diff options
Diffstat (limited to 'users/test')
-rw-r--r-- | users/test/functional/v1/sessions_controller_test.rb | 30 | ||||
-rw-r--r-- | users/test/unit/token_test.rb | 37 |
2 files changed, 56 insertions, 11 deletions
diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb index 1226c9d..0c4e325 100644 --- a/users/test/functional/v1/sessions_controller_test.rb +++ b/users/test/functional/v1/sessions_controller_test.rb @@ -11,6 +11,22 @@ class V1::SessionsControllerTest < ActionController::TestCase @client_hex = 'a123' end + test "renders json" do + get :new, :format => :json + assert_response :success + assert_json_error nil + end + + test "renders warden errors" do + request.env['warden.options'] = {attempted_path: 'path/to/controller'} + strategy = stub :message => {:field => :translate_me} + request.env['warden'].stubs(:winning_strategy).returns(strategy) + I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub") + get :new, :format => :json + assert_response 422 + assert_json_error :field => "translation stub" + end + # Warden takes care of parsing the params and # rendering the response. So not much to test here. test "should perform handshake" do @@ -20,18 +36,9 @@ class V1::SessionsControllerTest < ActionController::TestCase post :create, :login => @user.login, 'A' => @client_hex end - test "should send salt" do - User.expects(:find_by_login).with(@user.login).returns(@user) - - post :create, :login => @user.login - - assert_equal @user, assigns(:user) - assert_json_response salt: @user.salt - end - test "should authorize" do request.env['warden'].expects(:authenticate!) - @controller.expects(:current_user).returns(@user) + @controller.stubs(:current_user).returns(@user) handshake = stub(:to_hash => {h: "ash"}) session[:handshake] = handshake @@ -39,7 +46,8 @@ class V1::SessionsControllerTest < ActionController::TestCase assert_nil session[:handshake] assert_response :success - assert_json_response handshake.to_hash.merge(id: @user.id) + assert json_response.keys.include?("id") + assert json_response.keys.include?("token") end test "logout should reset warden user" do diff --git a/users/test/unit/token_test.rb b/users/test/unit/token_test.rb new file mode 100644 index 0000000..bff6b71 --- /dev/null +++ b/users/test/unit/token_test.rb @@ -0,0 +1,37 @@ +require 'test_helper' + +class ClientCertificateTest < ActiveSupport::TestCase + + setup do + @user = FactoryGirl.create(:user) + end + + teardown do + @user.destroy + end + + test "new token for user" do + sample = Token.new(:user_id => @user.id) + assert sample.valid? + assert_equal @user.id, sample.user_id + end + + test "token id is secure" do + sample = Token.new(:user_id => @user.id) + other = Token.new(:user_id => @user.id) + assert sample.id, + "id is set on initialization" + assert sample.id[0..10] != other.id[0..10], + "token id prefixes should not repeat" + assert /[g-zG-Z]/.match(sample.id), + "should use non hex chars in the token id" + assert sample.id.size > 16, + "token id should be more than 16 chars long" + end + + test "token checks for user" do + sample = Token.new + assert !sample.valid?, "Token should require a user record" + end + +end |