strong_password 0.0.6 → 0.0.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0506c07961d8cf54ee30542579493af60a4a508c176f7de7c0131d8082bcdf35
-  data.tar.gz: 132ea4c4bc8a96f44b687a342f418ef9c183efb696618cf6b6a7f14a3558c590
+  metadata.gz: 9a5e366ad0a5a46d9b2dbda6c2b637bfcbc667f4ed8e7b4cd25e64ed75d315bd
+  data.tar.gz: 2793f8c780ef37d19a3b5b11ae81adf175fa0f2d6716047830e0d79efbc6891c
 SHA512:
-  metadata.gz: 9342ba93d158425cb8623662341f43fda16c33102590c846571767f09aa8def4a34f4d0d03eb150ea468b3f3c2de58a4cdf2f57c29367fbbc402a3e797b4f893
-  data.tar.gz: 5ba21b3b35527fc07fe5744dc9560e083fe0844a316c88ef22249aeacea0f77ec1b3082a6fb20b4eb6cc7f4cabb63560433023c1c438a73a28e60ec46e64b4aa
+  metadata.gz: 6a155d97437572fcaa4b17142f1f0e355128925620dd461525f8480194f6b9c89dc848494d2eb261b9cca15c54cbd452437ad6f2a3f8f4f4ccccbb9bb9955bb9
+  data.tar.gz: 63761deb2f831eed7cf7150c17f72e9f64f5d37398ce7ff1a9c253a61404775654fa0f29113af367f43c3cc2471d025f099e15083c06b0ef9c88206fbdd22a42

data/CHANGELOG

@@ -1,3 +1,16 @@
+## v0.0.8
+This release breaks backwards compatibility if you are using the lib components
+directly. If you are using the ActiveModel validations in a Rails project then
+you should be unaffected.
+
+The major changes when used directly are that you now initialize the objects
+with the various strength options instead of the password and then provide the
+password to the various methods. The README section on standalone usage has
+been updated to reflect this change.
+
+* jacobat - Performance improvements
+* jacksenechal - Updated README
+
 ## v0.0.4
 * peterkovacs - Increase size of password dictionary
 * peterkovacs - Swapped in a cleaner, more efficient comparison algorithm
@@ -7,4 +20,4 @@
 
 ## v0.0.1
 
-* Initial release
+* Initial release

data/README.md

@@ -19,7 +19,7 @@ NOTE: StrongPassword requires the use of Ruby 2.0.  Upgrade if you haven't alrea
 
 Add this line to your application's Gemfile:
 
-    gem 'strong_password', '~> 0.0.6'
+    gem 'strong_password', '~> 0.0.8'
 
 And then execute:
 
@@ -82,18 +82,22 @@ StrongPassword can also be used standalone if you need to. There are a few helpe
 password is strong or not. You can also directly access the entropy calculations if you want.
 
 ```text
-2.0.0p0 :001 > checker = StrongPassword::StrengthChecker.new('password')
- => #<StrongPassword::StrengthChecker:0x007fcd7c939b48 @base_password="password">
-2.0.0p0 :002 > checker.is_strong?
- => false
-2.0.0p0 :003 > checker.is_weak?
- => true
-2.0.0p0 :004 > checker.is_strong?(min_entropy: 2)
- => true
-2.0.0p0 :005 > checker.calculate_entropy
- => 15.5
-2.0.0p0 :006 > checker.calculate_entropy(use_dictionary: true)
- => 2
+irb(main):004:0> checker = StrongPassword::StrengthChecker.new
+=> #<StrongPassword::StrengthChecker:0x00007f985509db30 @min_entropy=18, @use_dictionary=false, @min_word_length=4, @extra_dictionary_words=[]>
+irb(main):005:0> checker.is_strong?("password")
+=> false
+irb(main):006:0> checker.is_weak?("password")
+=> true
+irb(main):007:0> checker = StrongPassword::StrengthChecker.new(min_entropy: 2)
+=> #<StrongPassword::StrengthChecker:0x00007f9855147bd0 @min_entropy=2, @use_dictionary=false, @min_word_length=4, @extra_dictionary_words=[]>
+irb(main):008:0> checker.calculate_entropy("password")
+=> 15.5
+irb(main):009:0> checker.is_strong?("password")
+=> true
+irb(main):010:0> checker = StrongPassword::StrengthChecker.new(use_dictionary: true)
+=> #<StrongPassword::StrengthChecker:0x00007f98550ee008 @min_entropy=18, @use_dictionary=true, @min_word_length=4, @extra_dictionary_words=[]>
+irb(main):011:0> checker.calculate_entropy("password")
+=> 2
 ```
 
