cookie_store 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 03f6d983ab27d0ae52b8af6468da9a131e815e4c
+  data.tar.gz: b235fd0ecfba2b57d10d121cca4bace173e56b08
+SHA512:
+  metadata.gz: c74560238d8e3ec19ccf3d987bea2c8dcb1f516fa45ec58eaeddacb43553557736f54e2c92f6e2e87daf0234d1ec3acee2346b291e63f583718432d7bf735774
+  data.tar.gz: 3a4f46c5276009ca3203ea6bdf1b6597fa872f1e3ad4ab731cae18e719fc15bb03f721439ec5f3a177c065f65b7b10a93c7cc3ab74f7a1c2dc7b17f05264c13f

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Jonathan Bracy
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,4 @@
+cookie_store
+============
+
+A Ruby library to handle client-side HTTP cookies

data/Rakefile

@@ -0,0 +1,20 @@
+require 'bundler/setup'
+require "bundler/gem_tasks"
+require 'rake/testtask'
+require 'rdoc/task'
+
+task :console do
+  exec 'irb -Ilib -r cookie_store.rb'
+end
+task :c => :console
+
+
+Rake::TestTask.new do |t|
+    t.libs << 'lib' << 'test'
+    t.test_files = FileList['test/**/*_test.rb']
+    # t.warning = true
+    # t.verbose = true
+end
+
+desc "Run tests"
+task :default => :test

data/cookie_store.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+
+Gem::Specification.new do |s|
+  s.name        = "cookie_store"
+  s.version     = '0.1.0'
+  s.licenses    = ['MIT']
+  s.authors     = ["Jon Bracy"]
+  s.email       = ["jonbracy@gmail.com"]
+  s.homepage    = "https://github.com/malomalo/cookie_store"
+  s.summary     = %q{A Ruby library to handle client-side HTTP cookies}
+  s.description = %q{A Ruby library to handle and store client-side HTTP cookies}
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.require_paths = ["lib"]
+
+  # Developoment 
+  s.add_development_dependency 'rake'
+  # s.add_development_dependency 'rdoc'
+  # s.add_development_dependency 'sdoc'
+  s.add_development_dependency 'minitest'
+  s.add_development_dependency 'minitest-reporters'
+  s.add_development_dependency 'mocha'
+end

data/lib/cookie_store.rb

@@ -0,0 +1,67 @@
+require 'uri'
+
+class CookieStore
+  
+  # Maximum number of bytes per cookie (RFC 6265 6.1 requires at least 4096)
+  MAX_COOKIE_LENGTH = 4096
+  
+  # Maximum number of cookies per domain (RFC 6265 6.1 requires 50 at least)
+  MAX_COOKIES_PER_DOMAIN = 50
+  
+  # Maximum number of cookies total (RFC 6265 6.1 requires 3000 at least)
+  MAX_COOKIES_TOTAL = 3000
+  
+  # Read and set the cookie from the Set-Cookie header
+  def set_cookie(request_uri, set_cookie_value)
+    request_uri = URI.parse(request_uri)
+    cookie = CookieStore::Cookie.parse(request_uri, set_cookie_value)
+
+    # reject as per RFC2965 Section 3.3.2
+    return if !cookie.request_match?(request_uri) || !(cookie.domain =~ /.+\..+/)
+    
+    # reject cookies over the max-bytes
+    return if cookie.to_s.size > MAX_COOKIE_LENGTH
+    
+    add(cookie) 
+  end
+  
+  def cookie_header_for(request_uri)
+    cookies_for(request_uri).map(&:to_s).join('; ')
+  end
+  
+  # (RFC 2965, section 1)
+  def search_domains_for(domain)
+    domain.downcase!
+    serach_domains = []
+    
+    if domain =~ CookieStore::Cookie::IPADDR
+      serach_domains << domain
+    else
+      domain = domain + '.local' if !(domain =~ /.\../)
+      serach_domains << domain
+      serach_domains << ".#{domain}"
+      
+      # H is the host domain name of a host; and,
+      # H has the form A.B; and
+      if domain =~ /[^\.]+(\..+)/
+        reach = $1
+        # B has at least one embedded dot
+        if reach =~ /.[\.:]./
+          # B has at least one embedded dot, or B is the string "local".
+          # then the reach of H is .B.
+          serach_domains << reach
+        end
+      end
+    end
+    
+    serach_domains
+  end
+  
+  def close_session
+    gc(true)
+  end
+  
+end
+
+require 'cookie_store/cookie'
+require 'cookie_store/hash_store'

