diff options
Diffstat (limited to 'app/src/test/java')
-rw-r--r-- | app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt | 54 | ||||
-rw-r--r-- | app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt | 60 |
2 files changed, 114 insertions, 0 deletions
diff --git a/app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt b/app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt new file mode 100644 index 00000000..f04913a1 --- /dev/null +++ b/app/src/test/java/dev/msfjarvis/aps/util/totp/UriTotpFinderTest.kt @@ -0,0 +1,54 @@ +/* + * Copyright © 2014-2021 The Android Password Store Authors. All Rights Reserved. + * SPDX-License-Identifier: GPL-3.0-only + */ + +package dev.msfjarvis.aps.util.totp + +import kotlin.test.assertEquals +import org.junit.Test +import org.junit.runner.RunWith +import org.robolectric.RobolectricTestRunner +import org.robolectric.annotation.Config + +@RunWith(RobolectricTestRunner::class) +@Config(sdk = [23]) +class UriTotpFinderTest { + + private val totpFinder = UriTotpFinder() + + @Test + fun findSecret() { + assertEquals("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ", totpFinder.findSecret(TOTP_URI)) + assertEquals( + "HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ", + totpFinder.findSecret("name\npassword\ntotp: HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ") + ) + assertEquals("HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ", totpFinder.findSecret(PASS_FILE_CONTENT)) + } + + @Test + fun findDigits() { + assertEquals("12", totpFinder.findDigits(TOTP_URI)) + assertEquals("12", totpFinder.findDigits(PASS_FILE_CONTENT)) + } + + @Test + fun findPeriod() { + assertEquals(25, totpFinder.findPeriod(TOTP_URI)) + assertEquals(25, totpFinder.findPeriod(PASS_FILE_CONTENT)) + } + + @Test + fun findAlgorithm() { + assertEquals("SHA256", totpFinder.findAlgorithm(TOTP_URI)) + assertEquals("SHA256", totpFinder.findAlgorithm(PASS_FILE_CONTENT)) + } + + companion object { + + const val TOTP_URI = + "otpauth://totp/ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA256&digits=12&period=25" + const val PASS_FILE_CONTENT = "password\n$TOTP_URI" + } +} diff --git a/app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt b/app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt new file mode 100644 index 00000000..3d511132 --- /dev/null +++ b/app/src/test/java/dev/msfjarvis/aps/util/viewmodel/StrictDomainRegexTest.kt @@ -0,0 +1,60 @@ +/* + * Copyright © 2014-2021 The Android Password Store Authors. All Rights Reserved. + * SPDX-License-Identifier: GPL-3.0-only + */ +package dev.msfjarvis.aps.util.viewmodel + +import kotlin.test.assertFalse +import kotlin.test.assertNull +import kotlin.test.assertTrue +import org.junit.Test +import org.junit.runner.RunWith +import org.robolectric.RobolectricTestRunner +import org.robolectric.annotation.Config + +private infix fun String.matchedForDomain(domain: String) = + SearchableRepositoryViewModel.generateStrictDomainRegex(domain)?.containsMatchIn(this) == true + +@RunWith(RobolectricTestRunner::class) +@Config(sdk = [23]) +class StrictDomainRegexTest { + + @Test + fun acceptsLiteralDomain() { + assertTrue("work/example.org/john.doe@example.org.gpg" matchedForDomain "example.org") + assertTrue("example.org/john.doe@example.org.gpg" matchedForDomain "example.org") + assertTrue("example.org.gpg" matchedForDomain "example.org") + } + + @Test + fun acceptsSubdomains() { + assertTrue("work/www.example.org/john.doe@example.org.gpg" matchedForDomain "example.org") + assertTrue("www2.example.org/john.doe@example.org.gpg" matchedForDomain "example.org") + assertTrue("www.login.example.org.gpg" matchedForDomain "example.org") + } + + @Test + fun rejectsPhishingAttempts() { + assertFalse("example.org.gpg" matchedForDomain "xample.org") + assertFalse("login.example.org.gpg" matchedForDomain "xample.org") + assertFalse("example.org/john.doe@exmple.org.gpg" matchedForDomain "xample.org") + assertFalse("example.org.gpg" matchedForDomain "e/xample.org") + } + + @Test + fun rejectNonGpgComponentMatches() { + assertFalse("work/example.org" matchedForDomain "example.org") + } + + @Test + fun rejectsEmailAddresses() { + assertFalse("work/notexample.org/john.doe@example.org.gpg" matchedForDomain "example.org") + assertFalse("work/notexample.org/john.doe@www.example.org.gpg" matchedForDomain "example.org") + assertFalse("work/john.doe@www.example.org/foo.org" matchedForDomain "example.org") + } + + @Test + fun rejectsPathSeparators() { + assertNull(SearchableRepositoryViewModel.generateStrictDomainRegex("ex/ample.org")) + } +} |