 ## Details
@@ -145,11 +149,9 @@ disallowed by the strength checker.
 
 ## Todo
 
-1. Allow the dictionary of common words to be specified by the user.  This is currently hard-coded to
-   the 500 most common passwords.  That also means it's not a true "dictionary" check...
-2. Add a common password adjuster that basically works like the existing DictionaryAdjuster but does
+1. Add a common password adjuster that basically works like the existing DictionaryAdjuster but does
    not stop at the first found word.  Stopping at the first word make sense if you have a 300,000 word
-   dictionary of the English language but not so much when you're only talking about the 500 most
+   dictionary of the English language but not so much when you're only talking about the 10,000 most
    common passwords.
 
 ## Running the tests

data/lib/active_model/validations/password_strength_validator.rb

@@ -4,8 +4,8 @@ module ActiveModel
   module Validations
     class PasswordStrengthValidator < ActiveModel::EachValidator
       def validate_each(object, attribute, value)
-        ps = ::StrongPassword::StrengthChecker.new(value.to_s)
-        unless ps.is_strong?(strength_options(options, object))
+        ps = ::StrongPassword::StrengthChecker.new(strength_options(options, object))
+        unless ps.is_strong?(value.to_s)
           object.errors.add(attribute, :'password.password_strength', options.merge(:value => value.to_s))
         end
       end

data/lib/strong_password/dictionary_adjuster.rb

@@ -967,20 +967,20 @@ module StrongPassword
         hounds honeydew hooters1 hoes howie hevnm4 hugohugo eighty epson evangeli
         eeeee1 eyphed ).sort_by(&:length).reverse
 
-    attr_reader :base_password
+    attr_reader :min_entropy, :min_word_length, :extra_dictionary_words
 
-    def initialize(password)
-      @base_password = password.downcase
+    def initialize(min_entropy: 18, min_word_length: 4, extra_dictionary_words: [])
+      @min_entropy = min_entropy
+      @min_word_length = min_word_length
+      @extra_dictionary_words = extra_dictionary_words
     end
 
-    def is_strong?(min_entropy: 18, min_word_length: 4, extra_dictionary_words: [])
-      adjusted_entropy(entropy_threshhold: min_entropy,
-                       min_word_length: min_word_length,
-                       extra_dictionary_words: extra_dictionary_words) >= min_entropy
+    def is_strong?(password)
+      adjusted_entropy(password) >= min_entropy
     end
 
-    def is_weak?(min_entropy: 18, min_word_length: 4, extra_dictionary_words: [])
-      !is_strong?(min_entropy: min_entropy, min_word_length: min_word_length, extra_dictionary_words: extra_dictionary_words)
+    def is_weak?(password)
+      !is_strong?(password)
     end
 
