blob: e6fcfbe6d112b4da64b424ca5f322bbd896bc3b9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
class WardenStrategySecureRemotePasswordTest < ActiveSupport::TestCase
# TODO : turn this into sth. real
=begin
setup do
@user = stub :login => "me", :id => 123
@client_hex = 'a123'
@client_rnd = @client_hex.hex
@server_hex = 'b123'
@server_rnd = @server_hex.hex
@server_rnd_exp = 'e123'.hex
@salt = 'stub user salt'
@server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp
@server_auth = 'adfe'
end
test "should perform handshake" do
@user.expects(:initialize_auth).
with(@client_rnd).
returns(@server_handshake)
@server_handshake.expects(:to_json).
returns({'B' => @server_hex, 'salt' => @salt}.to_json)
User.expects(:find).with(@user.login).returns(@user)
assert_equal @server_handshake, session[:handshake]
assert_response :success
assert_json_response :B => @server_hex, :salt => @salt
end
test "should report user not found" do
unknown = "login_that_does_not_exist"
User.expects(:find).with(unknown).raises(RECORD_NOT_FOUND)
post :create, :login => unknown
assert_response :success
assert_json_error "login" => ["unknown user"]
end
test "should authorize" do
session[:handshake] = @server_handshake
@server_handshake.expects(:authenticate!).
with(@client_rnd).
returns(@user)
@server_handshake.expects(:to_json).
returns({:M2 => @server_auth}.to_json)
post :update, :id => @user.login, :client_auth => @client_hex
assert_nil session[:handshake]
assert_json_response :M2 => @server_auth
assert_equal @user.id, session[:user_id]
end
test "should report wrong password" do
session[:handshake] = @server_handshake
@server_handshake.expects(:authenticate!).
with(@client_rnd).
raises(WRONG_PASSWORD)
post :update, :id => @user.login, :client_auth => @client_hex
assert_nil session[:handshake]
assert_nil session[:user_id]
assert_json_error "password" => ["wrong password"]
end
=end
end
|
