Merge pull request #8112 from rails/encrypted_cookies

Encrypted cookies
author: Santiago Pastorino <santiago@wyeworks.com> 2012-11-15 12:17:25 -0800
committer: Santiago Pastorino <santiago@wyeworks.com> 2012-11-15 12:17:25 -0800
commit: ef8b845de7e06077131297a398cb7f4e81d6bb08 (patch)
tree: b1e54d87132a561f1a5ad4b61a2eea28de4b26dc /actionpack/test/controller
parent: cf3eb6dab0e89ea6b64b9bdb24d4df3e8006da7b (diff)
parent: d63783983f8c03d5c624938081615579dcc753f7 (diff)
download: rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.tar.gz
rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.tar.bz2
rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.zip
2 files changed, 8 insertions, 4 deletions
diff --git a/actionpack/test/controller/flash_test.rb b/actionpack/test/controller/flash_test.rb
index 8340aab4d2..d8c78db8c0 100644
--- a/actionpack/test/controller/flash_test.rb
+++ b/actionpack/test/controller/flash_test.rb
@@ -1,4 +1,6 @@
 require 'abstract_unit'
+# FIXME remove DummyKeyGenerator and this require in 4.1
+require 'active_support/key_generator'
 
 class FlashTest < ActionController::TestCase
   class TestController < ActionController::Base
@@ -217,7 +219,7 @@ end
 
 class FlashIntegrationTest < ActionDispatch::IntegrationTest
   SessionKey = '_myapp_session'
-  SessionSecret = 'b3c631c314c0bbca50c1b2843150fe33'
+  Generator  =  ActiveSupport::DummyKeyGenerator.new('b3c631c314c0bbca50c1b2843150fe33')
 
   class TestController < ActionController::Base
     add_flash_types :bar
@@ -291,7 +293,7 @@ class FlashIntegrationTest < ActionDispatch::IntegrationTest
 
     # Overwrite get to send SessionSecret in env hash
     def get(path, parameters = nil, env = {})
-      env["action_dispatch.secret_token"] ||= SessionSecret
+      env["action_dispatch.key_generator"] ||= Generator
       super
     end
 
diff --git a/actionpack/test/controller/http_digest_authentication_test.rb b/actionpack/test/controller/http_digest_authentication_test.rb
index b11ad633bd..c4a94264c3 100644
--- a/actionpack/test/controller/http_digest_authentication_test.rb
+++ b/actionpack/test/controller/http_digest_authentication_test.rb
@@ -1,4 +1,6 @@
 require 'abstract_unit'
+# FIXME remove DummyKeyGenerator and this require in 4.1
+require 'active_support/key_generator'
 
 class HttpDigestAuthenticationTest < ActionController::TestCase
   class DummyDigestController < ActionController::Base
@@ -40,8 +42,8 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
 
   setup do
     # Used as secret in generating nonce to prevent tampering of timestamp
-    @secret = "session_options_secret"
-    @request.env["action_dispatch.secret_token"] = @secret
+    @secret = "4fb45da9e4ab4ddeb7580d6a35503d99"
+    @request.env["action_dispatch.key_generator"] = ActiveSupport::DummyKeyGenerator.new(@secret)
   end
 
   teardown do
author	Santiago Pastorino <santiago@wyeworks.com>	2012-11-15 12:17:25 -0800
committer	Santiago Pastorino <santiago@wyeworks.com>	2012-11-15 12:17:25 -0800
commit	ef8b845de7e06077131297a398cb7f4e81d6bb08 (patch)
tree	b1e54d87132a561f1a5ad4b61a2eea28de4b26dc /actionpack/test/controller
parent	cf3eb6dab0e89ea6b64b9bdb24d4df3e8006da7b (diff)
parent	d63783983f8c03d5c624938081615579dcc753f7 (diff)
download	rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.tar.gz rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.tar.bz2 rails-ef8b845de7e06077131297a398cb7f4e81d6bb08.zip