     # Returns the minimum entropy for the passwords dictionary adjustments.
@@ -988,13 +988,17 @@ module StrongPassword
     # processing.
     # Note that we only check for the first matching word up to the threshhold if set.
     # Subsequent matching words are not deductd.
-    def adjusted_entropy(min_word_length: 4, extra_dictionary_words: [], entropy_threshhold: -1)
-      dictionary_words = Regexp.union( ( extra_dictionary_words + COMMON_PASSWORDS ).compact.reject{ |i| i.length < min_word_length } )
+    def adjusted_entropy(password)
+      base_password = password.downcase
       min_entropy = EntropyCalculator.calculate(base_password)
       # Process the passwords, while looking for possible matching words in the dictionary.
       PasswordVariants.all_variants(base_password).inject( min_entropy ) do |min_entropy, variant|
         [ min_entropy, EntropyCalculator.calculate( variant.sub( dictionary_words, '*' ) ) ].min 
       end
     end
+
+    def dictionary_words
+      @dictionary_words ||= Regexp.union( ( extra_dictionary_words + COMMON_PASSWORDS ).compact.reject{ |i| i.length < min_word_length } )
+    end
   end
 end

data/lib/strong_password/qwerty_adjuster.rb

@@ -17,57 +17,61 @@ module StrongPassword
       "abcdefghijklmnopqrstuvwxyz"
     ]
 
-    attr_reader :base_password
+    attr_reader :min_entropy, :entropy_threshhold
 
-    def initialize(password)
-      @base_password = password.downcase
+    def initialize(min_entropy: 18, entropy_threshhold: 0)
+      @min_entropy = min_entropy
+      @entropy_threshhold = entropy_threshhold
     end
 
-    def is_strong?(min_entropy: 18)
-      adjusted_entropy(entropy_threshhold: min_entropy) >= min_entropy
+    def is_strong?(base_password)
+      adjusted_entropy(base_password) >= min_entropy
     end
 
-    def is_weak?(min_entropy: 18)
-      !is_strong?(min_entropy: min_entropy)
+    def is_weak?(base_password)
+      !is_strong?(base_password)
     end
 
     # Returns the minimum entropy for the password's qwerty locality
     # adjustments.  If a threshhold is specified we will bail
     # early to avoid unnecessary processing.
-    def adjusted_entropy(entropy_threshhold: 0)
+    def adjusted_entropy(base_password)
       revpassword = base_password.reverse
       min_entropy = [EntropyCalculator.calculate(base_password), EntropyCalculator.calculate(revpassword)].min
-      QWERTY_STRINGS.each do |qwertystr|
-        qpassword = mask_qwerty_strings(base_password, qwertystr)
-        qrevpassword = mask_qwerty_strings(revpassword, qwertystr)
-        if qpassword != base_password
-          numbits = EntropyCalculator.calculate(qpassword)
-          min_entropy = [min_entropy, numbits].min
-          return min_entropy if min_entropy < entropy_threshhold
-        end
-        if qrevpassword != revpassword
-          numbits = EntropyCalculator.calculate(qrevpassword)
-          min_entropy = [min_entropy, numbits].min
-          return min_entropy if min_entropy < entropy_threshhold
-        end
+      qpassword = mask_qwerty_strings(base_password)
+      qrevpassword = mask_qwerty_strings(revpassword)
+      if qpassword != base_password
+        numbits = EntropyCalculator.calculate(qpassword)
+        min_entropy = [min_entropy, numbits].min
+        return min_entropy if min_entropy < entropy_threshhold
+      end
+      if qrevpassword != revpassword
+        numbits = EntropyCalculator.calculate(qrevpassword)
+        min_entropy = [min_entropy, numbits].min
+        return min_entropy if min_entropy < entropy_threshhold
       end
       min_entropy
     end
 
   private
 
-    def mask_qwerty_strings(password, qwerty_string)
-      masked_password = password
-      z = 6
-      begin
+    def all_qwerty_strings
+      @all_qwerty_strings ||= Regexp.union(QWERTY_STRINGS.flat_map do |qwerty_string|
+        gen_qw_strings(qwerty_string)
+      end)
+    end
+
+    def gen_qw_strings(qwerty_string)
+      6.downto(3).flat_map do |z|
         y = qwerty_string.length - z
-        (0..y).each do |x|
-          str = qwerty_string[x, z].sub('-', '\\-')
-          masked_password = masked_password.sub(str, '*')
+        (0..y).map do |x|
+          qwerty_string[x, z].sub('-', '\\-')
         end
-        z = z - 1
-      end while z > 2
-      masked_password
+      end
+    end
+
+    def mask_qwerty_strings(password)
+      password.gsub(all_qwerty_strings, '*')
     end
   end
 end

data/lib/strong_password/strength_checker.rb

@@ -4,37 +4,55 @@ module StrongPassword
     PASSWORD_LIMIT = 1_000
     EXTRA_WORDS_LIMIT = 1_000
 
