Add application verifier

It is an application global verifier that can be used to generate and verify signed messages. See the documentation of ActiveSupport::MessageVerifier for more information.
author: Rafael Mendonça França <rafaelmfranca@gmail.com> 2013-11-19 22:26:52 -0200
committer: Rafael Mendonça França <rafaelmfranca@gmail.com> 2013-12-04 22:55:47 -0200
commit: 233001749cd00e147f93c17c17e49e5f6094721e (patch)
tree: 887eaa813f3f35b63c10acf62b7cae8d89d576c8 /railties/test/application
parent: c9223dc366f17b61d0cffeff14a7e670ece9d0d4 (diff)
download: rails-233001749cd00e147f93c17c17e49e5f6094721e.tar.gz
rails-233001749cd00e147f93c17c17e49e5f6094721e.tar.bz2
rails-233001749cd00e147f93c17c17e49e5f6094721e.zip
1 files changed, 41 insertions, 0 deletions
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index 03a735b1c1..e532190252 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -268,6 +268,47 @@ module ApplicationTests
       assert_equal 'some_value', verifier.verify(last_response.body)
     end
 
+    test "application verifier can be used in the entire application" do
+      make_basic_app do |app|
+        app.config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+        app.config.session_store :disabled
+      end
+
+      class ::OmgController < ActionController::Base
+        def index
+          render text: Rails.application.verifier.generate("some_value")
+        end
+      end
+
+      get "/"
+
+      assert_equal 'some_value', Rails.application.verifier.verify(last_response.body)
+
+      secret = app.key_generator.generate_key('application verifier')
+      verifier = ActiveSupport::MessageVerifier.new(secret)
+      assert_equal 'some_value', verifier.verify(last_response.body)
+    end
+
+    test "application verifier use the configure salt" do
+      make_basic_app do |app|
+        app.config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+        app.config.session_store :disabled
+        app.config.message_verifier_salt = 'another salt'
+      end
+
+      class ::OmgController < ActionController::Base
+        def index
+          render text: Rails.application.verifier.generate("some_value")
+        end
+      end
+
+      get "/"
+
+      secret = app.key_generator.generate_key('another salt')
+      verifier = ActiveSupport::MessageVerifier.new(secret)
+      assert_equal 'some_value', verifier.verify(last_response.body)
+    end
+
     test "protect from forgery is the default in a new app" do
       make_basic_app
author	Rafael Mendonça França <rafaelmfranca@gmail.com>	2013-11-19 22:26:52 -0200
committer	Rafael Mendonça França <rafaelmfranca@gmail.com>	2013-12-04 22:55:47 -0200
commit	233001749cd00e147f93c17c17e49e5f6094721e (patch)
tree	887eaa813f3f35b63c10acf62b7cae8d89d576c8 /railties/test/application
parent	c9223dc366f17b61d0cffeff14a7e670ece9d0d4 (diff)
download	rails-233001749cd00e147f93c17c17e49e5f6094721e.tar.gz rails-233001749cd00e147f93c17c17e49e5f6094721e.tar.bz2 rails-233001749cd00e147f93c17c17e49e5f6094721e.zip