summaryrefslogtreecommitdiff
path: root/test/integration/api
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-06-09 11:00:28 +0200
committerAzul <azul@leap.se>2014-06-09 11:00:28 +0200
commit728d6d3985126c2890638bb2ee24020fa0e36a80 (patch)
tree1fcbb560b0103123d49fb953e86fdb960ee5dd13 /test/integration/api
parentb9174fdc9d9bd403d9a16650bafc4715e3dbf2d4 (diff)
parent9fa52ed80d71ec56ed5acf18dfd63bd03b201cc5 (diff)
Merge tag '0.5.2'
Diffstat (limited to 'test/integration/api')
-rw-r--r--test/integration/api/cert_test.rb30
-rw-r--r--test/integration/api/smtp_cert_test.rb52
-rw-r--r--test/integration/api/token_test.rb15
3 files changed, 97 insertions, 0 deletions
diff --git a/test/integration/api/cert_test.rb b/test/integration/api/cert_test.rb
new file mode 100644
index 0000000..74d439a
--- /dev/null
+++ b/test/integration/api/cert_test.rb
@@ -0,0 +1,30 @@
+require 'test_helper'
+
+class CertTest < ApiIntegrationTest
+
+ test "retrieve eip cert" do
+ login
+ get '/1/cert', {}, RACK_ENV
+ assert_text_response
+ assert_response_includes "BEGIN RSA PRIVATE KEY"
+ assert_response_includes "END RSA PRIVATE KEY"
+ assert_response_includes "BEGIN CERTIFICATE"
+ assert_response_includes "END CERTIFICATE"
+ end
+
+ test "fetching certs requires login by default" do
+ get '/1/cert', {}, RACK_ENV
+ assert_json_response error: I18n.t(:not_authorized)
+ end
+
+ test "retrieve anonymous eip cert" do
+ with_config allow_anonymous_certs: true do
+ get '/1/cert', {}, RACK_ENV
+ assert_text_response
+ assert_response_includes "BEGIN RSA PRIVATE KEY"
+ assert_response_includes "END RSA PRIVATE KEY"
+ assert_response_includes "BEGIN CERTIFICATE"
+ assert_response_includes "END CERTIFICATE"
+ end
+ end
+end
diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb
new file mode 100644
index 0000000..f72362d
--- /dev/null
+++ b/test/integration/api/smtp_cert_test.rb
@@ -0,0 +1,52 @@
+require 'test_helper'
+require 'openssl'
+
+class SmtpCertTest < ApiIntegrationTest
+
+ test "retrieve smtp cert" do
+ @user = FactoryGirl.create :user, effective_service_level_code: 2
+ login
+ post '/1/smtp_cert', {}, RACK_ENV
+ assert_text_response
+ assert_response_includes "BEGIN RSA PRIVATE KEY"
+ assert_response_includes "END RSA PRIVATE KEY"
+ assert_response_includes "BEGIN CERTIFICATE"
+ assert_response_includes "END CERTIFICATE"
+ end
+
+ test "cert and key" do
+ @user = FactoryGirl.create :user, effective_service_level_code: 2
+ login
+ post '/1/smtp_cert', {}, RACK_ENV
+ assert_text_response
+ cert = OpenSSL::X509::Certificate.new(get_response.body)
+ key = OpenSSL::PKey::RSA.new(get_response.body)
+ assert cert.check_private_key(key)
+ prefix = "/CN=#{@user.email_address}"
+ assert_equal prefix, cert.subject.to_s.slice(0,prefix.size)
+ end
+
+ test "fingerprint is stored with identity" do
+ @user = FactoryGirl.create :user, effective_service_level_code: 2
+ login
+ post '/1/smtp_cert', {}, RACK_ENV
+ assert_text_response
+ cert = OpenSSL::X509::Certificate.new(get_response.body)
+ fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':')
+ today = DateTime.now.to_date.to_s
+ assert_equal({fingerprint => today}, @user.reload.identity.cert_fingerprints)
+ end
+
+ test "fetching smtp certs requires email account" do
+ login
+ post '/1/smtp_cert', {}, RACK_ENV
+ assert_json_response error: I18n.t(:not_authorized)
+ end
+
+ test "no anonymous smtp certs" do
+ with_config allow_anonymous_certs: true do
+ post '/1/smtp_cert', {}, RACK_ENV
+ assert_json_response error: I18n.t(:not_authorized)
+ end
+ end
+end
diff --git a/test/integration/api/token_test.rb b/test/integration/api/token_test.rb
new file mode 100644
index 0000000..ad3ac22
--- /dev/null
+++ b/test/integration/api/token_test.rb
@@ -0,0 +1,15 @@
+require 'test_helper'
+require_relative 'srp_test'
+
+class TokenTest < SrpTest
+
+ setup do
+ register_user
+ end
+
+ test "stores token SHA512 encoded" do
+ authenticate
+ token = server_auth['token']
+ assert Token.find(Digest::SHA512.hexdigest(token))
+ end
+end