summaryrefslogtreecommitdiff
path: root/spec/mixlib/authentication/mixlib_authentication_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/mixlib/authentication/mixlib_authentication_spec.rb')
-rw-r--r--spec/mixlib/authentication/mixlib_authentication_spec.rb42
1 files changed, 38 insertions, 4 deletions
diff --git a/spec/mixlib/authentication/mixlib_authentication_spec.rb b/spec/mixlib/authentication/mixlib_authentication_spec.rb
index f371e54..4b16e93 100644
--- a/spec/mixlib/authentication/mixlib_authentication_spec.rb
+++ b/spec/mixlib/authentication/mixlib_authentication_spec.rb
@@ -64,6 +64,7 @@ class MockFile
end
# Uncomment this to get some more info from the methods we're testing.
+#Mixlib::Authentication::Log.logger = Logger.new(STDERR)
#Mixlib::Authentication::Log.level :debug
describe "Mixlib::Authentication::SignedHeaderAuth" do
@@ -152,8 +153,8 @@ describe "Mixlib::Authentication::SignatureVerification" do
mock_request = MockRequest.new(PATH, request_params, PASSENGER_HEADERS, "")
Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ)
- service = Mixlib::Authentication::SignatureVerification.new
- res = service.authenticate_user_request(mock_request, @user_private_key)
+ auth_req = Mixlib::Authentication::SignatureVerification.new
+ res = auth_req.authenticate_user_request(mock_request, @user_private_key)
res.should_not be_nil
end
@@ -164,9 +165,42 @@ describe "Mixlib::Authentication::SignatureVerification" do
mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, headers, BODY)
Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ)
- service = Mixlib::Authentication::SignatureVerification.new
- res = service.authenticate_user_request(mock_request, @user_private_key)
+ auth_req = Mixlib::Authentication::SignatureVerification.new
+ res = auth_req.authenticate_user_request(mock_request, @user_private_key)
+ res.should be_nil
+
+ auth_req.should_not be_a_valid_request
+ auth_req.should be_a_valid_timestamp
+ auth_req.should be_a_valid_signature
+ auth_req.should_not be_a_valid_content_hash
+ end
+
+ it "shouldn't authenticate if the timestamp is not within bounds" do
+ mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, MERB_HEADERS, BODY)
+ Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ - 1000)
+
+ auth_req = Mixlib::Authentication::SignatureVerification.new
+ res = auth_req.authenticate_user_request(mock_request, @user_private_key)
+ res.should be_nil
+ auth_req.should_not be_a_valid_request
+ auth_req.should_not be_a_valid_timestamp
+ auth_req.should be_a_valid_signature
+ auth_req.should be_a_valid_content_hash
+ end
+
+ it "shouldn't authenticate if the signature is wrong" do
+ headers = MERB_HEADERS.dup
+ headers["HTTP_X_OPS_AUTHORIZATION_1"] = "epicfail"
+ mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, headers, BODY)
+ Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ)
+
+ auth_req = Mixlib::Authentication::SignatureVerification.new
+ res = auth_req.authenticate_user_request(mock_request, @user_private_key)
res.should be_nil
+ auth_req.should_not be_a_valid_request
+ auth_req.should_not be_a_valid_signature
+ auth_req.should be_a_valid_timestamp
+ auth_req.should be_a_valid_content_hash
end
end
View Lorry Controller Status