summaryrefslogtreecommitdiff
path: root/test/unit/token_test.rb
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-05-16 08:42:36 +0200
committerAzul <azul@leap.se>2014-05-16 08:42:36 +0200
commit8fbbb8717f0578536b97c2dc0883c632f120e976 (patch)
tree17aeb2b48ada703ac916a9a65fbf3c75a5dadb86 /test/unit/token_test.rb
parent81555ec6244ed76f92e3629880f68104b8705817 (diff)
parenta4f7a410c536d88c91c834cab6ee950c71005ddd (diff)
Merge remote-tracking branch 'origin/develop'
Conflicts: app/assets/javascripts/srp test/nagios/soledad_sync.py test/nagios/webapp_login.py
Diffstat (limited to 'test/unit/token_test.rb')
-rw-r--r--test/unit/token_test.rb89
1 files changed, 89 insertions, 0 deletions
diff --git a/test/unit/token_test.rb b/test/unit/token_test.rb
new file mode 100644
index 0000000..a3c6cf6
--- /dev/null
+++ b/test/unit/token_test.rb
@@ -0,0 +1,89 @@
+require 'test_helper'
+
+class ClientCertificateTest < ActiveSupport::TestCase
+ include StubRecordHelper
+
+ setup do
+ @user = find_record :user
+ end
+
+ test "new token for user" do
+ sample = Token.new(:user_id => @user.id)
+ assert sample.valid?
+ assert_equal @user.id, sample.user_id
+ assert_equal @user, sample.authenticate
+ end
+
+ test "token id is secure" do
+ sample = Token.new(:user_id => @user.id)
+ other = Token.new(:user_id => @user.id)
+ assert sample.id,
+ "id is set on initialization"
+ assert sample.id[0..10] != other.id[0..10],
+ "token id prefixes should not repeat"
+ assert /[g-zG-Z]/.match(sample.id),
+ "should use non hex chars in the token id"
+ assert sample.id.size > 16,
+ "token id should be more than 16 chars long"
+ end
+
+ test "token checks for user" do
+ sample = Token.new
+ assert !sample.valid?, "Token should require a user record"
+ end
+
+ test "token updates timestamps" do
+ sample = Token.new(user_id: @user.id)
+ sample.last_seen_at = 1.minute.ago
+ sample.expects(:save)
+ assert_equal @user, sample.authenticate
+ assert Time.now - sample.last_seen_at < 1.minute, "last_seen_at has not been updated"
+ end
+
+ test "token will not expire if token_expires_after is not set" do
+ sample = Token.new(user_id: @user.id)
+ sample.last_seen_at = 2.years.ago
+ with_config auth: {} do
+ sample.expects(:save)
+ assert_equal @user, sample.authenticate
+ end
+ end
+
+ test "expired token returns nil on authenticate" do
+ sample = Token.new(user_id: @user.id)
+ sample.last_seen_at = 2.hours.ago
+ with_config auth: {token_expires_after: 60} do
+ sample.expects(:destroy)
+ assert_nil sample.authenticate
+ end
+ end
+
+ test "Token.destroy_all_expired is noop if no expiry is set" do
+ expired = FactoryGirl.create :token, last_seen_at: 2.hours.ago
+ with_config auth: {} do
+ Token.destroy_all_expired
+ end
+ assert_equal expired, Token.find(expired.id)
+ end
+
+ test "Token.destroy_all_expired cleans up expired tokens only" do
+ expired = FactoryGirl.create :token, last_seen_at: 2.hours.ago
+ fresh = FactoryGirl.create :token
+ with_config auth: {token_expires_after: 60} do
+ Token.destroy_all_expired
+ end
+ assert_nil Token.find(expired.id)
+ assert_equal fresh, Token.find(fresh.id)
+ fresh.destroy
+ end
+
+
+ test "Token.destroy_all_expired does not interfere with expired.authenticate" do
+ expired = FactoryGirl.create :token, last_seen_at: 2.hours.ago
+ with_config auth: {token_expires_after: 60} do
+ Token.destroy_all_expired
+ end
+ assert_nil expired.authenticate
+ end
+
+end