Tests for the HybridSerializer

author: Rafael Mendonça França <rafaelmfranca@gmail.com> 2014-02-08 01:23:06 -0200
committer: Godfrey Chan <godfreykfc@gmail.com> 2014-02-11 01:54:17 -0800
commit: d4b7aa735a0044da6b751cb72ce5d4fd979476d6 (patch)
tree: a4501b302c62700b38ecee33896a530fc3871d96
parent: 25f68ac6a25b5b2ee2b30832ec052e5649d4f10c (diff)
download: rails-d4b7aa735a0044da6b751cb72ce5d4fd979476d6.tar.gz
rails-d4b7aa735a0044da6b751cb72ce5d4fd979476d6.tar.bz2
rails-d4b7aa735a0044da6b751cb72ce5d4fd979476d6.zip
1 files changed, 68 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb
index 6162cea6b7..985abeb215 100644
--- a/actionpack/test/dispatch/cookies_test.rb
+++ b/actionpack/test/dispatch/cookies_test.rb
@@ -399,6 +399,38 @@ class CookiesTest < ActionController::TestCase
     assert_equal '45 was dumped and loaded', cookies.signed[:user_id]
   end
 
+  def test_signed_cookie_using_hybrid_serializer_can_read_from_marshal_dumped_value
+    @request.env["action_dispatch.cookies_serializer"] = :hybrid
+
+    key_generator = @request.env["action_dispatch.key_generator"]
+    signed_cookie_salt = @request.env["action_dispatch.signed_cookie_salt"]
+    secret = key_generator.generate_key(signed_cookie_salt)
+    legacy_value = ActiveSupport::MessageVerifier.new(secret, serializer: Marshal).generate(45)
+    @request.headers["Cookie"] = "user_id=#{legacy_value}"
+
+    get :get_signed_cookie
+
+    cookies = @controller.send :cookies
+    assert_not_equal 45, cookies[:user_id]
+    assert_equal 45, cookies.signed[:user_id]
+  end
+
+  def test_signed_cookie_using_hybrid_serializer_can_read_from_json_dumped_value
+    @request.env["action_dispatch.cookies_serializer"] = :hybrid
+
+    key_generator = @request.env["action_dispatch.key_generator"]
+    signed_cookie_salt = @request.env["action_dispatch.signed_cookie_salt"]
+    secret = key_generator.generate_key(signed_cookie_salt)
+    legacy_value = ActiveSupport::MessageVerifier.new(secret, serializer: JSON).generate(45)
+    @request.headers["Cookie"] = "user_id=#{legacy_value}"
+
+    get :get_signed_cookie
+
+    cookies = @controller.send :cookies
+    assert_not_equal 45, cookies[:user_id]
+    assert_equal 45, cookies.signed[:user_id]
+  end
+
   def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature
     get :set_signed_cookie
     assert_nil @controller.send(:cookies).signed[:non_existant_attribute]
@@ -443,6 +475,42 @@ class CookiesTest < ActionController::TestCase
     assert_equal 'bar was dumped and loaded', cookies.encrypted[:foo]
   end
 
+  def test_encrypted_cookie_using_hybrid_serializer_can_read_from_marshal_dumped_value
+    @request.env["action_dispatch.cookies_serializer"] = :hybrid
+
+    key_generator = @request.env["action_dispatch.key_generator"]
+    encrypted_cookie_salt = @request.env["action_dispatch.encrypted_cookie_salt"]
+    encrypted_signed_cookie_salt = @request.env["action_dispatch.encrypted_signed_cookie_salt"]
+    secret = key_generator.generate_key(encrypted_cookie_salt)
+    sign_secret = key_generator.generate_key(encrypted_signed_cookie_salt)
+    legacy_value = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: Marshal).encrypt_and_sign(45)
+    @request.headers["Cookie"] = "user_id=#{legacy_value}"
+
+    get :get_encrypted_cookie
+
+    cookies = @controller.send :cookies
+    assert_not_equal 45, cookies[:user_id]
+    assert_equal 45, cookies.encrypted[:user_id]
+  end
+
+  def test_encrypted_cookie_using_hybrid_serializer_can_read_from_marshal_json_value
+    @request.env["action_dispatch.cookies_serializer"] = :hybrid
+
+    key_generator = @request.env["action_dispatch.key_generator"]
+    encrypted_cookie_salt = @request.env["action_dispatch.encrypted_cookie_salt"]
+    encrypted_signed_cookie_salt = @request.env["action_dispatch.encrypted_signed_cookie_salt"]
+    secret = key_generator.generate_key(encrypted_cookie_salt)
+    sign_secret = key_generator.generate_key(encrypted_signed_cookie_salt)
+    legacy_value = ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: JSON).encrypt_and_sign(45)
+    @request.headers["Cookie"] = "user_id=#{legacy_value}"
+
+    get :get_encrypted_cookie
+
+    cookies = @controller.send :cookies
+    assert_not_equal 45, cookies[:user_id]
+    assert_equal 45, cookies.encrypted[:user_id]
+  end
+
   def test_accessing_nonexistant_encrypted_cookie_should_not_raise_invalid_message
     get :set_encrypted_cookie
     assert_nil @controller.send(:cookies).encrypted[:non_existant_attribute]
author	Rafael Mendonça França <rafaelmfranca@gmail.com>	2014-02-08 01:23:06 -0200
committer	Godfrey Chan <godfreykfc@gmail.com>	2014-02-11 01:54:17 -0800
commit	d4b7aa735a0044da6b751cb72ce5d4fd979476d6 (patch)
tree	a4501b302c62700b38ecee33896a530fc3871d96
parent	25f68ac6a25b5b2ee2b30832ec052e5649d4f10c (diff)
download	rails-d4b7aa735a0044da6b751cb72ce5d4fd979476d6.tar.gz rails-d4b7aa735a0044da6b751cb72ce5d4fd979476d6.tar.bz2 rails-d4b7aa735a0044da6b751cb72ce5d4fd979476d6.zip