aws-sessionstore-dynamodb 0.5.0

data/spec/aws/session_store/dynamo_db/locking/threaded_sessions_spec.rb

@@ -0,0 +1,95 @@
+# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+
+require 'spec_helper'
+
+describe AWS::SessionStore::DynamoDB::RackMiddleware do
+  include Rack::Test::Methods
+
+  def thread(mul_val, time, check)
+    Thread.new do
+      sleep(time)
+      get "/"
+      last_request.session[:multiplier].should eq(mul_val) if check
+    end
+  end
+
+  def thread_exception(error)
+    Thread.new { expect { get "/" }.to raise_error(error) }
+  end
+
+  def update_item_mock(options, update_method)
+    if options[:return_values] == "UPDATED_NEW" && options.has_key?(:expected)
+      sleep(0.50)
+      update_method.call(options)
+    else
+      update_method.call(options)
+    end
+  end
+
+  let(:base_app) { MultiplierApplication.new }
+  let(:app) { AWS::SessionStore::DynamoDB::RackMiddleware.new(base_app, @options) }
+
+  context "Mock Multiple Threaded Sessions", :integration => true do
+    before do
+      @options = AWS::SessionStore::DynamoDB::Configuration.new.to_hash
+      @options[:enable_locking] = true
+      @options[:secret_key] = 'watermelon_smiles'
+
+      update_method = @options[:dynamo_db_client].method(:update_item)
+      @options[:dynamo_db_client].should_receive(:update_item).at_least(:once) do |options|
+        update_item_mock(options, update_method)
+      end
+    end
+
+    it "should wait for lock" do
+      @options[:lock_expiry_time] = 2000
+
+      get "/"
+      last_request.session[:multiplier].should eq(1)
+
+      t1 = thread(2, 0, false)
+      t2 = thread(4, 0.25, true)
+      t1.join
+      t2.join
+    end
+
+    it "should bust lock" do
+      @options[:lock_expiry_time] = 100
+
+      get "/"
+      last_request.session[:multiplier].should eq(1)
+
+      t1 = thread_exception(AWS::DynamoDB::Errors::ConditionalCheckFailedException)
+      t2 = thread(2, 0.25, true)
+      t1.join
+      t2.join
+    end
+
+    it "should throw exceeded time spent aquiring lock error" do
+      @options[:lock_expiry_time] = 1000
+      @options[:lock_retry_delay] = 100
+      @options[:lock_max_wait_time] = 0.25
+
+      get "/"
+      last_request.session[:multiplier].should eq(1)
+
+      t1 = thread(2, 0, false)
+      sleep(0.25)
+      t2 = thread_exception(AWS::SessionStore::DynamoDB::LockWaitTimeoutError)
+      t1.join
+      t2.join
+    end
+  end
+end

data/spec/aws/session_store/dynamo_db/rack_middleware_database_spec.rb

@@ -0,0 +1,129 @@
+# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+require 'spec_helper'
+
+module AWS
+  module SessionStore
+    module DynamoDB
+      describe RackMiddleware do
+        include Rack::Test::Methods
+
+        instance_exec(&ConstantHelpers)
+
+        before do
+          @options = { :secret_key => 'watermelon_cherries' }
+        end
+
+        # Table options for client
+        def table_opts(sid)
+          {
+            :table_name => Configuration::DEFAULTS[:table_name],
+            :key => { Configuration::DEFAULTS[:table_key] => { :s => sid } }
+          }
+        end
+
+        # Attributes to be retrieved via client
+        def attr_opts
+          {
+            :attributes_to_get => ["data", "created_at", "locked_at"],
+            :consistent_read => true
+          }
+        end
+
+        def extract_time(sid)
+          options = table_opts(sid).merge(attr_opts)
+          Time.at((client.get_item(options)[:item]["created_at"][:n]).to_f)
+        end
+
+        let(:base_app) { MultiplierApplication.new }
+        let(:app) { RackMiddleware.new(base_app, @options) }
+        let(:config) { Configuration.new }
+        let(:client) { config.dynamo_db_client }
+
+        context "Testing best case session storage", :integration => true do
+          it "stores session data in session object" do
+            get "/"
+            last_request.session[:multiplier].should eq(1)
+          end
+
+          it "creates a new HTTP cookie when Cookie not supplied" do
+            get "/"
+            last_response.body.should eq('All good!')
+            last_response['Set-Cookie'].should be_true
+          end
+
+          it "does not rewrite Cookie if cookie previously/accuarately set" do
+            get "/"
+            last_response['Set-Cookie'].should_not be_nil
+
+
+            get "/"
+            last_response['Set-Cookie'].should be_nil
+          end
+
+          it "does not set cookie when defer option is specifed" do
+            @options[:defer] = true
+            get "/"
+            last_response['Set-Cookie'].should be_nil
+          end
+
+          it "creates new sessopm with false/nonexistant http-cookie id" do
+            get "/", {}, invalid_cookie.merge(invalid_session_data)
+            last_response['Set-Cookie'].should_not eq("rack.session=ApplePieBlueberries")
+            last_response['Set-Cookie'].should_not be_nil
+          end
+
+          it "expires after specified time and sets date for cookie to expire" do
+            @options[:expire_after] = 1
+            get "/"
+            session_cookie = last_response['Set-Cookie']
+            sleep(1.2)
+
+            get "/"
+            last_response['Set-Cookie'].should_not be_nil
+            last_response['Set-Cookie'].should_not eq(session_cookie)
+          end
+
+          it "will not set a session cookie when defer is true" do
+            @options[:defer] = true
+            get "/"
+            last_response['Set-Cookie'].should eq(nil)
+          end
+
+          it "adds the created at attribute for a new session" do
+            get "/"
+            last_request.env["dynamo_db.new_session"].should eq("true")
+            sid = last_response['Set-Cookie'].split(/[;\=]/)[1]
+            time = extract_time(sid)
+            time.should be_within(2).of(Time.now)
+
+            get "/"
+            last_request.env['dynamo_db.new_session'].should be(nil)
+          end
+
+          it "releases pessimistic lock at finish of transaction" do
+            @options[:enable_locking] = true
+            get "/"
+            last_request.env["dynamo_db.new_session"].should eq("true")
+            sid = last_response['Set-Cookie'].split(/[;\=]/)[1]
+
+            get "/"
+            options = table_opts(sid).merge(attr_opts)
+            client.get_item(options)[:item]["locked_at"].should be_nil
+          end
+        end
+      end
+    end
+  end
+end

