assert.NoError(t, err) 34 + assert.Equal(t, 0, count) 36 35 37 - // Checking for a "good" password isn't going to be perfect, but we can give it a good try 38 - // with hopefully minimal error. Try five times? 39 - assert.Condition(t, func() bool { 40 - for i := 0; i <= 5; i++ { 41 - count, err = client.CheckPassword(testPassword(), false) 42 - assert.NoError(t, err) 43 - if count == 0 { 44 - return true 45 - } 46 - } 47 - return false 48 - }, "no generated passwords passed. there is a chance this is a fluke") 36 + gock.New("https://api.pwnedpasswords.com").Get("/range/a1733").Times(1).Reply(200).BodyString("C4CE0F1F0062B27B9E2F41AF0C08218017C:1\r\nFC446EB88938834178CB9322C1EE273C2A7:2\r\nFE81480327C992FE62065A827429DD1318B:0") 37 + count, err = client.CheckPassword("paddedpwned", true) 38 + assert.NoError(t, err) 39 + assert.Equal(t, 1, count) 49 40 50 - // Again, but with padded responses 51 - assert.Condition(t, func() bool { 52 - for i := 0; i <= 5; i++ { 53 - count, err = client.CheckPassword(testPassword(), true) 54 - assert.NoError(t, err) 55 - if count == 0 { 56 - return true 57 - } 58 - } 59 - return false 60 - }, "no generated passwords passed. there is a chance this is a fluke") 61 - } 41 + gock.New("https://api.pwnedpasswords.com").Get("/range/5617b").Times(1).Reply(200).BodyString("FD4CB34F0378BCB15D23F6FFD28F0775C9E:3\r\nFDF342FCD8C3611DAE4D76E8A992A3E4169:4\r\nFE81480327C992FE62065A827429DD1318B:0") 42 + count, err = client.CheckPassword("paddednotpwned", true) 43 + assert.NoError(t, err) 44 + assert.Equal(t, 0, count) 62 45 63 - // Credit to https://golangbyexample.com/generate-random-password-golang/ 64 - // DO NOT USE THIS FOR AN ACTUAL PASSWORD GENERATOR 65 - var ( 66 - lowerCharSet = "abcdedfghijklmnopqrst" 67 - upperCharSet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" 68 - specialCharSet = "!@#$%&*" 69 - numberSet = "0123456789" 70 - allCharSet = lowerCharSet + upperCharSet + specialCharSet + numberSet 71 - ) 72 - 73 - func testPassword() string { 74 - var password strings.Builder 75 - 76 - // Set special character 77 - for i := 0; i < 5; i++ { 78 - random := rand.IntN(len(specialCharSet)) 79 - password.WriteString(string(specialCharSet[random])) 80 - } 81 - 82 - // Set numeric 83 - for i := 0; i < 5; i++ { 84 - random := rand.IntN(len(numberSet)) 85 - password.WriteString(string(numberSet[random])) 86 - } 87 - 88 - // Set uppercase 89 - for i := 0; i < 5; i++ { 90 - random := rand.IntN(len(upperCharSet)) 91 - password.WriteString(string(upperCharSet[random])) 92 - } 93 - 94 - for i := 0; i < 5; i++ { 95 - random := rand.IntN(len(allCharSet)) 96 - password.WriteString(string(allCharSet[random])) 97 - } 98 - inRune := []rune(password.String()) 99 - rand.Shuffle(len(inRune), func(i, j int) { 100 - inRune[i], inRune[j] = inRune[j], inRune[i] 101 - }) 102 - return string(inRune) 46 + gock.New("https://api.pwnedpasswords.com").Get("/range/79082").Times(1).Reply(200).BodyString("FDF342FCD8C3611DAE4D76E8A992A3E4169:4\r\nFE81480327C992FE62065A827429DD1318B:0\r\nAFEF386F56EB0B4BE314E07696E5E6E6536:0") 47 + count, err = client.CheckPassword("paddednotpwnedzero", true) 48 + assert.NoError(t, err) 49 + assert.Equal(t, 0, count) 103 50 }

Configure Feed

Configure Feed