-    attr_reader :base_password
+    attr_reader :min_entropy, :use_dictionary, :min_word_length, :extra_dictionary_words
 
-    def initialize(password)
-      @base_password = password.dup[0...PASSWORD_LIMIT]
+    def initialize(min_entropy: BASE_ENTROPY, use_dictionary: false, min_word_length: 4, extra_dictionary_words: [])
+      @min_entropy = min_entropy
+      @use_dictionary = use_dictionary
+      @min_word_length = min_word_length
+      @extra_dictionary_words = extra_dictionary_words
     end
 
-    def is_weak?(min_entropy: BASE_ENTROPY, use_dictionary: false, min_word_length: 4, extra_dictionary_words: [])
-      !is_strong?(min_entropy: min_entropy,
-                  use_dictionary: use_dictionary, 
-                  min_word_length: min_word_length, 
-                  extra_dictionary_words: extra_dictionary_words)
+    def is_weak?(password)
+      !is_strong?(password)
     end
 
-    def is_strong?(min_entropy: BASE_ENTROPY, use_dictionary: false, min_word_length: 4, extra_dictionary_words: [])
+    def is_strong?(password)
+      base_password = password.dup[0...PASSWORD_LIMIT]
       weak = (EntropyCalculator.calculate(base_password) < min_entropy) ||
              (EntropyCalculator.calculate(base_password.downcase) < min_entropy) ||
-             (QwertyAdjuster.new(base_password).is_weak?(min_entropy: min_entropy))
+             (qwerty_adjuster.is_weak?(base_password))
       if !weak && use_dictionary
-        return DictionaryAdjuster.new(base_password).is_strong?(min_entropy: min_entropy,
-                    min_word_length: min_word_length, 
-                    extra_dictionary_words: extra_dictionary_words)
+        return dictionary_adjuster.is_strong?(base_password)
       else
         return !weak
       end
     end
 
-    def calculate_entropy(use_dictionary: false, min_word_length: 4, extra_dictionary_words: [])
+    def calculate_entropy(password)
+      base_password = password.dup[0...PASSWORD_LIMIT]
       extra_dictionary_words.collect! { |w| w[0...EXTRA_WORDS_LIMIT] }
-      entropies = [EntropyCalculator.calculate(base_password), EntropyCalculator.calculate(base_password.downcase), QwertyAdjuster.new(base_password).adjusted_entropy]
-      entropies << DictionaryAdjuster.new(base_password).adjusted_entropy(min_word_length: min_word_length, extra_dictionary_words: extra_dictionary_words) if use_dictionary
+      entropies = [
+        EntropyCalculator.calculate(base_password),
+        EntropyCalculator.calculate(base_password.downcase),
+        qwerty_adjuster.adjusted_entropy(base_password)
+      ]
+      entropies << dictionary_adjuster.adjusted_entropy(base_password) if use_dictionary
       entropies.min
     end
+
+    private
+
+    def qwerty_adjuster
+      @qwerty_adjuster ||= QwertyAdjuster.new(min_entropy: min_entropy)
+    end
+
+    def dictionary_adjuster
+      @dictionary_adjuster ||= DictionaryAdjuster.new(
+        min_word_length: min_word_length,
+        extra_dictionary_words: extra_dictionary_words,
+        min_entropy: min_entropy
+      )
+    end
   end
 end

data/lib/strong_password/version.rb

@@ -1,3 +1,3 @@
 module StrongPassword
-  VERSION = "0.0.6"
+  VERSION = '0.0.8'.freeze
 end

