From 6caf581e26c989ec5e2154aa60d6526ff956e381 Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Sun, 14 Oct 2012 15:30:51 +0200
Subject: got SRP v6a test setup and basic rest flow to work

* still need to fix the algo for auth
* Also need to get the http verbs right
---
 spec/restful/login.js | 37 ++++++++++++++++++-------------------
 spec/specHelper.js    |  1 +
 src/jqueryRest.js     | 16 ++++++----------
 3 files changed, 25 insertions(+), 29 deletions(-)

diff --git a/spec/restful/login.js b/spec/restful/login.js
index 729f902..8da6cfd 100644
--- a/spec/restful/login.js
+++ b/spec/restful/login.js
@@ -6,21 +6,27 @@ describe("Login", function() {
   });
 
   describe("(INTEGRATION)", function (){
+    // these need to be the same as in the spec runner:
+    var login = "testuser";
+    var password = "password";
     // a valid auth attempt for the user / password given in the spec runner:
-    var a = 'af141ae6';
-    var B = '887005895b1f5528b4e4dfdce914f73e763b96d3c901d2f41d8b8cd26255a75';
-    var salt = '5d3055e0acd3ddcfc15';
-    var M = 'be6d7db2186d5f6a2c55788479b6eaf75229a7ca0d9e7dc1f886f1970a0e8065'
-    var M2 = '2547cf26318519090f506ab73a68995a2626b1c948e6f603ef9e1b0b78bf0f7b';
-    var A, callback;
+    var a = 'a5cccf937ea1bf72df5cf8099442552f5664da6780a75436d5a59bc77a8a9993';
+    var A = 'e67d222244564ccd2e37471f226b999a4e987f3d494c7d80e0d36169efd6c6c6d857a96924c25fc165e5e9b0212a31c30701ec376dc32e36be00bbcd6d2104789d368af984e26fc094374f90ee5746478f14cec45c7e131a3cbce15fe79e98894213dac4e63c3f73f644fe25aa8707bc58859dfd1b36972e4e34169db2622899';
+    // just for the sake of having a complete set of test vars:
+    var b = '6aa5c88d1877af9907ccefad31083e1102a7121dc04706f681f66c8680fb7f05'; 
+    var B = 'd56a80aaafdf9f70598b5d1184f122f326a333fafd37ab76d6f7fba4a9c4ee59545be056335150bd64f04880bc8e76949469379fe9de17cf6f36f3ee11713d05f63050486bc73c545163169999ff01b55c0ca4e90d8856a6e3d3a6ffc70b70d993a5308a37a5c2399874344e083e72b3c9afa083d312dfe9096ea9a65023f135';
+    var salt = '628365a0';
+    var M = '640e51d5ac5461591c31811221261f0e0eae7c08ce43c85e9556adbd94ed8c26';
+    var M2 = '49e48f8ac8c4da0e8a7374f73eeedbee2266e123d23fc1be1568523fc9c24b1e';
+    var A_, callback;
 
 
     beforeEach(function() {
       this.srp = new SRP(jqueryRest());
-      A = this.srp.calculateAndSetA(a);
 
       specHelper.setupFakeXHR.apply(this);
 
+      A_ = this.srp.session.calculateAndSetA(a)
       this.srp.success = sinon.spy();
     });
 
@@ -28,23 +34,16 @@ describe("Login", function() {
       this.xhr.restore();
     });
 
-    it("works with XML responses", function(){
-      this.srp.identify();
-      
-      this.expectRequest('handshake/', 'I=user&A='+A);
-      this.respondXML("<r s='"+salt+"' B='"+B+"' />");
-      this.expectRequest('authenticate/', 'M='+M);
-      this.respondXML("<M>"+M2+"</M>");
-      
-      expect(this.srp.success).toHaveBeenCalled();
+    it("starts with the right A", function(){
+      expect(A_).toBe(A);
     });
 
     it("works with JSON responses", function(){
       this.srp.identify();
 
-      this.expectRequest('handshake/', 'I=user&A='+A);
+      this.expectRequest('sessions', 'login=' +login+ '&A=' +A, 'POST');
       this.respondJSON({s: salt, B: B});
-      this.expectRequest('authenticate/', 'M='+M);
+      this.expectRequest('sessions/'+login, 'client_auth='+M);
       this.respondJSON({M: M2});
 
       expect(this.srp.success).toHaveBeenCalled();
@@ -54,7 +53,7 @@ describe("Login", function() {
       this.srp.error_message = sinon.spy();
       this.srp.identify();
 
-      this.expectRequest('handshake/', 'I=user&A='+A);
+      this.expectRequest('sessions', 'login=' +login+ '&A=' +A, 'POST');
       this.respondJSON({s: salt, B: 0});
       // aborting if B=0
       expect(this.requests).toEqual([]);
diff --git a/spec/specHelper.js b/spec/specHelper.js
index 5db81ad..893f8a4 100644
--- a/spec/specHelper.js
+++ b/spec/specHelper.js
@@ -12,6 +12,7 @@ var specHelper = (function() {
     this.respondXML = respondXML;
   }
 
+  // TODO: validate http verb
   function expectRequest(url, content) {
     expect(this.requests.length).toBe(1);
     expect(this.requests[0].url).toBe(url);
diff --git a/src/jqueryRest.js b/src/jqueryRest.js
index a618e87..64c8080 100644
--- a/src/jqueryRest.js
+++ b/src/jqueryRest.js
@@ -68,16 +68,13 @@ jqueryRest = function() {
     }, callback);
   }
 
-  function handshake(I, Astr, callback) {
-    ajaxRequest("handshake/", "I="+I+"&A="+Astr, callback);
+  function handshake(session, callback) {
+    ajaxRequest("sessions", { login: session.getI(),
+      A: session.getAstr()}, callback);
   }
 
-  function authenticate(M, callback) {
-    ajaxRequest("authenticate/", "M="+M, callback);
-  }
-
-  function upgrade(M, callback) {
-    ajaxRequest("upgrade/authenticate/", "M="+M, callback);
+  function authenticate(session, callback) {
+    ajaxRequest("sessions/" + session.getI(), {client_auth: session.getM()}, callback);
   }
 
   return {
@@ -85,7 +82,6 @@ jqueryRest = function() {
     register: register,
     register_send_verifier: sendVerifier,
     handshake: handshake,
-    authenticate: authenticate,
-    upgrade: upgrade
+    authenticate: authenticate
   };
 };
-- 
cgit v1.2.3