diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2009-01-01 18:13:14 +0100 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2009-01-01 18:13:14 +0100 |
| commit | f1e20ce9a781eb73e421678fc8149eba77ddc6f6 (patch) | |
| tree | c88842ff5196f2fe0bd02af6d544f9dc87647789 /actionpack/test/controller/http_digest_authentication_test.rb | |
| parent | 49a055dff639164435dfb71bf18d695970eedac9 (diff) | |
| parent | a5004573d8d132fe079242fc082ab4661b0976e9 (diff) | |
| download | rails-f1e20ce9a781eb73e421678fc8149eba77ddc6f6.tar.gz rails-f1e20ce9a781eb73e421678fc8149eba77ddc6f6.tar.bz2 rails-f1e20ce9a781eb73e421678fc8149eba77ddc6f6.zip | |
Merge branch 'master' of git@github.com:rails/rails
Diffstat (limited to 'actionpack/test/controller/http_digest_authentication_test.rb')
| -rw-r--r-- | actionpack/test/controller/http_digest_authentication_test.rb | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/actionpack/test/controller/http_digest_authentication_test.rb b/actionpack/test/controller/http_digest_authentication_test.rb new file mode 100644 index 0000000000..d5c8636a9e --- /dev/null +++ b/actionpack/test/controller/http_digest_authentication_test.rb @@ -0,0 +1,73 @@ +require 'abstract_unit' + +class HttpDigestAuthenticationTest < Test::Unit::TestCase + include ActionController::HttpAuthentication::Digest + + class DummyController + attr_accessor :headers, :renders, :request, :response + + def initialize + @headers, @renders = {}, [] + @request = ActionController::TestRequest.new + @response = ActionController::TestResponse.new + request.session.session_id = "test_session" + end + + def render(options) + self.renderers << options + end + end + + def setup + @controller = DummyController.new + @credentials = { + :username => "dhh", + :realm => "testrealm@host.com", + :nonce => ActionController::HttpAuthentication::Digest.nonce(@controller.request), + :qop => "auth", + :nc => "00000001", + :cnonce => "0a4f113b", + :opaque => ActionController::HttpAuthentication::Digest.opaque(@controller.request), + :uri => "http://test.host/" + } + @encoded_credentials = ActionController::HttpAuthentication::Digest.encode_credentials("GET", @credentials, "secret") + end + + def test_decode_credentials + set_headers + assert_equal @credentials, decode_credentials(@controller.request) + end + + def test_nonce_format + assert_nothing_thrown do + validate_nonce(@controller.request, nonce(@controller.request)) + end + end + + def test_authenticate_should_raise_for_nil_password + set_headers ActionController::HttpAuthentication::Digest.encode_credentials(:get, @credentials, nil) + assert_raise ActionController::HttpAuthentication::Error do + authenticate(@controller, @credentials[:realm]) { |user| user == "dhh" && "secret" } + end + end + + def test_authenticate_should_raise_for_incorrect_password + set_headers + assert_raise ActionController::HttpAuthentication::Error do + authenticate(@controller, @credentials[:realm]) { |user| user == "dhh" && "bad password" } + end + end + + def test_authenticate_should_not_raise_for_correct_password + set_headers + assert_nothing_thrown do + authenticate(@controller, @credentials[:realm]) { |user| user == "dhh" && "secret" } + end + end + + private + def set_headers(value = @encoded_credentials, name = 'HTTP_AUTHORIZATION', method = "GET") + @controller.request.env[name] = value + @controller.request.env["REQUEST_METHOD"] = method + end +end |