diff options
Diffstat (limited to 'spec/models/concerns/token_authenticatable_strategies/encryption_helper_spec.rb')
-rw-r--r-- | spec/models/concerns/token_authenticatable_strategies/encryption_helper_spec.rb | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/spec/models/concerns/token_authenticatable_strategies/encryption_helper_spec.rb b/spec/models/concerns/token_authenticatable_strategies/encryption_helper_spec.rb new file mode 100644 index 00000000000..6f322a32a3b --- /dev/null +++ b/spec/models/concerns/token_authenticatable_strategies/encryption_helper_spec.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe TokenAuthenticatableStrategies::EncryptionHelper do + let(:encrypted_token) { described_class.encrypt_token('my-value') } + + describe '.encrypt_token' do + it 'encrypts token' do + expect(encrypted_token).not_to eq('my-value') + end + end + + describe '.decrypt_token' do + it 'decrypts token with static iv' do + expect(described_class.decrypt_token(encrypted_token)).to eq('my-value') + end + + it 'decrypts token with dynamic iv' do + iv = ::Digest::SHA256.hexdigest('my-value').bytes.take(described_class::NONCE_SIZE).pack('c*') + token = Gitlab::CryptoHelper.aes256_gcm_encrypt('my-value', nonce: iv) + encrypted_token = "#{described_class::DYNAMIC_NONCE_IDENTIFIER}#{token}#{iv}" + + expect(described_class.decrypt_token(encrypted_token)).to eq('my-value') + end + end +end |