summaryrefslogtreecommitdiff
path: root/test/unit/token_test.rb
diff options
context:
space:
mode:
authorazul <azul@leap.se>2014-05-26 10:08:27 +0200
committerazul <azul@leap.se>2014-05-26 10:08:27 +0200
commit1d0d61389011a8d0d169bc139590d90a6fbbac60 (patch)
tree9746836914f455889af9e24fdff36a1241ef4b24 /test/unit/token_test.rb
parentdf298887221cffc8cacc8965d73a0d7850118849 (diff)
parent5764daae090227bf4c5967900b708392c967be47 (diff)
Merge pull request #163 from azul/feature/3398-save-hashed-token
hash token with sha512 against timing attacs #3398
Diffstat (limited to 'test/unit/token_test.rb')
-rw-r--r--test/unit/token_test.rb23
1 files changed, 14 insertions, 9 deletions
diff --git a/test/unit/token_test.rb b/test/unit/token_test.rb
index a3c6cf6..b143345 100644
--- a/test/unit/token_test.rb
+++ b/test/unit/token_test.rb
@@ -14,17 +14,22 @@ class ClientCertificateTest < ActiveSupport::TestCase
assert_equal @user, sample.authenticate
end
- test "token id is secure" do
+ test "token is secure" do
sample = Token.new(:user_id => @user.id)
other = Token.new(:user_id => @user.id)
- assert sample.id,
- "id is set on initialization"
- assert sample.id[0..10] != other.id[0..10],
- "token id prefixes should not repeat"
- assert /[g-zG-Z]/.match(sample.id),
- "should use non hex chars in the token id"
- assert sample.id.size > 16,
- "token id should be more than 16 chars long"
+ assert sample.token,
+ "token is set on initialization"
+ assert sample.token[0..10] != other.token[0..10],
+ "token prefixes should not repeat"
+ assert /[g-zG-Z]/.match(sample.token),
+ "should use non hex chars in the token"
+ assert sample.token.size > 16,
+ "token should be more than 16 chars long"
+ end
+
+ test "token id is hash of the token" do
+ sample = Token.new(:user_id => @user.id)
+ assert_equal Digest::SHA512.hexdigest(sample.token), sample.id
end
test "token checks for user" do