summaryrefslogtreecommitdiff
path: root/test/integration/api/smtp_cert_test.rb
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-05-15 11:17:47 +0200
committerAzul <azul@leap.se>2014-05-19 14:24:47 +0200
commit71dcf3f4e5d423b78b47f675297fc98b28ef3442 (patch)
tree7415f1f5825abf2d21b2232ccd1ff820f1f513d2 /test/integration/api/smtp_cert_test.rb
parent5dd6c1529f8f4fc5089c71b0a44e360acaea900d (diff)
SmtpCertsController, routes and tests
Diffstat (limited to 'test/integration/api/smtp_cert_test.rb')
-rw-r--r--test/integration/api/smtp_cert_test.rb51
1 files changed, 51 insertions, 0 deletions
diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb
new file mode 100644
index 0000000..a579d93
--- /dev/null
+++ b/test/integration/api/smtp_cert_test.rb
@@ -0,0 +1,51 @@
+require 'test_helper'
+require 'openssl'
+
+class SmtpCertTest < ApiIntegrationTest
+
+ test "retrieve smtp cert" do
+ @user = FactoryGirl.create :user, effective_service_level_code: 2
+ login
+ get '/1/smtp_cert', {}, RACK_ENV
+ assert_text_response
+ assert_response_includes "BEGIN RSA PRIVATE KEY"
+ assert_response_includes "END RSA PRIVATE KEY"
+ assert_response_includes "BEGIN CERTIFICATE"
+ assert_response_includes "END CERTIFICATE"
+ end
+
+ test "key matches the cert" do
+ @user = FactoryGirl.create :user, effective_service_level_code: 2
+ login
+ get '/1/smtp_cert', {}, RACK_ENV
+ assert_text_response
+ cert = OpenSSL::X509::Certificate.new(get_response.body)
+ key = OpenSSL::PKey::RSA.new(get_response.body)
+ assert cert.check_private_key(key)
+ end
+
+ # we'll store the fingerprint later.
+ test "fingerprint matches" do
+ @user = FactoryGirl.create :user, effective_service_level_code: 2
+ login
+ get '/1/smtp_cert', {}, RACK_ENV
+ assert_text_response
+ cert = OpenSSL::X509::Certificate.new(get_response.body)
+ fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':')
+ skip "we're not storing the fingerprints yet"
+ assert_equal fingerprint, @user.identity.cert_fingerprints.last
+ end
+
+ test "fetching smtp certs requires email account" do
+ login
+ get '/1/smtp_cert', {}, RACK_ENV
+ assert_json_response error: I18n.t(:not_authorized)
+ end
+
+ test "no anonymous smtp certs" do
+ with_config allow_anonymous_certs: true do
+ get '/1/smtp_cert', {}, RACK_ENV
+ assert_json_response error: I18n.t(:not_authorized)
+ end
+ end
+end