summaryrefslogtreecommitdiff
path: root/users/test/unit
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2012-11-12 10:48:40 -0800
committerjessib <jessib@riseup.net>2012-11-12 10:48:40 -0800
commit347c1d73c855cfad8c37e8a0bd98a60831151812 (patch)
tree104c89712d9a1f7d7eefd49187a2f6bbc70a33ce /users/test/unit
parent67cb22d50193a58e4697549d9ce8a22e790a7a0d (diff)
parentfe8b49232d31681667badaaeff7aa4d0a40445ea (diff)
Merge branch 'develop' into help_develop
Conflicts: help/test/functional/tickets_controller_test.rb users/test/functional/application_controller_test.rb users/test/support/auth_test_helper.rb
Diffstat (limited to 'users/test/unit')
-rw-r--r--users/test/unit/warden_strategy_secure_remote_password_test.rb63
1 files changed, 63 insertions, 0 deletions
diff --git a/users/test/unit/warden_strategy_secure_remote_password_test.rb b/users/test/unit/warden_strategy_secure_remote_password_test.rb
new file mode 100644
index 0000000..79480f0
--- /dev/null
+++ b/users/test/unit/warden_strategy_secure_remote_password_test.rb
@@ -0,0 +1,63 @@
+class WardenStrategySecureRemotePasswordTest < ActiveSupport::TestCase
+
+# TODO : turn this into sth. real
+=begin
+ setup do
+ @user = stub :login => "me", :id => 123
+ @client_hex = 'a123'
+ @client_rnd = @client_hex.hex
+ @server_hex = 'b123'
+ @server_rnd = @server_hex.hex
+ @server_rnd_exp = 'e123'.hex
+ @salt = 'stub user salt'
+ @server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp
+ @server_auth = 'adfe'
+ end
+
+
+ test "should perform handshake" do
+ @user.expects(:initialize_auth).
+ with(@client_rnd).
+ returns(@server_handshake)
+ @server_handshake.expects(:to_json).
+ returns({'B' => @server_hex, 'salt' => @salt}.to_json)
+ User.expects(:find_by_param).with(@user.login).returns(@user)
+ assert_equal @server_handshake, session[:handshake]
+ assert_response :success
+ assert_json_response :B => @server_hex, :salt => @salt
+ end
+
+ test "should report user not found" do
+ unknown = "login_that_does_not_exist"
+ User.expects(:find_by_param).with(unknown).raises(RECORD_NOT_FOUND)
+ post :create, :login => unknown
+ assert_response :success
+ assert_json_response :errors => {"login" => ["unknown user"]}
+ end
+
+ test "should authorize" do
+ session[:handshake] = @server_handshake
+ @server_handshake.expects(:authenticate!).
+ with(@client_rnd).
+ returns(@user)
+ @server_handshake.expects(:to_json).
+ returns({:M2 => @server_auth}.to_json)
+ post :update, :id => @user.login, :client_auth => @client_hex
+ assert_nil session[:handshake]
+ assert_json_response :M2 => @server_auth
+ assert_equal @user.id, session[:user_id]
+ end
+
+ test "should report wrong password" do
+ session[:handshake] = @server_handshake
+ @server_handshake.expects(:authenticate!).
+ with(@client_rnd).
+ raises(WRONG_PASSWORD)
+ post :update, :id => @user.login, :client_auth => @client_hex
+ assert_nil session[:handshake]
+ assert_nil session[:user_id]
+ assert_json_response :errors => {"password" => ["wrong password"]}
+ end
+
+=end
+end