data/spec/aws/session_store/dynamo_db/rack_middleware_spec.rb

@@ -0,0 +1,149 @@
+# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+require 'spec_helper'
+
+module AWS
+  module SessionStore
+    module DynamoDB
+      describe RackMiddleware do
+        include Rack::Test::Methods
+
+        before { @options = {} }
+
+        def ensure_data_updated(mutated_data)
+          dynamo_db_client.should_receive(:update_item) do |options|
+            if mutated_data
+              options[:attribute_updates]["data"].should_not be_nil
+            else
+              options[:attribute_updates]["data"].should be_nil
+            end
+          end
+        end
+
+        before do
+          @options = {
+            :dynamo_db_client => dynamo_db_client,
+            :secret_key => 'watermelon_cherries'
+          }
+        end
+
+        let(:base_app) { MultiplierApplication.new }
+        let(:app) { RackMiddleware.new(base_app, @options) }
+
+        let(:sample_packed_data) do
+          [Marshal.dump("multiplier" => 1)].pack("m*")
+        end
+
+        let(:dynamo_db_client) do
+          client = double('AWS::DynamoDB::Client')
+          client.stub(:delete_item) { 'Deleted' }
+          client.stub(:list_tables) { {:table_names => ['Sessions']} }
+          client.stub(:get_item) do
+            { :item => { 'data' => { :s => sample_packed_data } } }
+          end
+          client.stub(:update_item) do
+            { :attributes => { :created_at => 'now' } }
+          end
+          client
+        end
+
+        context "Testing best case session storage with mock client" do
+          it "stores session data in session object" do
+            get "/"
+            last_request.session.to_hash.should eq("multiplier" => 1)
+          end
+
+          it "creates a new HTTP cookie when Cookie not supplied" do
+            get "/"
+            last_response.body.should eq('All good!')
+            last_response['Set-Cookie'].should be_true
+          end
+
+          it "loads/manipulates a session based on id from HTTP-Cookie" do
+            get "/"
+            last_request.session.to_hash.should eq("multiplier" => 1)
+
+            get "/"
+            last_request.session.to_hash.should eq("multiplier" => 2)
+          end
+
+          it "does not rewrite Cookie if cookie previously/accuarately set" do
+            get "/"
+            last_response['Set-Cookie'].should_not be_nil
+
+            get "/"
+            last_response['Set-Cookie'].should be_nil
+          end
+
+          it "does not set cookie when defer option is specifed" do
+            @options[:defer] = true
+            get "/"
+            last_response['Set-Cookie'].should eq(nil)
+          end
+
+          it "creates new sessopm with false/nonexistant http-cookie id" do
+            get "/"
+            last_response['Set-Cookie'].should_not eq('1234')
+            last_response['Set-Cookie'].should_not be_nil
+          end
+
+          it "expires after specified time and sets date for cookie to expire" do
+            @options[:expire_after] = 0
+            get "/"
+            session_cookie = last_response['Set-Cookie']
+
+            get "/"
+            last_response['Set-Cookie'].should_not be_nil
+            last_response['Set-Cookie'].should_not eq(session_cookie)
+          end
+
+          it "doesn't reset Cookie if not outside expire date" do
+            @options[:expire_after] = 3600
+            get "/"
+            session_cookie = last_response['Set-Cookie']
+            get "/"
+            last_response['Set-Cookie'].should eq(session_cookie)
+          end
+
+          it "will not set a session cookie when defer is true" do
+            @options[:defer] = true
+            get "/"
+            last_response['Set-Cookie'].should eq(nil)
+          end
+
+          it "generates sid and migrates data to new sid when renew is selected" do
+            @options[:renew] = true
+            get "/"
+            last_request.session.to_hash.should eq("multiplier" => 1)
+            session_cookie = last_response['Set-Cookie']
+
+            get "/" , "HTTP_Cookie" => session_cookie
+            last_response['Set-Cookie'].should_not eq(session_cookie)
+            last_request.session.to_hash.should eq("multiplier" => 2)
+            session_cookie = last_response['Set-Cookie']
+          end
+
+          it "doesn't resend unmutated data" do
+            ensure_data_updated(true)
+            @options[:renew] = true
+            get "/"
+
+            ensure_data_updated(false)
+            get "/", {}, { "rack.session" => { "multiplier" => nil } }
+          end
+        end
+      end
+    end
+  end
+end

data/spec/aws/session_store/dynamo_db/rails_app_config.yml

@@ -0,0 +1,24 @@
+# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+development:
+  key1: development value 1
+test:
+  table_name: NewTable
+  table_key: Somekey
+  consistent_read: true
+  AWS_ACCESS_KEY_ID: FakeKey
+  AWS_SECRET_ACCESS_KEY: Secret
+  AWS_REGION: New York
+production:
+  key1: production value 1

data/spec/aws/session_store/dynamo_db/table_spec.rb

@@ -0,0 +1,46 @@
+# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+require 'spec_helper'
+require 'stringio'
+require 'logger'
+
+module AWS
+  module SessionStore
+    module DynamoDB
+      describe Table do
+        context "Mock Table Methods Tests", :integration => true do
+          let(:table_name) { "sessionstore-integration-test-#{Time.now.to_i}" }
+          let(:options) { {:table_name => table_name} }
+          let(:io) { StringIO.new }
+
+          before { Table.stub(:logger) { Logger.new(io) } }
+
+          it "Creates and deletes a new table" do
+            Table.create_table(options)
+
+            # second attempt should warn
+            Table.create_table(options)
+
+            io.string.should include("Table #{table_name} created, waiting for activation...\n")
+            io.string.should include("Table #{table_name} is now ready to use.\n")
+            io.string.should include("Table #{table_name} already exists, skipping creation.\n")
+
+            # now delete table
+            Table.delete_table(options)
+          end
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,61 @@
+# Copyright 2013 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+#     http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+begin
+  if ENV['COVERAGE']
+    require 'simplecov'
+    SimpleCov.start { add_filter 'spec' }
+  end
+rescue LoadError
+end
+
+$: << File.join(File.dirname(File.dirname(__FILE__)), "lib")
+
+require 'rspec'
+require 'aws-sessionstore-dynamodb'
+require 'rack/test'
+
+# Default Rack application
+class MultiplierApplication
+  def call(env)
+    if env['rack.session'][:multiplier]
+      env['rack.session'][:multiplier] *= 2
+    else
+      env['rack.session'][:multiplier] = 1
+    end
+    [200, {'Content-Type' => 'text/plain'}, ['All good!']]
+  end
+end
+
+ConstantHelpers = lambda do
+  let(:token_error_msg) { 'The security token included in the request is invalid' }
+  let(:resource_error) { AWS::DynamoDB::Errors::ResourceNotFoundException }
+  let(:key_error) { AWS::DynamoDB::Errors::ValidationException.new(key_error_msg) }
+  let(:key_error_msg) { 'The provided key element does not match the schema' }
+  let(:client_error) { AWS::DynamoDB::Errors::UnrecognizedClientException }
+  let(:invalid_cookie) { {"HTTP_COOKIE" => "rack.session=ApplePieBlueberries"} }
+  let(:invalid_session_data) { {"rack.session"=>{"multiplier" => 1}} }
+  let(:rack_default_error_msg) { "Warning! AWS::SessionStore::DynamoDB failed to save session. Content dropped.\n" }
+  let(:missing_key_error) { AWS::SessionStore::DynamoDB::MissingSecretKeyError }
+end
+
+RSpec.configure do |c|
+  c.before(:each, :integration => true) do
+    opts = {:table_name => 'sessionstore-integration-test'}
+
+    defaults = AWS::SessionStore::DynamoDB::Configuration::DEFAULTS
+    defaults = defaults.merge(opts)
+    stub_const("AWS::SessionStore::DynamoDB::Configuration::DEFAULTS", defaults)
+    AWS::SessionStore::DynamoDB::Table.create_table(opts)
+  end
+end