private async Task CheckPassword()
{
if (string.IsNullOrEmpty(passwordTextBox.Text))
{
return;
}
var client = new PwnedPasswordsClient(new HttpClient());
UpdateStatus("Checking if pwned...");
try
{
var response = await client.GetHasBeenPwnedAsync(passwordTextBox.Text);
if (response.IsPwned)
{
MessageBox.Show($"Password has been pwned {response.Count.ToString("N0")} times before.", "Pwned Password", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
}
else
{
MessageBox.Show("Password has yet to be pwned.", "Pwned Password", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}
catch (PwnedPasswordsClientException ex)
{
MessageBox.Show($"Problem while checking password.\n\nError Message:\n{ex.Message}", "Pwned Password", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
finally
{
UpdateStatus();
}
}
[Fact, Trait("Category", "Integration")] // don't run it automatically
public async Task HasPasswordBeenPwned_WhenWeakPasswordButUnderThresholdViews_ReturnsFalse()
{
PwnedPasswordsClient service = GetClient(5000);
var pwnedPassword = "******";
var isPwned = await service.HasPasswordBeenPwned(pwnedPassword);
Assert.True(isPwned, "Checking for Pwned password should return true");
}
[Fact, Trait("Category", "Integration")] // don't run it automatically
public async Task HasPasswordBeenPwned_WhenWeakPassword_ReturnsTrue()
{
PwnedPasswordsClient service = GetClient();;
var pwnedPassword = "******";
var isPwned = await service.HasPasswordBeenPwned(pwnedPassword);
Assert.True(isPwned, "Checking for Pwned password should return true");
}
[Fact, Trait("Category", "Integration")] // don't run it automatically
public async Task HasPasswordBeenPwned_WhenStrongPassword_ReturnsFalse()
{
PwnedPasswordsClient service = GetClient();
var safePassword = "******";
var isPwned = await service.HasPasswordBeenPwned(safePassword);
Assert.False(isPwned, "Checking for safe password should return false");
}
public async Task <PwnedPasswordDto> Validate(string password)
{
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var client = new PwnedPasswordsClient(new HttpClient());
var pwnedPassword = await client.GetHasBeenPwnedAsync(password);
return(new PwnedPasswordDto
{
IsPwned = pwnedPassword.IsPwned,
Count = pwnedPassword.Count
});
}
public async Task <PwnedPasswordDto> Validate(string password)
{
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; // SECURE: Advice from FxCop to allow system to choose best, however this is required to run locally
var client = new PwnedPasswordsClient(new HttpClient());
var pwnedPassword = await client.GetHasBeenPwnedAsync(password);
return(new PwnedPasswordDto
{
IsPwned = pwnedPassword.IsPwned,
Count = pwnedPassword.Count
});
}
private static PwnedPasswordsClient GetClient()
{
var services = new ServiceCollection();
services.AddPwnedPasswordHttpClient();
var provider = services.BuildServiceProvider();
//all called in one method to easily enforce timout
var service = new PwnedPasswordsClient(
provider.GetService <IHttpClientFactory>().CreateClient(PwnedPasswordsClient.DefaultName),
MockHelpers.StubLogger <PwnedPasswordsClient>());
return(service);
}
public void SetUp()
{
_sut = new PwnedPasswordsClient(new HttpClient());
}
public PwnedPasswordsValidator(PwnedPasswordsClient client)
{
_client = client ?? throw new ArgumentNullException(nameof(client));
}
