public/simple-object-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a70dce2e7592b70de0ecd72800e153e2374f96d5
simple-object-server/testing/test_hash_token.sh
j842 a70dce2e75
All checks were successful
Build-Test-Publish / build (linux/amd64) (push) Successful in 29s
Details
Build-Test-Publish / build (linux/arm64) (push) Successful in 35s
Details
Build-Test-Publish / create-manifest (push) Successful in 14s
Details
Update testing/test_hash_token.sh
2025-08-17 14:55:07 +12:00

156 lines
5.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -euo pipefail
# FUNCTIONS
function title() {
echo "----------------------------------------"
# Center the text
local text="$1"
local line_length=40
local text_length=${#text}
local padding=$(( (line_length - text_length) / 2 ))
printf "%*s%s%*s\n" $padding "" "$text" $padding ""
echo "----------------------------------------"
}
function die() {
title "error: $1"
exit 1
}
#------------------------------------------------------------------------------------------------
title "Testing hash_token utility"
# Determine if we're running inside or outside the container
if [ -f /.dockerenv ] || [ -n "${DOCKER_CONTAINER:-}" ]; then
# We're inside the container, run commands directly
HASH_TOKEN_CMD="/sos/hash_token --quiet"
IN_CONTAINER=true
else
# We're outside the container, use docker exec
HASH_TOKEN_CMD="docker exec sos-test /sos/hash_token --quiet"
IN_CONTAINER=false
fi
# Test 1: Verify hash_token exists
echo "1. Checking if hash_token exists..."
if [ "$IN_CONTAINER" = true ]; then
if [ -f /sos/hash_token ]; then
echo "✓ hash_token utility found at /sos/hash_token"
else
die "hash_token utility not found at /sos/hash_token"
fi
else
if docker exec sos-test ls /sos/hash_token >/dev/null 2>&1; then
echo "✓ hash_token utility found in container"
else
die "hash_token utility not found in container at /sos/hash_token"
fi
fi
# Test 2: Generate a hash and verify format
echo "2. Testing hash generation..."
TEST_TOKEN="test-token-$(date +%s)"
HASH=$($HASH_TOKEN_CMD "$TEST_TOKEN" 2>/dev/null)
if [ -z "$HASH" ]; then
die "hash_token did not produce any output"
fi
echo "Generated hash: $HASH"
# Verify hash format (should start with $2b$ for bcrypt)
if [[ $HASH == \$2b\$* ]]; then
echo "✓ Hash has correct bcrypt format"
else
die "Hash does not have correct bcrypt format (should start with \$2b\$)"
fi
# Test 3: Verify hash length (bcrypt hashes are typically 60-106 characters)
HASH_LENGTH=${#HASH}
if [ $HASH_LENGTH -ge 59 ] && [ $HASH_LENGTH -le 106 ]; then
echo "✓ Hash has correct length ($HASH_LENGTH characters)"
else
die "Hash has incorrect length ($HASH_LENGTH characters, expected 60-106)"
fi
# Test 4: Generate multiple hashes for same token and verify they're different
echo "3. Testing hash uniqueness (same token should produce different hashes)..."
HASH1=$($HASH_TOKEN_CMD "same-token" 2>/dev/null)
HASH2=$($HASH_TOKEN_CMD "same-token" 2>/dev/null)
if [ "$HASH1" != "$HASH2" ]; then
echo "✓ Same token produces different hashes (expected bcrypt behavior)"
else
echo "Warning: Same token produced identical hashes (unexpected but not critical)"
fi
# Test 5: Test with special characters
echo "4. Testing with special characters..."
SPECIAL_TOKEN='test!@#$%^&*()_+-=[]{}|;:,.<>?'
SPECIAL_HASH=$($HASH_TOKEN_CMD "$SPECIAL_TOKEN" 2>/dev/null || echo "FAILED")
if [ "$SPECIAL_HASH" != "FAILED" ] && [[ $SPECIAL_HASH == \$2b\$* ]]; then
echo "✓ Special characters handled correctly"
else
die "Failed to handle special characters in token"
fi
# Test 6: Test with empty token (should fail or produce output)
echo "5. Testing with empty token..."
EMPTY_RESULT=$($HASH_TOKEN_CMD "" 2>&1 || echo "EXPECTED_FAILURE")
if [ "$EMPTY_RESULT" == "EXPECTED_FAILURE" ] || [ -z "$EMPTY_RESULT" ]; then
echo "✓ Empty token handled appropriately"
else
# Empty token might still produce a hash, which is also acceptable
if [[ $EMPTY_RESULT == \$2b\$* ]]; then
echo "✓ Empty token produces valid hash"
else
echo "Warning: Unexpected behavior with empty token"
fi
fi
# Test 7: Test authentication with generated hash using existing server
echo "6. Testing authentication with generated hash..."
# Generate a new token and hash
AUTH_TOKEN="auth-test-$(date +%s)"
# Use the base command without --quiet for this specific case
if [ "$IN_CONTAINER" = true ]; then
AUTH_HASH=$(/sos/hash_token --quiet "$AUTH_TOKEN" 2>/dev/null)
else
AUTH_HASH=$(docker exec sos-test /sos/hash_token --quiet "$AUTH_TOKEN" 2>/dev/null)
fi
echo "Generated token: $AUTH_TOKEN"
echo "Generated hash for authentication: ${AUTH_HASH:0:20}..."
# The server is already running on port 7703, but it has different tokens configured
# So we'll just verify that the hash_token utility generates valid bcrypt hashes
# that could be used in a config file
# Verify the generated hash format is correct for use in config
if [[ $AUTH_HASH == \$2b\$* ]] && [ ${#AUTH_HASH} -ge 59 ]; then
echo "✓ Generated hash is valid for use in authentication config"
# Generate another hash for the same token to verify it's different (bcrypt salt)
if [ "$IN_CONTAINER" = true ]; then
AUTH_HASH2=$(/sos/hash_token --quiet "$AUTH_TOKEN" 2>/dev/null)
else
AUTH_HASH2=$(docker exec sos-test /sos/hash_token --quiet "$AUTH_TOKEN" 2>/dev/null)
fi
if [ "$AUTH_HASH" != "$AUTH_HASH2" ]; then
echo "✓ Different hashes generated for same token (proper salting)"
else
echo "Warning: Same hash generated for same token (salting issue?)"
fi
# Note: The --verify mode requires TTY for password input, which isn't available in test environment
echo "Note: Verification test skipped (requires interactive TTY)"
else
echo "Warning: Generated hash may not be suitable for authentication"
fi
title "hash_token tests completed"
Reference in New Issue View Git Blame Copy Permalink