Skip to content

Add count of compromises #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add count of compromises #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
48dcc1b
add count of compromises as returned value and containerize testing
NickBorgersOnLowSecurityNode Jul 26, 2022
6a72960
make Docker linter happy by using absolute path for WORKDIR
NickBorgersOnLowSecurityNode Jul 26, 2022
b84fa1d
make this a non-breaking change
NickBorgersOnLowSecurityNode Jul 28, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
build:
docker build -t test-pwned-passwords -f test.Dockerfile .

test:
docker run --volume=$(CURDIR):/go/pwned-passwords/ test-pwned-passwords go test
21 changes: 14 additions & 7 deletions hibp.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,8 +103,14 @@ func (c *Client) Do(req *http.Request) ([]string, error) {

// Compromised will build and execute a request to HIBP to check to see if the passed value is compromised or not.
func (c *Client) Compromised(value string) (bool, error) {
compromised, _, error := c.CompromisedCount(value)
return compromised, error
}

// Compromised will build and execute a request to HIBP to check to see if the passed value is compromised or not.
func (c *Client) CompromisedCount(value string) (bool, int64, error) {
if value == "" {
return false, errors.New("value for compromised check cannot be empty")
return false, 0, errors.New("value for compromised check cannot be empty")
}

hashedStr := hashString(value)
Expand All @@ -113,12 +119,12 @@ func (c *Client) Compromised(value string) (bool, error) {

request, err := c.NewRequest("GET", fmt.Sprintf("range/%s", prefix), nil)
if err != nil {
return false, err
return false, 0, err
}

response, err := c.Do(request)
if err != nil {
return false, err
return false, 0, err
}

for _, target := range response {
Expand All @@ -127,15 +133,16 @@ func (c *Client) Compromised(value string) (bool, error) {
}

if target[:35] == suffix {
if _, err = strconv.ParseInt(target[36:], 10, 64); err != nil {
return false, err
var count int64
if count, err = strconv.ParseInt(target[36:], 10, 64); err != nil {
return false, 0, err
}

return true, err
return true, count, err
}
}

return false, err
return false, 0, err
}

// hashString will return a sha1 hash of the given value.
Expand Down
70 changes: 70 additions & 0 deletions hibp_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,27 @@ func TestCompromisedHash(t *testing.T) {
}
}

// TestCompromisedCountHash will test a compromised value against the HIBP API.
func TestCompromisedCountHash(t *testing.T) {
// Register the test.
RegisterTestingT(t)

client := NewClient()

compromised, count, err := client.CompromisedCount("p@ssword")
if err != nil {
t.Fatalf("Unexpected error running client.Pwned.Compromised(): %s", err)
}

if !compromised {
t.Fatalf("Expected compromised hash (p@ssword) to be true but got: %v", compromised)
}

if count == 0 {
t.Fatalf("Expected compromised hash (p@ssword) to have been compromised at least once but got: %v", count)
}
}

// TestNonCompromisedHash will test a non-compromised value against the HIBP API.
func TestNonCompromisedHash(t *testing.T) {
// Register the test.
Expand All @@ -66,6 +87,30 @@ func TestNonCompromisedHash(t *testing.T) {
}
}

// TestNonCompromisedCountHash will test a non-compromised value against the HIBP API.
func TestNonCompromisedCountHash(t *testing.T) {
// Register the test.
RegisterTestingT(t)

client := NewClient()

// Check if input is compromised.
value := fmt.Sprintf("SHOULD_NOT_BE_COMPROMISED_%s", time.Now().Format("2006-01-02 15:04:05"))

compromised, count, err := client.CompromisedCount(value)
if err != nil {
t.Fatalf("Unexpected error running client.Pwned.Compromised(): %s", err)
}

if compromised {
t.Fatalf("Expected non-compromised hash to be false but got: %v", compromised)
}

if count != 0 {
t.Fatalf("Expected non-compromised hash to have been compromised exactly 0 times but got: %v", count)
}
}

func TestEmptyCompromisedHash(t *testing.T) {
// Register the test.
RegisterTestingT(t)
Expand All @@ -86,3 +131,28 @@ func TestEmptyCompromisedHash(t *testing.T) {
t.Fatalf("Expected empty compromised hash to be false but got: %v", compromised)
}
}

func TestEmptyCompromisedCountHash(t *testing.T) {
// Register the test.
RegisterTestingT(t)

client := NewClient()

// Check if input is compromised.
compromised, count, err := client.CompromisedCount("")
if err == nil {
t.Fatal("Expected error when checking empty value, but got: nil")
}

if err.Error() != "value for compromised check cannot be empty" {
t.Fatalf("Expected err to read 'value for compromised check cannot be empty' but got: '%v'", err)
}

if compromised {
t.Fatalf("Expected empty compromised hash to be false but got: %v", compromised)
}

if count != 0 {
t.Fatalf("Expected empty compromised hash to have been compromised exactly 0 times but got: %v", count)
}
}
7 changes: 7 additions & 0 deletions test.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
FROM golang:1.13-buster

COPY go.* ./pwned-passwords/

WORKDIR /go/pwned-passwords/

RUN go mod download