summaryrefslogtreecommitdiff
path: root/app/src/test/java
diff options
context:
space:
mode:
Diffstat (limited to 'app/src/test/java')
-rw-r--r--app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt54
-rw-r--r--app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt60
2 files changed, 114 insertions, 0 deletions
diff --git a/app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt b/app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt
new file mode 100644
index 00000000..f04913a1
--- /dev/null
+++ b/app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt
@@ -0,0 +1,54 @@
+/*
+ * Copyright © 2014-2021 The Android Password Store Authors. All Rights Reserved.
+ * SPDX-License-Identifier: GPL-3.0-only
+ */
+
+package dev.msfjarvis.aps.util.totp
+
+import kotlin.test.assertEquals
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.robolectric.RobolectricTestRunner
+import org.robolectric.annotation.Config
+
+@RunWith(RobolectricTestRunner::class)
+@Config(sdk = [23])
+class UriTotpFinderTest {
+
+ private val totpFinder = UriTotpFinder()
+
+ @Test
+ fun findSecret() {
+ assertEquals("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ", totpFinder.findSecret(TOTP_URI))
+ assertEquals(
+ "HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ",
+ totpFinder.findSecret("name\npassword\ntotp: HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ")
+ )
+ assertEquals("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ", totpFinder.findSecret(PASS_FILE_CONTENT))
+ }
+
+ @Test
+ fun findDigits() {
+ assertEquals("12", totpFinder.findDigits(TOTP_URI))
+ assertEquals("12", totpFinder.findDigits(PASS_FILE_CONTENT))
+ }
+
+ @Test
+ fun findPeriod() {
+ assertEquals(25, totpFinder.findPeriod(TOTP_URI))
+ assertEquals(25, totpFinder.findPeriod(PASS_FILE_CONTENT))
+ }
+
+ @Test
+ fun findAlgorithm() {
+ assertEquals("SHA256", totpFinder.findAlgorithm(TOTP_URI))
+ assertEquals("SHA256", totpFinder.findAlgorithm(PASS_FILE_CONTENT))
+ }
+
+ companion object {
+
+ const val TOTP_URI =
+ "otpauth://totp/ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA256&digits=12&period=25"
+ const val PASS_FILE_CONTENT = "password\n$TOTP_URI"
+ }
+}
diff --git a/app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt b/app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt
new file mode 100644
index 00000000..3d511132
--- /dev/null
+++ b/app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt
@@ -0,0 +1,60 @@
+/*
+ * Copyright © 2014-2021 The Android Password Store Authors. All Rights Reserved.
+ * SPDX-License-Identifier: GPL-3.0-only
+ */
+package dev.msfjarvis.aps.util.viewmodel
+
+import kotlin.test.assertFalse
+import kotlin.test.assertNull
+import kotlin.test.assertTrue
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.robolectric.RobolectricTestRunner
+import org.robolectric.annotation.Config
+
+private infix fun String.matchedForDomain(domain: String) =
+ SearchableRepositoryViewModel.generateStrictDomainRegex(domain)?.containsMatchIn(this) == true
+
+@RunWith(RobolectricTestRunner::class)
+@Config(sdk = [23])
+class StrictDomainRegexTest {
+
+ @Test
+ fun acceptsLiteralDomain() {
+ assertTrue("work/example.org/john.doe@example.org.gpg" matchedForDomain "example.org")
+ assertTrue("example.org/john.doe@example.org.gpg" matchedForDomain "example.org")
+ assertTrue("example.org.gpg" matchedForDomain "example.org")
+ }
+
+ @Test
+ fun acceptsSubdomains() {
+ assertTrue("work/www.example.org/john.doe@example.org.gpg" matchedForDomain "example.org")
+ assertTrue("www2.example.org/john.doe@example.org.gpg" matchedForDomain "example.org")
+ assertTrue("www.login.example.org.gpg" matchedForDomain "example.org")
+ }
+
+ @Test
+ fun rejectsPhishingAttempts() {
+ assertFalse("example.org.gpg" matchedForDomain "xample.org")
+ assertFalse("login.example.org.gpg" matchedForDomain "xample.org")
+ assertFalse("example.org/john.doe@exmple.org.gpg" matchedForDomain "xample.org")
+ assertFalse("example.org.gpg" matchedForDomain "e/xample.org")
+ }
+
+ @Test
+ fun rejectNonGpgComponentMatches() {
+ assertFalse("work/example.org" matchedForDomain "example.org")
+ }
+
+ @Test
+ fun rejectsEmailAddresses() {
+ assertFalse("work/notexample.org/john.doe@example.org.gpg" matchedForDomain "example.org")
+ assertFalse("work/notexample.org/john.doe@www.example.org.gpg" matchedForDomain "example.org")
+ assertFalse("work/john.doe@www.example.org/foo.org" matchedForDomain "example.org")
+ }
+
+ @Test
+ fun rejectsPathSeparators() {
+ assertNull(SearchableRepositoryViewModel.generateStrictDomainRegex("ex/ample.org"))
+ }
+}