data/spec/strong_password/dictionary_adjuster_spec.rb

@@ -3,36 +3,36 @@ require 'spec_helper'
 module StrongPassword
   describe DictionaryAdjuster do
     describe '#is_strong?' do
-      let(:subject) { DictionaryAdjuster.new('password') }
+      let(:subject) { DictionaryAdjuster.new }
 
       it 'returns true if the calculated entropy is >= the minimum' do
-        subject.stub(adjusted_entropy: 18)
-        expect(subject.is_strong?).to be_truthy
+        allow(subject).to receive_messages(adjusted_entropy: 18)
+        expect(subject.is_strong?('password')).to be_truthy
       end
 
       it 'returns false if the calculated entropy is < the minimum' do
-        subject.stub(adjusted_entropy: 17)
-        expect(subject.is_strong?).to be_falsey
+        allow(subject).to receive_messages(adjusted_entropy: 17)
+        expect(subject.is_strong?('password')).to be_falsey
       end
     end
 
     describe '#is_weak?' do
-      let(:subject) { DictionaryAdjuster.new('password') }
+      let(:subject) { DictionaryAdjuster.new }
 
       it 'returns the opposite of is_strong?' do
-        subject.stub(is_strong?: true)
-        expect(subject.is_weak?).to be_falsey
+        allow(subject).to receive_messages(is_strong?: true)
+        expect(subject.is_weak?('password')).to be_falsey
       end
     end
 
     describe '#adjusted_entropy' do
-      before(:each) { NistBonusBits.stub(bonus_bits: 0)}
+      before(:each) { allow(NistBonusBits).to receive_messages(bonus_bits: 0) }
 
       it 'checks against all variants of a given password' do
         password = 'password'
-        adjuster = DictionaryAdjuster.new(password)
-        PasswordVariants.should_receive(:all_variants).with(password).and_return([])
-        adjuster.adjusted_entropy
+        adjuster = DictionaryAdjuster.new
+        expect(PasswordVariants).to receive(:all_variants).with(password).and_return([])
+        adjuster.adjusted_entropy(password)
       end
 
       {
@@ -47,21 +47,21 @@ module StrongPassword
         'asdf[]asdf' => 16 # Doesn't break with []s
       }.each do |password, bits|
         it "returns #{bits} for '#{password}'" do
-          expect(DictionaryAdjuster.new(password).adjusted_entropy).to eq(bits)
+          expect(DictionaryAdjuster.new.adjusted_entropy(password)).to eq(bits)
         end
       end
 
       it 'allows extra words to be provided as an array' do
         password = 'administratorWEQ@123'
         base_entropy = EntropyCalculator.calculate(password)
-        expect(DictionaryAdjuster.new(password).adjusted_entropy(extra_dictionary_words: ['administrator'])).not_to eq(base_entropy)
+        expect(DictionaryAdjuster.new(extra_dictionary_words: ['administrator']).adjusted_entropy(password)).not_to eq(base_entropy)
       end
 
       it 'allows minimum word length to be adjusted' do
         password = '6969'
-        base_entropy = DictionaryAdjuster.new(password).adjusted_entropy
+        base_entropy = DictionaryAdjuster.new.adjusted_entropy(password)
         # If we increase the min_word_length above the length of the password we should get a higher entropy
-        expect(DictionaryAdjuster.new(password).adjusted_entropy(min_word_length: 6)).not_to be < base_entropy
+        expect(DictionaryAdjuster.new(min_word_length: 6).adjusted_entropy(password)).not_to be < base_entropy
       end
     end
   end

data/spec/strong_password/entropy_calculator_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper'
 module StrongPassword
   describe EntropyCalculator do
     describe '.bits' do
-      before(:each) { NistBonusBits.stub(bonus_bits: 0) }
+      before(:each) { allow(NistBonusBits).to receive_messages(bonus_bits: 0) }
       {
         '' => 0,
         '*' => 4,

