github/rails
1
1
Fork 0
mirror of https://github.com/github/rails.git synced 2026-04-26 03:00:59 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
c69d8c043f8d0a587708fb2247b585ca93df822d
rails/actionpack/test/controller/http_digest_authentication_test.rb
Joshua Peek 45dee3842d HTTP Digest authentication [#1230 state:resolved]
2008-12-28 15:13:16 -06:00

74 lines
2.3 KiB
Ruby
Raw Blame History

require 'abstract_unit'
class HttpDigestAuthenticationTest < Test::Unit::TestCase
include ActionController::HttpAuthentication::Digest
class DummyController
attr_accessor :headers, :renders, :request, :response
def initialize
@headers, @renders = {}, []
@request = ActionController::TestRequest.new
@response = ActionController::TestResponse.new
request.session.session_id = "test_session"
end
def render(options)
self.renderers << options
end
end
def setup
@controller = DummyController.new
@credentials = {
:username => "dhh",
:realm => "testrealm@host.com",
:nonce => ActionController::HttpAuthentication::Digest.nonce(@controller.request),
:qop => "auth",
:nc => "00000001",
:cnonce => "0a4f113b",
:opaque => ActionController::HttpAuthentication::Digest.opaque(@controller.request),
:uri => "http://test.host/"
}
@encoded_credentials = ActionController::HttpAuthentication::Digest.encode_credentials("GET", @credentials, "secret")
end
def test_decode_credentials
set_headers
assert_equal @credentials, decode_credentials(@controller.request)
end
def test_nonce_format
assert_nothing_thrown do
validate_nonce(@controller.request, nonce(@controller.request))
end
end
def test_authenticate_should_raise_for_nil_password
set_headers ActionController::HttpAuthentication::Digest.encode_credentials(:get, @credentials, nil)
assert_raise ActionController::HttpAuthentication::Error do
authenticate(@controller, @credentials[:realm]) { |user| user == "dhh" && "secret" }
end
end
def test_authenticate_should_raise_for_incorrect_password
set_headers
assert_raise ActionController::HttpAuthentication::Error do
authenticate(@controller, @credentials[:realm]) { |user| user == "dhh" && "bad password" }
end
end
def test_authenticate_should_not_raise_for_correct_password
set_headers
assert_nothing_thrown do
authenticate(@controller, @credentials[:realm]) { |user| user == "dhh" && "secret" }
end
end
private
def set_headers(value = @encoded_credentials, name = 'HTTP_AUTHORIZATION', method = "GET")
@controller.request.env[name] = value
@controller.request.env["REQUEST_METHOD"] = method
end
end
Reference in New Issue View Git Blame Copy Permalink