public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret) { if (!_next.VerifySecret(key, presentedSecret, actualSecret)) { _logger.Warn( $"Unable to decode the secret for vendor \"{key}\" using the secret verifier \"{_next.GetType().Name}\". You may need to reset the secret for this vendor."); return(false); } var hashAlgorithm = _hashConfiguration.GetAlgorithmHashCode(); if (actualSecret.IsHashed) { var packedHash = _packedHashConverter.GetPackedHash(actualSecret.Secret); if (packedHash.HashAlgorithm == hashAlgorithm && packedHash.Iterations == _hashConfiguration.Iterations && packedHash.Salt.Length == _hashConfiguration.GetSaltSizeInBytes()) { return(true); } } actualSecret.Secret = _securePackedHashProvider.ComputePackedHashString( presentedSecret, hashAlgorithm, _hashConfiguration.Iterations, _hashConfiguration.GetSaltSizeInBytes()); actualSecret.IsHashed = true; _apiClientSecretProvider.SetSecret(key, actualSecret); return(true); }
public virtual void Should_not_save_new_password() { A.CallTo(() => _apiClientSecretProvider.SetSecret(Key, _apiClientSecret)).MustNotHaveHappened(); }
public void Should_persist_the_packedhash() { A.CallTo(() => _apiClientSecretProvider.SetSecret(A <string> .That.IsNotNull(), A <ApiClientSecret> .That.IsEqualTo(_apiClientSecret))); }
public virtual void Should_save_new_secret() { A.CallTo(() => _apiClientSecretProvider.SetSecret(Key, _apiClientSecret)).MustHaveHappenedOnceExactly(); }