vendor/rails/activeresource/test/authorization_test.rb

   1 require 'abstract_unit'
   2
   3 class AuthorizationTest < Test::Unit::TestCase
   4   Response = Struct.new(:code)
   5
   6   def setup
   7     @conn = ActiveResource::Connection.new('http://localhost')
   8     @matz  = { :id => 1, :name => 'Matz' }.to_xml(:root => 'person')
   9     @david = { :id => 2, :name => 'David' }.to_xml(:root => 'person')
  10     @authenticated_conn = ActiveResource::Connection.new("http://david:test123@localhost")
  11     @authorization_request_header = { 'Authorization' => 'Basic ZGF2aWQ6dGVzdDEyMw==' }
  12
  13     ActiveResource::HttpMock.respond_to do |mock|
  14       mock.get    "/people/2.xml",           @authorization_request_header, @david
  15       mock.put    "/people/2.xml",           @authorization_request_header, nil, 204
  16       mock.delete "/people/2.xml",           @authorization_request_header, nil, 200
  17       mock.post   "/people/2/addresses.xml", @authorization_request_header, nil, 201, 'Location' => '/people/1/addresses/5'
  18     end
  19   end
  20
  21   def test_authorization_header
  22     authorization_header = @authenticated_conn.__send__(:authorization_header)
  23     assert_equal @authorization_request_header['Authorization'], authorization_header['Authorization']
  24     authorization = authorization_header["Authorization"].to_s.split
  25
  26     assert_equal "Basic", authorization[0]
  27     assert_equal ["david", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  28   end
  29
  30   def test_authorization_header_with_username_but_no_password
  31     @conn = ActiveResource::Connection.new("http://david:@localhost")
  32     authorization_header = @conn.__send__(:authorization_header)
  33     authorization = authorization_header["Authorization"].to_s.split
  34
  35     assert_equal "Basic", authorization[0]
  36     assert_equal ["david"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  37   end
  38
  39   def test_authorization_header_with_password_but_no_username
  40     @conn = ActiveResource::Connection.new("http://:test123@localhost")
  41     authorization_header = @conn.__send__(:authorization_header)
  42     authorization = authorization_header["Authorization"].to_s.split
  43
  44     assert_equal "Basic", authorization[0]
  45     assert_equal ["", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  46   end
  47
  48   def test_authorization_header_with_decoded_credentials_from_url
  49     @conn = ActiveResource::Connection.new("http://my%40email.com:%31%32%33@localhost")
  50     authorization_header = @conn.__send__(:authorization_header)
  51     authorization = authorization_header["Authorization"].to_s.split
  52
  53     assert_equal "Basic", authorization[0]
  54     assert_equal ["my@email.com", "123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  55   end
  56
  57   def test_authorization_header_explicitly_setting_username_and_password
  58     @authenticated_conn = ActiveResource::Connection.new("http://@localhost")
  59     @authenticated_conn.user = 'david'
  60     @authenticated_conn.password = 'test123'
  61     authorization_header = @authenticated_conn.__send__(:authorization_header)
  62     assert_equal @authorization_request_header['Authorization'], authorization_header['Authorization']
  63     authorization = authorization_header["Authorization"].to_s.split
  64
  65     assert_equal "Basic", authorization[0]
  66     assert_equal ["david", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  67   end
  68
  69   def test_authorization_header_explicitly_setting_username_but_no_password
  70     @conn = ActiveResource::Connection.new("http://@localhost")
  71     @conn.user = "david"
  72     authorization_header = @conn.__send__(:authorization_header)
  73     authorization = authorization_header["Authorization"].to_s.split
  74
  75     assert_equal "Basic", authorization[0]
  76     assert_equal ["david"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  77   end
  78
  79   def test_authorization_header_explicitly_setting_password_but_no_username
  80     @conn = ActiveResource::Connection.new("http://@localhost")
  81     @conn.password = "test123"
  82     authorization_header = @conn.__send__(:authorization_header)
  83     authorization = authorization_header["Authorization"].to_s.split
  84
  85     assert_equal "Basic", authorization[0]
  86     assert_equal ["", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
  87   end
  88
  89   def test_get
  90     david = @authenticated_conn.get("/people/2.xml")
  91     assert_equal "David", david["name"]
  92   end
  93
  94   def test_post
  95     response = @authenticated_conn.post("/people/2/addresses.xml")
  96     assert_equal "/people/1/addresses/5", response["Location"]
  97   end
  98
  99   def test_put
 100     response = @authenticated_conn.put("/people/2.xml")
 101     assert_equal 204, response.code
 102   end
 103
 104   def test_delete
 105     response = @authenticated_conn.delete("/people/2.xml")
 106     assert_equal 200, response.code
 107   end
 108
 109   def test_raises_invalid_request_on_unauthorized_requests
 110     assert_raises(ActiveResource::InvalidRequestError) { @conn.post("/people/2.xml") }
 111     assert_raises(ActiveResource::InvalidRequestError) { @conn.post("/people/2/addresses.xml") }
 112     assert_raises(ActiveResource::InvalidRequestError) { @conn.put("/people/2.xml") }
 113     assert_raises(ActiveResource::InvalidRequestError) { @conn.delete("/people/2.xml") }
 114   end
 115
 116   protected
 117     def assert_response_raises(klass, code)
 118       assert_raise(klass, "Expected response code #{code} to raise #{klass}") do
 119         @conn.__send__(:handle_response, Response.new(code))
 120       end
 121     end
 122 end