From 233001749cd00e147f93c17c17e49e5f6094721e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?=
 <rafaelmfranca@gmail.com>
Date: Tue, 19 Nov 2013 22:26:52 -0200
Subject: Add application verifier

It is an application global verifier that can be used to generate and
verify signed messages.

See the documentation of ActiveSupport::MessageVerifier for more
information.
---
 railties/test/application/configuration_test.rb | 41 +++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

(limited to 'railties/test')

diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index 03a735b1c1..e532190252 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -268,6 +268,47 @@ module ApplicationTests
       assert_equal 'some_value', verifier.verify(last_response.body)
     end
 
+    test "application verifier can be used in the entire application" do
+      make_basic_app do |app|
+        app.config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+        app.config.session_store :disabled
+      end
+
+      class ::OmgController < ActionController::Base
+        def index
+          render text: Rails.application.verifier.generate("some_value")
+        end
+      end
+
+      get "/"
+
+      assert_equal 'some_value', Rails.application.verifier.verify(last_response.body)
+
+      secret = app.key_generator.generate_key('application verifier')
+      verifier = ActiveSupport::MessageVerifier.new(secret)
+      assert_equal 'some_value', verifier.verify(last_response.body)
+    end
+
+    test "application verifier use the configure salt" do
+      make_basic_app do |app|
+        app.config.secret_key_base = 'b3c631c314c0bbca50c1b2843150fe33'
+        app.config.session_store :disabled
+        app.config.message_verifier_salt = 'another salt'
+      end
+
+      class ::OmgController < ActionController::Base
+        def index
+          render text: Rails.application.verifier.generate("some_value")
+        end
+      end
+
+      get "/"
+
+      secret = app.key_generator.generate_key('another salt')
+      verifier = ActiveSupport::MessageVerifier.new(secret)
+      assert_equal 'some_value', verifier.verify(last_response.body)
+    end
+
     test "protect from forgery is the default in a new app" do
       make_basic_app
 
-- 
cgit v1.2.3