3 files changed, 316 insertions, 0 deletions

diff --git a/test/integration/couch_db/source_test.rb b/test/integration/couch_db/source_test.rb
new file mode 100644
index 0000000..21e3642
--- /dev/null
+++ b/test/integration/couch_db/source_test.rb
@@ -0,0 +1,19 @@
+require 'test_helper'
+require 'file_content'
+require 'helpers/test_adapter'
+require 'nickserver/couch_db/source'
+
+module Nickserver::CouchDB
+  class SourceTest < Minitest::Test
+  include FileContent
+
+    def test_couch_query_and_response
+      adapter = TestAdapter.new 200, file_content(:blue_couchdb_result)
+      source = Source.new adapter
+      source.query 'blue@example.org' do |response|
+        assert_equal 200, response.status
+        assert_equal file_content(:blue_nickserver_result), response.content
+      end
+    end
+  end
+end
diff --git a/test/integration/hkp_test.rb b/test/integration/hkp_test.rb
new file mode 100644
index 0000000..a824a3f
--- /dev/null
+++ b/test/integration/hkp_test.rb
@@ -0,0 +1,142 @@
+require 'test_helper'
+require 'nickserver/hkp/source'
+require 'nickserver/adapters/em_http'
+
+class HkpTest < Minitest::Test
+
+  def test_key_info_expired
+    fetch_key_info(:hkp_vindex_result, 'lemur@leap.se') do |keys|
+      assert_equal 1, keys.length, 'should find a single key'
+      assert_equal ['lemur@example.org', 'lemur@leap.se'].sort, keys.first.uids.sort, 'should find both uids'
+      assert_equal '0EE5BE979282D80B9F7540F1CCD2ED94D21739E9', keys.first.keyid
+    end
+  end
+
+  def test_key_info_multiple_valid_results
+    fetch_key_info :hkp_vindex_result, 'gazelle@leap.se' do |keys|
+      assert_equal 2, keys.length, 'should find two keys'
+      assert_equal ['gazelle@leap.se'], keys.first.uids
+      assert_equal '3790027A', keys.first.keyid
+      assert keys.last.uids.include? 'gazelle@leap.se'
+    end
+  end
+
+  def test_key_info_reject_keysize
+    fetch_key_info :hkp_vindex_result, 'frog@leap.se' do |keys|
+      assert_equal 1, keys.length, 'should find one key' # because short key gets ignored
+      assert_equal '00440025', keys.first.keyid
+    end
+  end
+
+  def test_key_info_not_found
+    uid = 'leaping_lemur@leap.se'
+    stub_sks_vindex_reponse(uid, status: 404)
+    assert_response_status_for_uid uid, 404
+  end
+
+  def test_no_matching_key_found
+    uid = 'leaping_lemur@leap.se'
+    stub_sks_vindex_reponse(uid, status: 200)
+    assert_response_status_for_uid uid, 404
+  end
+
+  def test_fetch_key
+    uid    = 'cloudadmin@leap.se'
+    key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
+    stub_sks_vindex_reponse(uid, body: file_content(:leap_vindex_result))
+    stub_sks_get_reponse(key_id, body: file_content(:leap_public_key))
+
+    assert_response_for_uid(uid) do |response|
+      content = JSON.parse response.content
+      assert_equal file_content(:leap_public_key), content['openpgp']
+    end
+  end
+
+  def test_fetch_key_not_found
+    uid    = 'cloudadmin@leap.se'
+    key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
+
+    stub_sks_vindex_reponse(uid, body: file_content(:leap_vindex_result))
+    stub_sks_get_reponse(key_id, status: 404)
+
+    assert_response_status_for_uid uid, 404
+  end
+
+  def test_fetch_key_too_short
+    uid    = 'chiiph@leap.se'
+
+    stub_sks_vindex_reponse(uid, body: file_content(:short_key_vindex_result))
+    assert_response_status_for_uid uid, 500
+  end
+
+  #
+  # real network tests
+  # remember: must be run with REAL_NET=true
+  #
+
+  def test_key_info_real_network
+    real_network do
+      uid = 'elijah@riseup.net'
+      assert_key_info_for_uid uid do |keys|
+        assert_equal 1, keys.size
+        assert keys.first.keyid =~ /00440025$/
+      end
+    end
+  end
+
+  def test_tls_validation_with_real_network
+    hkp_url = 'https://keys.mayfirst.org/pks/lookup'
+    ca_file = file_path('mayfirst-ca.pem')
+
+    real_network do
+      stub_config(:hkp_url, hkp_url) do
+        stub_config(:hkp_ca_file, ca_file) do
+        #stub_config(:hkp_ca_file, file_path('autistici-ca.pem')) do
+          assert File.exist?(Nickserver::Config.hkp_ca_file)
+          uid = 'elijah@riseup.net'
+          assert_key_info_for_uid uid do |keys|
+            assert_equal 1, keys.size
+            assert keys.first.keyid =~ /00440025$/
+          end
+        end
+      end
+    end
+  end
+
+  protected
+
+  def assert_response_status_for_uid(uid, status)
+    assert_response_for_uid(uid) do |response|
+      assert_equal status, response.status
+    end
+  end
+
+  def assert_response_for_uid(uid, &block)
+    EM.run do
+      Nickserver::Hkp::Source.new(adapter).query uid do |response|
+        yield response
+        EM.stop
+      end
+    end
+  end
+
+  def assert_key_info_for_uid(uid, &block)
+    EM.run do
+      Nickserver::Hkp::Source.new(adapter).search uid do |status, keys|
+        assert_equal 200, status
+        yield keys
+        EM.stop
+      end
+    end
+  end
+
+  def adapter
+    Nickserver::Adapters::EmHttp.new
+  end
+
+  def fetch_key_info(body_source, uid, &block)
+    stub_sks_vindex_reponse(uid, body: file_content(body_source))
+    assert_key_info_for_uid(uid, &block)
+  end
+
+end
diff --git a/test/integration/nickserver_test.rb b/test/integration/nickserver_test.rb
new file mode 100644
index 0000000..b4ff4da
--- /dev/null
+++ b/test/integration/nickserver_test.rb
@@ -0,0 +1,155 @@
+require 'test_helper'
+require 'json'
+
+#
+# Some important notes to understanding these tests:
+#
+# (1) Requests to localhost always bypass HTTP stub.
