Merge branch 'master' into feature-updated_json_api

3 files changed, 59 insertions, 15 deletions

diff --git a/spec/RestfulSpecRunner.html b/spec/RestfulSpecRunner.html
index 8203970..a9d708b 100644
--- a/spec/RestfulSpecRunner.html
+++ b/spec/RestfulSpecRunner.html
@@ -28,6 +28,7 @@
   <script type="text/javascript" src="specHelper.js"></script>
   <script type="text/javascript" src="restful/signup.js"></script>
   <script type="text/javascript" src="restful/login.js"></script>
+  <script type="text/javascript" src="restful/session.js"></script>
 
   <script type="text/javascript">
 
@@ -66,9 +67,6 @@
     <table>
     <tr><td>Username:</td><td><input type="text" id="srp_username" value="testuser" /></td></tr>
     <tr><td>Password:</td><td><input type="password" id="srp_password" value="password"/></td></tr>
-    <input type="hidden" id="srp_url" value=""/>
-    <input type="hidden" id="srp_forward" value="#logged_in"/>
-    <input type="hidden" id="srp_server" value="django"/>
     </table>
     <input type="submit"/>
     </form>
diff --git a/spec/restful/login.js b/spec/restful/login.js
index 0f6aa4f..9c43c00 100644
--- a/spec/restful/login.js
+++ b/spec/restful/login.js
@@ -5,7 +5,7 @@ describe("Login", function() {
     expect(typeof srp.identify).toBe('function');
   });
 
-  describe("(INTEGRATION)", function (){
+  describe("(Compatibility with py-srp)", function (){
     // these need to be the same as in the spec runner:
     var login = "testuser";
     var password = "password";
@@ -19,6 +19,7 @@ describe("Login", function() {
     var K = 'db6ec0bdab81742315861a828323ff492721bdcd114077a4124bc425e4bf328b';
     var M = '640e51d5ac5461591c31811221261f0e0eae7c08ce43c85e9556adbd94ed8c26';
     var M2 = '49e48f8ac8c4da0e8a7374f73eeedbee2266e123d23fc1be1568523fc9c24b1e';
+    var V = '6f5fb78184161f4191babaf1a700ff70e4d261054d002466d05f2ec2b45fc8807dbd7ce25dc3c882331eb8bf72a22caf2868e3438477be7ab151d3281d00aa1a9fc5cb6a725abd99e11882f77d52b56b83f95c0ba0b8fbbf4ee1fbb445c35adb5d1aaa48ba761c4a4417f6bb821fb61956c919e47740b316b960653303fe7190';
     var A_, callback;
 
 
@@ -28,42 +29,48 @@ describe("Login", function() {
       specHelper.setupFakeXHR.apply(this);
 
       A_ = this.srp.session.calculateAndSetA(a)
-      this.srp.success = sinon.spy();
     });
 
     afterEach(function() {
       this.xhr.restore();
     });
 
-    it("starts with the right A", function(){
+    it("calculates the same A", function(){
       expect(A_).toBe(A);
     });
 
-    it("calculates the right key", function(){
+    it("calculates the same verifier", function(){
+      expect(this.srp.session.getV().toString(16)).toBe(V);
+    });
+
+    it("calculates the same key", function(){
       this.srp.session.calculations(salt, B);
       expect(this.srp.session.key()).toBe(K);
     });
 
     it("works with JSON responses", function(){
-      this.srp.identify();
+      var success = sinon.spy();
+      this.srp.identify(success);
 
       this.expectRequest('sessions', 'login=' +login+ '&A=' +A, 'POST');
-      this.respondJSON({s: salt, B: B});
+      this.respondJSON({salt: salt, B: B});
       this.expectRequest('sessions/'+login, 'client_auth='+M, 'PUT');
-      this.respondJSON({M: M2});
+      this.respondJSON({M2: M2});
 
-      expect(this.srp.success).toHaveBeenCalled();
+      expect(success).toHaveBeenCalled();
     });
     
     it("rejects B = 0", function(){
-      this.srp.error = sinon.spy();
-      this.srp.identify();
+      var success = sinon.spy();
+      var error = sinon.spy();
+      this.srp.identify(success, error);
 
       this.expectRequest('sessions', 'login=' +login+ '&A=' +A, 'POST');
-      this.respondJSON({s: salt, B: 0});
+      this.respondJSON({salt: salt, B: 0});
       // aborting if B=0
       expect(this.requests).toEqual([]);
-      expect(this.srp.error).toHaveBeenCalled();
+      expect(error).toHaveBeenCalled();
+      expect(success).not.toHaveBeenCalled();
     });
   });
 
diff --git a/spec/restful/session.js b/spec/restful/session.js
new file mode 100644
index 0000000..b7f16f0
--- /dev/null
+++ b/spec/restful/session.js
@@ -0,0 +1,39 @@
+describe("Session", function() {
+
+  // data gathered from py-srp and ruby-srp
+  var compare = {
+    username: "UC6LTQ",
+    password: "PVSQ7DCEIR0B",
+    salt: "d6ed8dba",
+    v: "c86a8c04a4f71cb10bfe3fedb74bae545b9a20e0f3e95b6334fce1cb3384a296f75d774a3829ffd63f405f13f58ffbae415fd234b08b996c11e8618c17961defcebb1d244b388b75cf36882ee97182a900ebeaf7cffa0a83eed294f3a9449a06beb88954952759d2957b80ef851f4cc4fcaa6001fee4f00c273ecdd712d48371",
+    aa: "4decb8543891f5a744b1e9b5bc375a474bfe3c5417e1db176cefcc7ba915338a14f309f8e0a4c7641bc9c9b9bd2e91c4d1beda1772c30d0350c9ba44f7c5911dfe6bb593ac2a2b30f1f6e5ec8a656cb4947c1907cf62f8d7283cbe32eb44b02158b51091ae130afa6063bb28cdea9ae159d4f222571e146f8715bfa31af09868",
+    a: "d498c3d024ec17689b5320e33fc349a3f3f91320384155b3043fa410c90eab71",
+    bb: "5f5bedd1f95b6b0d6809614f162e49753acce6979e1041f4da5bfa91e1dadd2a5470270ed102a49c5f74fd42f2b61a8a1a43218159a22b31a7cbd4670679480e56d0e4e72a22c07e07102ff063045d0c3c96085dec1cc2959453e0299890bd95af76403cec6ec5f212667a75ae6f4a8327183d72c3ee85792ca43820fbccf244",
+    m: "bc30b8781e67a657e93d0a6cf7e7847fc60f79e2b0641e9c26b3522bc8f974cc"
+  }
+
+  var session;
+
+  beforeEach(function() {
+    var srp = new SRP(jqueryRest());
+    session = new srp.Session(compare.username, compare.password);
+  });
+
+  it("has the proper username", function() {
+    expect(session.getI()).toBe(compare.username);
+  });
+
+  it("calculates the proper verifier", function() {
+    expect(session.getV(compare.salt).toString(16)).toBe(compare.v);
+  });
+
+  it("calculates the proper A", function() {
+    expect(session.calculateAndSetA(compare.a)).toBe(compare.aa);
+  });
+
+  it("calculates the proper M", function() {
+    session.calculateAndSetA(compare.a);
+    session.calculations(compare.salt, compare.bb);
+    expect(session.getM()).toBe(compare.m);
+  });
+});