data/spec/strong_password/nist_bonus_bits_spec.rb

@@ -5,15 +5,15 @@ module StrongPassword
     describe '.bonus_bits' do
       it 'calculates the bonus bits the first time for a given password' do
         NistBonusBits.reset_bonus_cache!
-        NistBonusBits.should_receive(:calculate_bonus_bits_for).and_return(1)
+        expect(NistBonusBits).to receive(:calculate_bonus_bits_for).and_return(1)
         expect(NistBonusBits.bonus_bits('password')).to eq(1)
       end
 
       it 'caches the bonus bits for a password for later use' do
         NistBonusBits.reset_bonus_cache!
-        NistBonusBits.stub(calculate_bonus_bits_for: 1)
+        allow(NistBonusBits).to receive_messages(calculate_bonus_bits_for: 1)
         NistBonusBits.bonus_bits('password')
-        NistBonusBits.should_not_receive(:calculate_bonus_bits_for)
+        expect(NistBonusBits).not_to receive(:calculate_bonus_bits_for)
         expect(NistBonusBits.bonus_bits('password')).to eq(1)
       end
     end

data/spec/strong_password/password_variants_spec.rb

@@ -8,12 +8,12 @@ module StrongPassword
       end
 
       it 'includes keyboard shift variants' do
-        subject.stub(keyboard_shift_variants: ['foo', 'bar'])
+        allow(subject).to receive_messages(keyboard_shift_variants: ['foo', 'bar'])
         expect(subject.all_variants("password")).to include('foo', 'bar')
       end
 
       it 'includes leet speak variants' do
-        subject.stub(leet_speak_variants: ['foo', 'bar'])
+        allow(subject).to receive_messages(leet_speak_variants: ['foo', 'bar'])
         expect(subject.all_variants("password")).to include('foo', 'bar')
       end
 

data/spec/strong_password/qwerty_adjuster_spec.rb

@@ -3,30 +3,30 @@ require 'spec_helper'
 module StrongPassword
   describe QwertyAdjuster do
     describe '#is_strong?' do
-      let(:subject) { QwertyAdjuster.new('password') }
+      let(:subject) { QwertyAdjuster.new }
 
       it 'returns true if the calculated entropy is >= the minimum' do
-        subject.stub(adjusted_entropy: 18)
-        expect(subject.is_strong?).to be_truthy
+        allow(subject).to receive_messages(adjusted_entropy: 18)
+        expect(subject.is_strong?("password")).to be_truthy
       end
 
       it 'returns false if the calculated entropy is < the minimum' do
-        subject.stub(adjusted_entropy: 17)
-        expect(subject.is_strong?).to be_falsey
+        allow(subject).to receive_messages(adjusted_entropy: 17)
+        expect(subject.is_strong?("password")).to be_falsey
       end
     end
 
     describe '#is_weak?' do
-      let(:subject) { QwertyAdjuster.new('password') }
+      let(:subject) { QwertyAdjuster.new }
 
       it 'returns the opposite of is_strong?' do
-        subject.stub(is_strong?: true)
-        expect(subject.is_weak?).to be_falsey
+        allow(subject).to receive_messages(is_strong?: true)
+        expect(subject.is_weak?("password")).to be_falsey
       end
     end
 
     describe '#adjusted_entropy' do
-      before(:each) { NistBonusBits.stub(bonus_bits: 0)}
+      before(:each) { allow(NistBonusBits).to receive_messages(bonus_bits: 0)}
       {
         'qwertyuio' => 5.5,
         '1234567' => 6,
@@ -37,7 +37,7 @@ module StrongPassword
         'password' => 17.5 # Ensure that we don't qwerty-adjust 'password'
       }.each do |password, bits|
         it "returns #{bits} for '#{password}'" do
-          expect(QwertyAdjuster.new(password).adjusted_entropy).to eq(bits)
+          expect(QwertyAdjuster.new.adjusted_entropy(password)).to eq(bits)
         end
       end
     end

