diff options
author | Azul <azul@leap.se> | 2014-06-09 11:00:28 +0200 |
---|---|---|
committer | Azul <azul@leap.se> | 2014-06-09 11:00:28 +0200 |
commit | 728d6d3985126c2890638bb2ee24020fa0e36a80 (patch) | |
tree | 1fcbb560b0103123d49fb953e86fdb960ee5dd13 /test/integration/api | |
parent | b9174fdc9d9bd403d9a16650bafc4715e3dbf2d4 (diff) | |
parent | 9fa52ed80d71ec56ed5acf18dfd63bd03b201cc5 (diff) |
Merge tag '0.5.2'
Diffstat (limited to 'test/integration/api')
-rw-r--r-- | test/integration/api/cert_test.rb | 30 | ||||
-rw-r--r-- | test/integration/api/smtp_cert_test.rb | 52 | ||||
-rw-r--r-- | test/integration/api/token_test.rb | 15 |
3 files changed, 97 insertions, 0 deletions
diff --git a/test/integration/api/cert_test.rb b/test/integration/api/cert_test.rb new file mode 100644 index 0000000..74d439a --- /dev/null +++ b/test/integration/api/cert_test.rb @@ -0,0 +1,30 @@ +require 'test_helper' + +class CertTest < ApiIntegrationTest + + test "retrieve eip cert" do + login + get '/1/cert', {}, RACK_ENV + assert_text_response + assert_response_includes "BEGIN RSA PRIVATE KEY" + assert_response_includes "END RSA PRIVATE KEY" + assert_response_includes "BEGIN CERTIFICATE" + assert_response_includes "END CERTIFICATE" + end + + test "fetching certs requires login by default" do + get '/1/cert', {}, RACK_ENV + assert_json_response error: I18n.t(:not_authorized) + end + + test "retrieve anonymous eip cert" do + with_config allow_anonymous_certs: true do + get '/1/cert', {}, RACK_ENV + assert_text_response + assert_response_includes "BEGIN RSA PRIVATE KEY" + assert_response_includes "END RSA PRIVATE KEY" + assert_response_includes "BEGIN CERTIFICATE" + assert_response_includes "END CERTIFICATE" + end + end +end diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb new file mode 100644 index 0000000..f72362d --- /dev/null +++ b/test/integration/api/smtp_cert_test.rb @@ -0,0 +1,52 @@ +require 'test_helper' +require 'openssl' + +class SmtpCertTest < ApiIntegrationTest + + test "retrieve smtp cert" do + @user = FactoryGirl.create :user, effective_service_level_code: 2 + login + post '/1/smtp_cert', {}, RACK_ENV + assert_text_response + assert_response_includes "BEGIN RSA PRIVATE KEY" + assert_response_includes "END RSA PRIVATE KEY" + assert_response_includes "BEGIN CERTIFICATE" + assert_response_includes "END CERTIFICATE" + end + + test "cert and key" do + @user = FactoryGirl.create :user, effective_service_level_code: 2 + login + post '/1/smtp_cert', {}, RACK_ENV + assert_text_response + cert = OpenSSL::X509::Certificate.new(get_response.body) + key = OpenSSL::PKey::RSA.new(get_response.body) + assert cert.check_private_key(key) + prefix = "/CN=#{@user.email_address}" + assert_equal prefix, cert.subject.to_s.slice(0,prefix.size) + end + + test "fingerprint is stored with identity" do + @user = FactoryGirl.create :user, effective_service_level_code: 2 + login + post '/1/smtp_cert', {}, RACK_ENV + assert_text_response + cert = OpenSSL::X509::Certificate.new(get_response.body) + fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':') + today = DateTime.now.to_date.to_s + assert_equal({fingerprint => today}, @user.reload.identity.cert_fingerprints) + end + + test "fetching smtp certs requires email account" do + login + post '/1/smtp_cert', {}, RACK_ENV + assert_json_response error: I18n.t(:not_authorized) + end + + test "no anonymous smtp certs" do + with_config allow_anonymous_certs: true do + post '/1/smtp_cert', {}, RACK_ENV + assert_json_response error: I18n.t(:not_authorized) + end + end +end diff --git a/test/integration/api/token_test.rb b/test/integration/api/token_test.rb new file mode 100644 index 0000000..ad3ac22 --- /dev/null +++ b/test/integration/api/token_test.rb @@ -0,0 +1,15 @@ +require 'test_helper' +require_relative 'srp_test' + +class TokenTest < SrpTest + + setup do + register_user + end + + test "stores token SHA512 encoded" do + authenticate + token = server_auth['token'] + assert Token.find(Digest::SHA512.hexdigest(token)) + end +end |