+#
+# (2) All requests to nickserver are to localhost.
+#
+# (3) the "Host" header for requests to nickserver must be set (or Config.domain set)
+#
+# (4) When stubbing requests to couchdb, the couchdb host is changed from the
+# default (localhost) to a dummy value (notlocalhost).
+#
+
+class NickserverTest < Minitest::Test
+
+  def test_GET_served_via_SKS
+    uid    = 'cloudadmin@leap.se'
+    key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
+    stub_sks_vindex_reponse(uid, body: file_content(:leap_vindex_result))
+    stub_sks_get_reponse(key_id, body: file_content(:leap_public_key))
+
+    start do
+      params = {query: {"address" => uid}}
+      get(params) do |http|
+        assert_equal file_content(:leap_public_key), JSON.parse(http.response)["openpgp"]
+        stop
+      end
+    end
+  end
+
+  def test_POST_served_via_SKS
+    uid    = 'cloudadmin@leap.se'
+    key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
+    stub_sks_vindex_reponse(uid, body: file_content(:leap_vindex_result))
+    stub_sks_get_reponse(key_id, body: file_content(:leap_public_key))
+
+    start do
+      params = {body: {"address" => uid}}
+      post(params) do |http|
+        assert_equal file_content(:leap_public_key), JSON.parse(http.response)["openpgp"]
+        stop
+      end
+    end
+  end
+
+  def test_GET_served_via_couch_not_found
+    domain = "example.org"
+    uid    = "bananas@" + domain
+    stub_couch_response(uid, status: 404) do
+      start do
+        params = {query: {"address" => uid}, head: {host: domain}}
+        get(params) do |http|
+          assert_equal 404, http.response_header.status
+          stop
+        end
+      end
+    end
+  end
+
+  def test_GET_served_via_couch_empty_results
+    domain = "example.org"
+    uid    = "stompy@" + domain
+    stub_couch_response(uid, body: file_content(:empty_couchdb_result)) do
+      start do
+        params = {query: {"address" => uid}, head: {host: domain}}
+        get(params) do |http|
+          assert_equal 404, http.response_header.status
+          stop
+        end
+      end
+    end
+  end
+
+  def test_GET_served_via_couch_success
+    domain = "example.org"
+    uid    = "blue@" + domain
+    stub_couch_response(uid, body: file_content(:blue_couchdb_result)) do
+      start do
+        params = {query: {"address" => uid}, head: {host: domain}}
+        get(params) do |http|
+          assert_equal file_content(:blue_nickserver_result), http.response
+          stop
+        end
+      end
+    end
+  end
+
+  def test_GET_empty
+    start do
+      get({}) do |http|
+        assert_equal "404 Not Found\n", http.response
+        stop
+      end
+    end
+  end
+
+  protected
+
+  #
+  # start nickserver
+  #
+  def start(timeout = 1)
+    Timeout::timeout(timeout) do
+      EM.run do
+        Nickserver::Server.start
+        EM.epoll
+        yield
+      end
+    end
+  rescue Timeout::Error
+    flunk 'EventMachine was not stopped before the timeout expired'
+  end
+
+  #
+  # http GET requests to nickserver
+  #
+  def get(params, &block)
+    request(:get, params, &block)
+  end
+
+  #
+  # http POST requests to nickserver
+  #
+  def post(params, &block)
+    request(:post, params, &block)
+  end
+
+  #
+  # http request to nickserver
+  #
+  # this works because http requests to localhost are not stubbed, but requests to other domains are.
+  #
+  def request(method, params)
+    EventMachine::HttpRequest.new("http://localhost:#{Nickserver::Config.port}/").send(method,params).callback {|http|
+      # p http.response_header.status
+      # p http.response_header
+      # p http.response
+      yield http
+    }.errback {|http|
+      flunk(http.error) if http.error
+      EM.stop
+    }
+  end
+
+  #
+  # stop nickserver
+  #
+  def stop
+    EM.stop
+  end
+
+end