From 2abe88eb15c73cbf2de09e7c2f0ea57c81a18056 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Sat, 3 Sep 2022 12:31:56 +0200 Subject: [PATCH] experimental access code for RbacUserEntity --- .../rbac/rbacuser/RbacUserEntity.java | 34 ++++++++- .../rbac/rbacuser/RbacUserEntityUnitTest.java | 69 +++++++++++++++++++ 2 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntityUnitTest.java diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntity.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntity.java index 77899361..2b936431 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntity.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntity.java @@ -3,7 +3,12 @@ package net.hostsharing.hsadminng.rbac.rbacuser; import lombok.*; import org.springframework.data.annotation.Immutable; -import javax.persistence.*; +import javax.persistence.Entity; +import javax.persistence.Id; +import javax.persistence.Table; +import java.time.LocalDateTime; +import java.time.format.DateTimeFormatter; +import java.time.temporal.ChronoUnit; import java.util.UUID; @Entity @@ -16,8 +21,35 @@ import java.util.UUID; @AllArgsConstructor public class RbacUserEntity { + private static final int MAX_VALIDITY_DAYS = 21; + private static DateTimeFormatter DATE_FORMAT_WITH_FULLHOUR = DateTimeFormatter.ofPattern("MM-dd-yyyy HH"); + @Id private UUID uuid; private String name; + + public String generateAccessCode() { + return generateAccessCode(LocalDateTime.now()); + } + + public boolean isValidAccessCode(final String accessCode, final int validityHours) { + if (validityHours > 24 * MAX_VALIDITY_DAYS) { + throw new IllegalArgumentException("Max validity (%s days) exceeded.".formatted(MAX_VALIDITY_DAYS)); + } + if (generateAccessCode(LocalDateTime.now().minus(validityHours, ChronoUnit.HOURS)).equals(accessCode)) { + return true; + } + if (validityHours < 0) { + return false; + } + return isValidAccessCode(accessCode, validityHours - 1); + } + + String generateAccessCode(final LocalDateTime timestamp) { + final var compound = name + ":" + uuid + ":" + timestamp.format(DATE_FORMAT_WITH_FULLHOUR); + final var code = String.valueOf(1000000 + Math.abs(compound.hashCode()) % 100000); + return code.substring(1, 4) + ":" + code.substring(4, 7); + } + } diff --git a/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntityUnitTest.java b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntityUnitTest.java new file mode 100644 index 00000000..b1cff68e --- /dev/null +++ b/src/test/java/net/hostsharing/hsadminng/rbac/rbacuser/RbacUserEntityUnitTest.java @@ -0,0 +1,69 @@ +package net.hostsharing.hsadminng.rbac.rbacuser; + +import org.junit.jupiter.api.Test; + +import java.time.LocalDateTime; +import java.time.temporal.ChronoUnit; +import java.util.UUID; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatThrownBy; + +class RbacUserEntityUnitTest { + + RbacUserEntity givenUser = new RbacUserEntity(UUID.randomUUID(), "test@example.org"); + + @Test + void generatedAccessCodeMatchesDefinedPattern() { + final var givenAccessCode = givenUser.generateAccessCode(); + + final var actual = givenAccessCode.matches("[0-9]{3}:[0-9]{3}"); + + assertThat(actual).isTrue(); + } + + @Test + void freshAccessCodeIsValid() { + final var givenAccessCode = givenUser.generateAccessCode(); + + final var actual = givenUser.isValidAccessCode(givenAccessCode, 4); + + assertThat(actual).isTrue(); + } + + @Test + void recentEnoughAccessCodeIsValid() { + final var givenAccessCode = givenUser.generateAccessCode(LocalDateTime.now().minus(4, ChronoUnit.HOURS)); + + final var actual = givenUser.isValidAccessCode(givenAccessCode, 4); + + assertThat(actual).isTrue(); + } + + @Test + void outdatedEnoughAccessCodeIsNotValid() { + final var givenAccessCode = givenUser.generateAccessCode(LocalDateTime.now().minus(5, ChronoUnit.HOURS)); + + final var actual = givenUser.isValidAccessCode(givenAccessCode, 4); + + assertThat(actual).isFalse(); + } + + @Test + void noExceptionIsThrowIfMaxValidityIsNotExceeded() { + final var givenAccessCode = givenUser.generateAccessCode(); + + givenUser.isValidAccessCode(givenAccessCode, 24 * 21); + } + + @Test + void illegalArgumentExceptionIsThrowIfMaxValidityIsExceeded() { + final var givenAccessCode = givenUser.generateAccessCode(); + + assertThatThrownBy(() -> { + givenUser.isValidAccessCode(givenAccessCode, 24 * 21 + 1); + }) + .isInstanceOf(IllegalArgumentException.class) + .hasMessage("Max validity (21 days) exceeded."); + } +}