TRST-2676: added emailPasswordSHA256 and passwordSHA1SHA256

lib/ravelin/password.rb

@@ -2,19 +2,28 @@
 
 module Ravelin
   class Password < RavelinObject
-    attr_accessor :success, :failure_reason, :password_hashed
+    attr_accessor :success, :failure_reason, :password_hashed, :emailPasswordSHA256, :passwordSHA1SHA256
     attr_required :success
 
     # Alternative interface, because when the attr is called "password_hashed",
     # the end user might think they need to hash the password themselves
     def password=(passwd)
       @password_hashed = Digest::SHA256.hexdigest(passwd)
+      @passwordSHA1SHA256 =  Digest::SHA256.hexdigest(Digest::SHA1.hexdigest(passwd))
     end
 
     def password_hashed=(passwd)
       @password_hashed = passwd
     end
 
+    def emailPassword=(emailPassword)
+      @emailPasswordSHA256 = Digest::SHA256.hexdigest(emailPassword)
+    end
+
+    def passwordSHA1SHA256=(passwd)
+      @passwordSHA1SHA256 =  Digest::SHA256.hexdigest(Digest::SHA1.hexdigest(passwd))
+    end 
+
     FAILURE_REASONS = %w(BAD_PASSWORD UNKNOWN_USERNAME AUTHENTICATION_FAILURE INTERNAL_ERROR RATE_LIMIT BANNED_USER)
 
     def validate

spec/ravelin/login_spec.rb

@@ -1,4 +1,5 @@
 require 'spec_helper'
+require 'digest'
 
 describe Ravelin::Login do
   subject do
@@ -10,7 +11,8 @@
         authentication_mechanism: {
           password: {
             password: "lol",
-            success: true
+            success: true, 
+            emailPassword: "[email protected]",
           }
         },
         custom: {
@@ -22,6 +24,9 @@
 
   context 'creates instance with valid params' do
     it { expect { subject }.to_not raise_exception }
+
+    it { expect(subject.authentication_mechanism.password.emailPasswordSHA256).to eq(Digest::SHA256.hexdigest("[email protected]")) }
+    it { expect(subject.authentication_mechanism.password.passwordSHA1SHA256).to eq(Digest::SHA256.hexdigest(Digest::SHA1.hexdigest('lol'))) }
   end
 
   context 'creates an authentication_mechanism object' do