mirror of https://github.com/longtai-cn/hippo4j
* fix #1167 Verify password length to prevent denial of service attack caused by too long password * Add unit testspull/923/merge
parent
3b80c28e2d
commit
8215c2a981
@ -0,0 +1,20 @@
|
|||||||
|
package cn.hippo4j.auth.service.impl;
|
||||||
|
|
||||||
|
import org.junit.Assert;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
|
class UserServiceImplTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void checkPasswordLength() {
|
||||||
|
//密码为null、空串、过短、过长都会抛出异常
|
||||||
|
UserServiceImpl userService = new UserServiceImpl(null, null, null);
|
||||||
|
Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength(null));
|
||||||
|
Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength(""));
|
||||||
|
String shortPassword = "12345";
|
||||||
|
Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength(shortPassword));
|
||||||
|
String LongPassword = "fjhdjfghdsgahfgajdhsgafghdsbvhbervjdsvhdsbhfbhsdbhfbhsdbavbsbdhjfbhjsdbhfbsdbf";
|
||||||
|
Assert.assertThrows(RuntimeException.class, () -> userService.checkPasswordLength(LongPassword));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in new issue