diff --git a/src/main/java/fr/xephi/authme/security/crypts/TwoFactor.java b/src/main/java/fr/xephi/authme/security/crypts/TwoFactor.java index 21a5f2fc..e9a48845 100644 --- a/src/main/java/fr/xephi/authme/security/crypts/TwoFactor.java +++ b/src/main/java/fr/xephi/authme/security/crypts/TwoFactor.java @@ -4,12 +4,14 @@ import com.google.common.escape.Escaper; import com.google.common.io.BaseEncoding; import com.google.common.net.UrlEscapers; import com.google.common.primitives.Ints; - +import fr.xephi.authme.ConsoleLogger; import fr.xephi.authme.security.crypts.description.HasSalt; import fr.xephi.authme.security.crypts.description.Recommendation; import fr.xephi.authme.security.crypts.description.SaltType; import fr.xephi.authme.security.crypts.description.Usage; +import javax.crypto.Mac; +import javax.crypto.spec.SecretKeySpec; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; @@ -17,9 +19,6 @@ import java.util.Arrays; import java.util.Calendar; import java.util.concurrent.TimeUnit; -import javax.crypto.Mac; -import javax.crypto.spec.SecretKeySpec; - @Recommendation(Usage.DOES_NOT_WORK) @HasSalt(SaltType.NONE) public class TwoFactor extends UnsaltedMethod { @@ -58,12 +57,13 @@ public class TwoFactor extends UnsaltedMethod { public boolean comparePassword(String password, HashedPassword hashedPassword, String name) { try { return checkPassword(hashedPassword.getHash(), password); - } catch (NoSuchAlgorithmException | InvalidKeyException encryptionException) { - throw new UnsupportedOperationException("Failed to compare passwords", encryptionException); + } catch (Exception e) { + ConsoleLogger.logException("Failed to verify two auth code:", e); + return false; } } - public boolean checkPassword(String secretKey, String userInput) + private boolean checkPassword(String secretKey, String userInput) throws NoSuchAlgorithmException, InvalidKeyException { Integer code = Ints.tryParse(userInput); if (code == null) { diff --git a/src/test/java/fr/xephi/authme/security/crypts/TwoFactorTest.java b/src/test/java/fr/xephi/authme/security/crypts/TwoFactorTest.java new file mode 100644 index 00000000..9b2dddff --- /dev/null +++ b/src/test/java/fr/xephi/authme/security/crypts/TwoFactorTest.java @@ -0,0 +1,63 @@ +package fr.xephi.authme.security.crypts; + +import fr.xephi.authme.TestHelper; +import org.junit.BeforeClass; +import org.junit.Test; + +import static org.hamcrest.Matchers.equalTo; +import static org.junit.Assert.assertThat; + +/** + * Test for {@link TwoFactor}. + */ +public class TwoFactorTest { + + @BeforeClass + public static void initLogger() { + TestHelper.setupLogger(); + } + + @Test + public void shouldGenerateBarcodeUrl() { + // given + String user = "tester"; + String host = "192.168.0.4"; + String secret = "3AK6Y4KWGRLJMEQW"; + + // when + String url = TwoFactor.getQRBarcodeURL(user, host, secret); + + // then + String expected = "https://www.google.com/chart?chs=130x130&chld=M%7C0&cht=qr" + + "&chl=otpauth://totp/tester@192.168.0.4%3Fsecret%3D3AK6Y4KWGRLJMEQW"; + assertThat(url, equalTo(expected)); + } + + @Test + public void shouldHandleInvalidHash() { + // given + HashedPassword password = new HashedPassword("!@&#@!(*&@"); + String inputPassword = "12345"; + TwoFactor twoFactor = new TwoFactor(); + + // when + boolean result = twoFactor.comparePassword(inputPassword, password, "name"); + + // then + assertThat(result, equalTo(false)); + } + + @Test + public void shouldHandleInvalidInput() { + // given + HashedPassword password = new HashedPassword("3AK6Y4KWGRLJMEQW"); + String inputPassword = "notA_number!"; + TwoFactor twoFactor = new TwoFactor(); + + // when + boolean result = twoFactor.comparePassword(inputPassword, password, "name"); + + // then + assertThat(result, equalTo(false)); + } +}