47 lines
1.4 KiB
C#
47 lines
1.4 KiB
C#
|
using SIGCM2.Infrastructure.Security;
|
||
|
|
|
||
|
|
namespace SIGCM2.Application.Tests.Infrastructure;
|
||
|
|
|
||
|
|
public class BcryptPasswordHasherTests
|
||
|
|
{
|
||
|
|
private readonly BcryptPasswordHasher _hasher = new();
|
||
|
|
|
||
|
|
// The seed hash for '@Diego550@' generated at cost 12
|
||
|
|
private const string SeedHash = "$2a$12$rmq6tlSAQ8WXhR2CwLCSeuwCJKz/.8Eab95UQCUNfwe4dokeOqMcW";
|
||
|
|
|
||
|
|
// Scenario: correct password verifies against seed hash
|
||
|
|
[Fact]
|
||
|
|
public void Verify_CorrectPassword_ReturnsTrue()
|
||
|
|
{
|
||
|
|
var result = _hasher.Verify("@Diego550@", SeedHash);
|
||
|
|
Assert.True(result);
|
||
|
|
}
|
||
|
|
|
||
|
|
// Triangulation: wrong password does not verify
|
||
|
|
[Fact]
|
||
|
|
public void Verify_WrongPassword_ReturnsFalse()
|
||
|
|
{
|
||
|
|
var result = _hasher.Verify("WrongPass1", SeedHash);
|
||
|
|
Assert.False(result);
|
||
|
|
}
|
||
|
|
|
||
|
|
// Hash + Verify round-trip: hash a new password and verify it
|
||
|
|
[Fact]
|
||
|
|
public void Hash_ThenVerify_ReturnsTrue()
|
||
|
|
{
|
||
|
|
var plain = "TestPassword123!";
|
||
|
|
var hash = _hasher.Hash(plain);
|
||
|
|
|
||
|
|
Assert.StartsWith("$2a$", hash); // BCrypt format
|
||
|
|
Assert.True(_hasher.Verify(plain, hash));
|
||
|
|
}
|
||
|
|
|
||
|
|
// Triangulation: verification of different password against generated hash fails
|
||
|
|
[Fact]
|
||
|
|
public void Hash_ThenVerifyWrong_ReturnsFalse()
|
||
|
|
{
|
||
|
|
var hash = _hasher.Hash("OriginalPassword1!");
|
||
|
|
Assert.False(_hasher.Verify("DifferentPassword1!", hash));
|
||
|
|
}
|
||
|
|
}
|