Sign cookies using key deriver

author: Santiago Pastorino <santiago@wyeworks.com> 2012-10-31 01:06:46 -0200
committer: Santiago Pastorino <santiago@wyeworks.com> 2012-11-03 14:57:53 -0200
commit: 60609bb50d5b99d78a01a945a539cccd061cd7e7 (patch)
tree: 22bffef099ab1f5ef1eb7b1ac4a97c7f2b6c49ee /actionpack/test
parent: fa0aebf320995a598c5bffda729aed4429681f3a (diff)
download: rails-60609bb50d5b99d78a01a945a539cccd061cd7e7.tar.gz
rails-60609bb50d5b99d78a01a945a539cccd061cd7e7.tar.bz2
rails-60609bb50d5b99d78a01a945a539cccd061cd7e7.zip
3 files changed, 16 insertions, 9 deletions
diff --git a/actionpack/test/controller/flash_test.rb b/actionpack/test/controller/flash_test.rb
index 8340aab4d2..d8c78db8c0 100644
--- a/actionpack/test/controller/flash_test.rb
+++ b/actionpack/test/controller/flash_test.rb
@@ -1,4 +1,6 @@
 require 'abstract_unit'
+# FIXME remove DummyKeyGenerator and this require in 4.1
+require 'active_support/key_generator'
 
 class FlashTest < ActionController::TestCase
   class TestController < ActionController::Base
@@ -217,7 +219,7 @@ end
 
 class FlashIntegrationTest < ActionDispatch::IntegrationTest
   SessionKey = '_myapp_session'
-  SessionSecret = 'b3c631c314c0bbca50c1b2843150fe33'
+  Generator  =  ActiveSupport::DummyKeyGenerator.new('b3c631c314c0bbca50c1b2843150fe33')
 
   class TestController < ActionController::Base
     add_flash_types :bar
@@ -291,7 +293,7 @@ class FlashIntegrationTest < ActionDispatch::IntegrationTest
 
     # Overwrite get to send SessionSecret in env hash
     def get(path, parameters = nil, env = {})
-      env["action_dispatch.secret_token"] ||= SessionSecret
+      env["action_dispatch.key_generator"] ||= Generator
       super
     end
 
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb
index 347b3b3b5a..fc0db8b91d 100644
--- a/actionpack/test/dispatch/cookies_test.rb
+++ b/actionpack/test/dispatch/cookies_test.rb
@@ -1,4 +1,6 @@
 require 'abstract_unit'
+# FIXME remove DummyKeyGenerator and this require in 4.1
+require 'active_support/key_generator'
 
 class CookiesTest < ActionController::TestCase
   class TestController < ActionController::Base
@@ -146,7 +148,7 @@ class CookiesTest < ActionController::TestCase
 
   def setup
     super
-    @request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
+    @request.env["action_dispatch.key_generator"] = ActiveSupport::DummyKeyGenerator.new("b3c631c314c0bbca50c1b2843150fe33")
     @request.host = "www.nextangle.com"
   end
 
@@ -329,29 +331,29 @@ class CookiesTest < ActionController::TestCase
 
   def test_raises_argument_error_if_missing_secret
     assert_raise(ArgumentError, nil.inspect) {
-      @request.env["action_dispatch.secret_token"] = nil
+      @request.env["action_dispatch.key_generator"] = ActiveSupport::DummyKeyGenerator.new(nil)
       get :set_signed_cookie
     }
 
     assert_raise(ArgumentError, ''.inspect) {
-      @request.env["action_dispatch.secret_token"] = ""
+      @request.env["action_dispatch.key_generator"] = ActiveSupport::DummyKeyGenerator.new("")
       get :set_signed_cookie
     }
   end
 
   def test_raises_argument_error_if_secret_is_probably_insecure
     assert_raise(ArgumentError, "password".inspect) {
-      @request.env["action_dispatch.secret_token"] = "password"
+      @request.env["action_dispatch.key_generator"] = ActiveSupport::DummyKeyGenerator.new("password")
       get :set_signed_cookie
     }
 
     assert_raise(ArgumentError, "secret".inspect) {
-      @request.env["action_dispatch.secret_token"] = "secret"
+      @request.env["action_dispatch.key_generator"] = ActiveSupport::DummyKeyGenerator.new("secret")
       get :set_signed_cookie
     }
 
     assert_raise(ArgumentError, "12345678901234567890123456789".inspect) {
-      @request.env["action_dispatch.secret_token"] = "12345678901234567890123456789"
+      @request.env["action_dispatch.key_generator"] = ActiveSupport::DummyKeyGenerator.new("12345678901234567890123456789")
       get :set_signed_cookie
     }
   end
diff --git a/actionpack/test/dispatch/session/cookie_store_test.rb b/actionpack/test/dispatch/session/cookie_store_test.rb
index 41fa036a92..1677dee524 100644
--- a/actionpack/test/dispatch/session/cookie_store_test.rb
+++ b/actionpack/test/dispatch/session/cookie_store_test.rb
@@ -1,9 +1,12 @@
 require 'abstract_unit'
 require 'stringio'
+# FIXME remove DummyKeyGenerator and this require in 4.1
+require 'active_support/key_generator'
 
 class CookieStoreTest < ActionDispatch::IntegrationTest
   SessionKey = '_myapp_session'
   SessionSecret = 'b3c631c314c0bbca50c1b2843150fe33'
+  Generator = ActiveSupport::DummyKeyGenerator.new(SessionSecret)
 
   Verifier = ActiveSupport::MessageVerifier.new(SessionSecret, :digest => 'SHA1')
   SignedBar = Verifier.generate(:foo => "bar", :session_id => SecureRandom.hex(16))
@@ -330,7 +333,7 @@ class CookieStoreTest < ActionDispatch::IntegrationTest
 
     # Overwrite get to send SessionSecret in env hash
     def get(path, parameters = nil, env = {})
-      env["action_dispatch.secret_token"] ||= SessionSecret
+      env["action_dispatch.key_generator"] ||= Generator
       super
     end
author	Santiago Pastorino <santiago@wyeworks.com>	2012-10-31 01:06:46 -0200
committer	Santiago Pastorino <santiago@wyeworks.com>	2012-11-03 14:57:53 -0200
commit	60609bb50d5b99d78a01a945a539cccd061cd7e7 (patch)
tree	22bffef099ab1f5ef1eb7b1ac4a97c7f2b6c49ee /actionpack/test
parent	fa0aebf320995a598c5bffda729aed4429681f3a (diff)
download	rails-60609bb50d5b99d78a01a945a539cccd061cd7e7.tar.gz rails-60609bb50d5b99d78a01a945a539cccd061cd7e7.tar.bz2 rails-60609bb50d5b99d78a01a945a539cccd061cd7e7.zip