| 1 | // SPDX-License-Identifier: AGPL-3.0-or-later |
| 2 | |
| 3 | package passwords |
| 4 | |
| 5 | import "testing" |
| 6 | |
| 7 | func TestIsCommon(t *testing.T) { |
| 8 | t.Parallel() |
| 9 | common := []string{"password", "123456", "qwerty", "letmein", "iloveyou"} |
| 10 | for _, p := range common { |
| 11 | if !IsCommon(p) { |
| 12 | t.Errorf("expected %q to be flagged as common", p) |
| 13 | } |
| 14 | } |
| 15 | } |
| 16 | |
| 17 | func TestIsCommon_CaseInsensitive(t *testing.T) { |
| 18 | t.Parallel() |
| 19 | if !IsCommon("Password") || !IsCommon("PASSWORD") { |
| 20 | t.Fatal("common-password match should be case-insensitive") |
| 21 | } |
| 22 | } |
| 23 | |
| 24 | func TestIsCommon_AllowsStrong(t *testing.T) { |
| 25 | t.Parallel() |
| 26 | strong := "Tr0ub4dor-correct-horse-battery-staple" |
| 27 | if IsCommon(strong) { |
| 28 | t.Fatalf("strong password %q wrongly flagged as common", strong) |
| 29 | } |
| 30 | } |
| 31 | |
| 32 | func TestSize_AtLeast9000(t *testing.T) { |
| 33 | t.Parallel() |
| 34 | // We embed SecLists' 10k-most-common (some duplicates collapse on |
| 35 | // case-fold). Allow some slack but require the list to actually load. |
| 36 | if got := Size(); got < 9000 { |
| 37 | t.Fatalf("Size() = %d; expected at least 9000 entries", got) |
| 38 | } |
| 39 | } |
| 40 |