data/spec/strong_password/strength_checker_spec.rb

@@ -11,7 +11,7 @@ module StrongPassword
         'aB$1' => false
       }.each do |password, strength|
         it "is_strong? returns #{strength} for '#{password}' with 12 bits of entropy" do
-          expect(StrengthChecker.new(password).is_strong?(min_entropy: 12)).to be(strength)
+          expect(StrengthChecker.new(min_entropy: 12).is_strong?(password)).to be(strength)
         end
       end
     end
@@ -26,7 +26,7 @@ module StrongPassword
         'aB$1' => false
       }.each do |password, strength|
         it "is_strong? returns #{strength} for '#{password}' with 12 bits of entropy" do
-          expect(StrengthChecker.new(password).is_strong?(min_entropy: 12, use_dictionary: true)).to eq(strength)
+          expect(StrengthChecker.new(min_entropy: 12, use_dictionary: true).is_strong?(password)).to eq(strength)
         end
       end
     end
@@ -41,7 +41,7 @@ module StrongPassword
         'correct horse battery staple' => true
       }.each do |password, strength|
         it "is_strong? returns #{strength} for '#{password}' with standard bits of entropy" do
-          expect(StrengthChecker.new(password).is_strong?(use_dictionary: true)).to eq(strength)
+          expect(StrengthChecker.new(use_dictionary: true).is_strong?(password)).to eq(strength)
         end
       end
     end
@@ -57,28 +57,31 @@ module StrongPassword
         'c0rr#ct h0rs3 Batt$ry st@pl3 is Gr34t' => true
       }.each do |password, strength|
         it "is_strong? returns #{strength} for '#{password}' with standard bits of entropy" do
-          expect(StrengthChecker.new(password).is_strong?(min_entropy: 40, use_dictionary: true)).to eq(strength)
+          expect(StrengthChecker.new(min_entropy: 40, use_dictionary: true).is_strong?(password)).to eq(strength)
         end
       end
     end
 
     context 'with long password' do
-      let(:strength_checker) { StrengthChecker.new("ba"*500_000) }
+      let(:strength_checker) { StrengthChecker.new }
+      let(:password) { ("ba"*500_000) }
       it 'should be truncated' do
-        expect(strength_checker.instance_variable_get(:@base_password).length).to eq StrengthChecker::PASSWORD_LIMIT
+        expect(strength_checker.calculate_entropy(password)).
+          to eq(strength_checker.calculate_entropy(password.slice(0, StrengthChecker::PASSWORD_LIMIT)))
       end
     end
 
     context 'with long extra words' do
-      let(:strength_checker) { StrengthChecker.new("$tr0NgP4s$w0rd91d£") }
+      let(:strength_checker) { StrengthChecker.new(use_dictionary: true, extra_dictionary_words: ["a"*1_000_000, "b"*10_000_000, "c"*10]) }
       let(:exta_limit) { StrengthChecker::EXTRA_WORDS_LIMIT }
       it 'should be truncated' do
-        expect_any_instance_of(DictionaryAdjuster).to receive(:adjusted_entropy).with({
+        expect(DictionaryAdjuster).to receive(:new).with({
+            min_entropy: 18,
             min_word_length: 4,
             extra_dictionary_words:
             ["a"*StrengthChecker::EXTRA_WORDS_LIMIT, "b"*StrengthChecker::EXTRA_WORDS_LIMIT, "c"*10]
           }).and_call_original
-        strength_checker.calculate_entropy(use_dictionary: true, extra_dictionary_words: ["a"*1_000_000, "b"*10_000_000, "c"*10])
+        strength_checker.calculate_entropy("$tr0NgP4s$w0rd91d£")
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strong_password
 version: !ruby/object:Gem::Version
-  version: 0.0.6
+  version: 0.0.8
 platform: ruby
 authors:
 - Brian McManus
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-09 00:00:00.000000000 Z
+date: 2019-07-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler