cf-uaac 1.3.0

data/spec/client_reg_spec.rb

@@ -0,0 +1,104 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'spec_helper'
+require 'cli'
+
+module CF::UAA
+
+describe ClientCli do
+
+  include SpecHelper
+
+  before :all do
+    #Util.default_logger(:trace)
+    Cli.configure("", nil, StringIO.new, true)
+    setup_target(authorities: "scim.read", grant_types: "client_credentials")
+    @test_user, @test_pwd = "sam_#{Time.now.to_i}", "correcthorsebatterystaple"
+  end
+
+  after :all do cleanup_target end
+
+  it "registers a new client" do
+    @test_client.should be # actually registered in the before :all block
+  end
+
+  it "gets a client registration" do
+    Cli.run("client get #{@test_client}").should be
+    Cli.output.string.should include @test_client
+  end
+
+  it "lists client registrations" do
+    Cli.run("clients").should be
+    Cli.output.string.should include @admin_client, @test_client
+  end
+
+  context "as test client" do
+
+    before :all do
+      Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+    end
+
+    it "logs in as test client" do
+      Cli.run("context").should be # login was in before :all block
+      Cli.output.string.should include "access_token", @test_client
+    end
+
+    it "fails to create a user account as test client" do
+      Cli.run("user add #{@test_user} -p #{@test_pwd}").should be_nil
+      Cli.output.string.should include "insufficient_scope"
+    end
+
+    context "as updated client" do
+
+      before :all do
+        # update the test client as the admin client
+        Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+        Cli.run("context #{@admin_client}").should be
+        Cli.run("client update #{@test_client} --authorities scim.write,scim.read").should be
+        Cli.run("client get #{@test_client}").should be
+        Cli.output.string.should include "scim.read", "scim.write"
+      end
+
+      it "fails to create a user account with old token" do
+        Cli.run("context #{@test_client}").should be
+        Cli.run("user add #{@test_user} -p #{@test_pwd}").should be_nil
+        Cli.output.string.should include "insufficient_scope"
+      end
+
+      it "creates a user account with a new token" do
+        Cli.run("context #{@test_client}").should be
+        Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+        Cli.run("token decode")
+        Cli.run("user add #{@test_user.capitalize} -p #{@test_pwd} --email #{@test_user}@example.com --family_name #{@test_user.capitalize} --given_name joe").should be
+        Cli.output.string.should_not include "insufficient_scope"
+        Cli.run("user get #{@test_user}").should be
+        Cli.output.string.should include @test_user.capitalize
+      end
+    end
+
+  end
+
+  context "as admin client" do
+    it "deletes a client registration" do
+      client = @test_client.dup
+      @test_client.replace("")
+      Cli.run("context #{@admin_client}").should be
+      Cli.run("client delete #{client}").should be
+      Cli.output.string.should include "deleted"
+    end
+  end
+
+end
+
+end

data/spec/common_spec.rb

@@ -0,0 +1,89 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'spec_helper'
+require 'stringio'
+require 'cli'
+
+module CF::UAA
+
+describe CommonCli do
+
+  include SpecHelper
+
+  before :each do 
+    Util.default_logger(:trace)
+    Cli.configure("", nil, StringIO.new, true) 
+  end
+
+  ["-v", "version", "--version"].each do |opt|
+    it "displays a version with #{opt}" do
+      Cli.run(opt).should be
+      Cli.output.string.should include CLI_VERSION
+    end
+  end
+
+  ["help", "-h"].each do |opt|
+    it "displays general help with #{opt}" do
+      Cli.run(opt).should be
+      ["UAA Command Line Interface", "System Information", "Tokens", "User Accounts"].each do |s|
+        Cli.output.string.should include s
+      end
+    end
+  end
+
+  it "gets commands in bash completion format" do
+    Cli.run("help commands").should be
+    [/--no-version/, /--version/, /^#{File.basename($0)}/, /help/].each do |s|
+      Cli.output.string.should match(s)
+    end
+  end
+
+  ["help targets", "targets -h", "-h targets"].each do |opt|
+    it "displays command specific help like: #{opt}" do
+      Cli.run(opt).should be
+      Cli.output.string.should include("Display all targets")
+    end
+  end
+
+  it "sets a target in the config file" do
+    Cli.run("target example.com --force").should be
+    Config.yaml.should include "https://example.com"
+  end
+
+  it "strips trailing / from target" do
+    Cli.run("target example.com/uaa/ --force")
+    Config.yaml.should include "https://example.com/uaa"
+    Config.yaml.should_not include "https://example.com/uaa/"
+  end
+
+  it "sets multiple targets to be forced qualified in config and targets output" do
+    Cli.run("target example.com --force")
+    Cli.run("target example2.com --force")
+    Cli.run("targets").should be
+    Config.yaml.should include "https://example.com", "https://example2.com"
+    Cli.output.string.should include "https://example.com", "https://example2.com"
+  end
+
+  it "gets it's configuration from alternate source when specified" do
+    Cli.run("target --force foo.bar --config").should be
+    Config.yaml.should include "foo\.bar"
+    Cli.run "target --force baz.com --config"
+    Config.yaml.should include "baz\.com"
+    Config.yaml.should_not include "foo\.bar"
+  end
+
+end
+
+end
+

data/spec/group_spec.rb

@@ -0,0 +1,93 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'spec_helper'
+require 'cli'
+
+module CF::UAA
+
+describe GroupCli do
+
+  include SpecHelper
+
+  before :all do
+    #Util.default_logger(:trace)
+    Cli.configure("", nil, StringIO.new, true)
+    setup_target(authorities: "clients.read,scim.read,scim.write")
+    Cli.run("token client get #{@test_client} -s #{@test_secret}").should be
+    @test_user, @test_pwd = "sam_#{Time.now.to_i}", "correcthorsebatterystaple"
+    @test_group = "JaNiToRs_#{Time.now.to_i}"
+  end
+
+  after :all do cleanup_target end
+  before :each do Cli.output.string = "" end
+
+  it "creates many users and a group as the test client" do
+    Cli.run "context #{@test_client}"
+    Cli.run("user add #{@test_user.upcase} -p #{@test_pwd} " +
+        "--email joey@example.com --family_name JONES --given_name JOE").should be
+    29.times { |i| Cli.run("user add #{@test_user.capitalize}-#{i} -p #{@test_pwd} " +
+        "--email #{@test_user}+#{i}@example.com " +
+        "--family_name #{@test_user.capitalize} --given_name joe").should be }
+    Cli.run("group add #{@test_group}").should be
+    Cli.run("groups -a displayName").should be
+    Cli.output.string.should include @test_group
+  end
+
+  it "gets attributes with case-insensitive attribute names" do
+    Cli.run("groups -a displayname").should be
+    Cli.output.string.should include @test_group
+  end
+
+  it "lists all users" do
+    Cli.run("users -a UsernamE").should be
+    29.times { |i| Cli.output.string.should =~ /#{@test_user.capitalize}-#{i}/i }
+  end
+
+  it "preserves case in names" do
+    Cli.run("users -a username").should be
+    29.times { |i| Cli.output.string.should =~ /#{@test_user.capitalize}-#{i}/ }
+  end
+
+  it "lists a page of users" do
+    Cli.run("users -a userName --count 13 --start 5").should be
+    Cli.output.string.should match /itemsPerPage: 13/i
+    Cli.output.string.should match /startIndex: 5/i
+  end
+
+  it "adds users to the group" do
+    cmd = "member add #{@test_group}"
+    29.times { |i| cmd << " #{@test_user.capitalize}-#{i}" }
+    Cli.run(cmd).should be
+    Cli.output.string.should include "success"
+  end
+
+  it "adds one user to the group" do
+    Cli.run("member add #{@test_group} #{@test_user}").should be
+    Cli.output.string.should include "success"
+  end
+
+  it "deletes all members from a group" do
+    pending "waiting on bug fix in uaa, [40594865]" if ENV["UAA_CLIENT_TARGET"]
+    cmd = "member delete #{@test_group} #{@test_user.capitalize}"
+    29.times { |i| cmd << " #{@test_user.capitalize}-#{i}" }
+    Cli.run(cmd).should be
+    Cli.output.string.should include "success"
+    # and they should really be gone
+    Cli.run("group get #{@test_group}")
+    Cli.output.string.should_not match /members/i
+  end
+
+end
+
+end

data/spec/http_spec.rb

@@ -0,0 +1,165 @@
+#--
+# Cloud Foundry 2012.02.03 Beta
+# Copyright (c) [2009-2012] VMware, Inc. All Rights Reserved.
+#
+# This product is licensed to you under the Apache License, Version 2.0 (the "License").
+# You may not use this product except in compliance with the License.
+#
+# This product includes a number of subcomponents with
+# separate copyright notices and license terms. Your use of these
+# subcomponents is subject to the terms and conditions of the
+# subcomponent's license, as noted in the LICENSE file.
+#++
+
+require 'spec_helper'
+require 'fiber'
+require 'net/http'
+require 'em-http'
+require 'uaa/http'
+require 'cli/version'
+require 'stub/server'
+
+module CF::UAA
+
+class StubHttp < Stub::Base
+  route(:get, '/') { reply_in_kind "welcome to stub http, version #{CLI_VERSION}" }
+  route( :get, '/bad') { reply.headers[:location] = ":;+)(\/"; reply_in_kind(3, "bad http status code") }
+end
+
+class HttpClient
+  include Http
+end
+
+describe Http do
+
+  include SpecHelper
+
+  before :all do
+    @stub_http = Stub::Server.new(StubHttp, Util.default_logger(:info)).run_on_thread
+  end
+
+  after :all do @stub_http.stop if @stub_http end
+
+  it "gets something from stub server on a fiber" do
+    frequest(true) {
+      f = Fiber.current
+      http = EM::HttpRequest.new("#{@stub_http.url}/").get
+      http.errback { f.resume "error" }
+      http.callback {
+        http.response_header.http_status.should == 200
+        f.resume http.response
+      }
+      Fiber.yield
+    }.should match /welcome to stub http/
+  end
+
+  it "uses persistent connections from stubserver" do
+    frequest(true) {
+      f = Fiber.current
+      conn = EM::HttpRequest.new("#{@stub_http.url}/")
+      req1 = conn.get keepalive: true
+      req1.errback { f.resume "error1" }
+      req1.callback {
+        req2 = conn.get
+        req2.errback { f.resume req2.error }
+        req2.callback { f.resume req2.response }
+      }
+      Fiber.yield
+    }.should match /welcome to stub http/
+  end
+
+  it "gets something from stub server on a thread" do
+    @async = false
+    resp = Net::HTTP.get(URI("#{@stub_http.url}/"))
+    resp.should match /welcome to stub http/
+  end
+
+  shared_examples_for "http client" do
+
+    # the following is intended to test that a failed dns lookup will fail the
+    # same way on the buggy em-http-request 1.0.0.beta3 client as it does on
+    # the rest-client. However, some networks (such as the one I am on now)
+    # configure the dhcp client with a dns server that will resolve
+    # every name as a valid address, e.g. bad.example.bad returns an address
+    # to a service signup screen. I have tried stubbing the code in various
+    # ways:
+     # EventMachine.stub(:connect) { raise EventMachine::ConnectionError, "fake error for bad dns lookup" }
+     # EventMachine.unstub(:connect)
+     # Socket.stub(:gethostbyname) { raise SocketError, "getaddrinfo: Name or service not known" }
+     # Socket.unstub(:gethostbyname)
+    # This has had varied success but seems rather brittle. Currently I have opted
+    # to just make the domain name invalid with tildes, but this may not test
+    # the desired code paths
+    it "fails cleanly for a failed dns lookup" do
+      result = frequest(@on_fiber) { @client.http_get("http://bad~host~name/") }
+      result.should be_an_instance_of BadTarget
+    end
+
+    it "fails cleanly for a get operation, no connection to address" do
+      result = frequest(@on_fiber) { @client.http_get("http://127.0.0.1:30000/") }
+      result.should be_an_instance_of BadTarget
+    end
+
+    it "fails cleanly for a get operation with bad response" do
+      frequest(@on_fiber) { @client.http_get(@stub_http.url, "/bad") }.should be_an_instance_of HTTPException
+    end
+
+    it "works for a get operation to a valid address" do
+      status, body, headers = frequest(@on_fiber) { @client.http_get(@stub_http.url, "/") }
+      status.should == 200
+      body.should match /welcome to stub http/
+    end
+
+    it "should send debug information to a custom logger" do
+      class CustomLogger
+        attr_reader :log
+        def initialize; @log = "" end
+        def debug(str = nil) ; @log << (str ? str : yield) end
+      end
+      @client.logger = clog = CustomLogger.new
+      clog.log.should be_empty
+      frequest(@on_fiber) { @client.http_get(@stub_http.url, "/") }
+      clog.log.should_not be_empty
+    end
+  end
+
+  context "on a fiber" do
+    before :all do
+      @on_fiber = true 
+      @client = HttpClient.new
+      @client.set_request_handler do |url, method, body, headers|
+        f = Fiber.current
+        connection = EventMachine::HttpRequest.new(url, connect_timeout: 2, inactivity_timeout: 2)
+        client = connection.setup_request(method, head: headers, body: body)
+
+        # This check is for proper error handling with em-http-request 1.0.0.beta.3
+        if defined?(EventMachine::FailedConnection) && connection.is_a?(EventMachine::FailedConnection)
+          raise BadTarget, "HTTP connection setup error: #{client.error}"
+        end
+
+        client.callback { f.resume [client.response_header.http_status, client.response, client.response_header] }
+        client.errback { f.resume [:error, client.error] }
+        result = Fiber.yield
+        if result[0] == :error
+          raise BadTarget, "connection failed" unless result[1] && result[1] != ""
+          raise BadTarget, "connection refused" if result[1].to_s =~ /ECONNREFUSED/
+          raise BadTarget, "unable to resolve address" if /unable.*server.*address/.match result[1]
+          raise HTTPException, result[1]
+        end
+        [result[0], result[1], Util.hash_keys!(result[2], :todash)]
+      end
+    end
+    it_should_behave_like "http client"
+  end
+
+  context "on a thread" do
+    before :all do
+      @on_fiber = false 
+      @client = HttpClient.new
+    end
+    it_should_behave_like "http client"
+  end
+
+end
+
+end