data/lib/cookie_store/cookie.rb

@@ -0,0 +1,238 @@
+class CookieStore::Cookie
+
+  QUOTED_PAIR   = "\\\\[\\x00-\\x7F]"
+  LWS           = "\\r\\n(?:[ \\t]+)"
+  QDTEXT        = "[\\t\\x20-\\x21\\x23-\\x7E\\x80-\\xFF]|(?:#{LWS})"
+  QUOTED_TEXT   = "(?:#{QUOTED_PAIR}|#{QDTEXT})*"
+  IPADDR        = /\A#{URI::REGEXP::PATTERN::IPV4ADDR}\Z|\A#{URI::REGEXP::PATTERN::IPV6ADDR}\Z/
+    
+  TOKEN         = '[^(),\/<>@;:\\\"\[\]?={}\s]+'
+  VALUE         = "(?:#{TOKEN}|#{IPADDR}|#{QUOTED_TEXT})"
+  EXPIRES_AT_VALUE = '[A-Za-z]{3},\ \d{2}[-\ ][A-Za-z]{3}[-\ ]\d{4}\ \d{2}:\d{2}:\d{2}\ [A-Z]{3}'
+          
+  COOKIE    = /(?<name>#{TOKEN})=(?:"(?<quoted_value>#{QUOTED_TEXT})"|(?<value>#{VALUE}))(?<attributes>.*)/n
+  COOKIE_AV = %r{
+    ;\s+
+    (?<key>#{TOKEN})
+    (?:
+      =
+      (?:
+        "(?<quoted_value>#{QUOTED_TEXT})"
+        |
+        (?<value>#{EXPIRES_AT_VALUE}|#{VALUE})
+      )
+    ){0,1}
+  }nx
+  
+  # [String] The name of the cookie.
+  attr_reader :name
+  
+  # [String] The value of the cookie, without any attempts at decoding.
+  attr_reader :value
+  
+  # [String] The domain scope of the cookie. Follows the RFC 2965
+  # 'effective host' rules. A 'dot' prefix indicates that it applies both
+  # to the non-dotted domain and child domains, while no prefix indicates
+  # that only exact matches of the domain are in scope.
+  attr_reader :domain
+  
+  # [String] The path scope of the cookie. The cookie applies to URI paths
+  # that prefix match this value.
+  attr_reader :path
+  
+  # [Boolean] The secure flag is set to indicate that the cookie should
+  # only be sent securely. Nearly all HTTP User Agent implementations assume
+  # this to mean that the cookie should only be sent over a
+  # SSL/TLS-protected connection
+  attr_reader :secure
+  
+  # [Boolean] Popular browser extension to mark a cookie as invisible
+  # to code running within the browser, such as JavaScript
+  attr_reader :http_only
+  
+  # [Fixnum] Version indicator, currently either
+  # * 0 for netscape cookies
+  # * 1 for RFC 2965 cookies
+  attr_reader :version
+  
+  # [String, nil] RFC 2965 field for indicating comment (or a location)
+  # describing the cookie to a usesr agent.
+  attr_reader :comment, :comment_url
+  
+  # [Boolean] RFC 2965 field for indicating session lifetime for a cookie
+  attr_reader :discard
+  
+  # [Array<FixNum>, nil] RFC 2965 port scope for the cookie. If not nil,
+  # indicates specific ports on the HTTP server which should receive this
+  # cookie if contacted.
+  attr_reader :ports
+
+  # [DateTime] The Expires directive tells the browser when to delete the cookie.
+  # Derived from the format used in RFC 1123
+  attr_reader :expires
+  
+  # [Fixnum] RFC 6265 allows the use of the Max-Age attribute to set the
+  # cookie’s expiration as an interval of seconds in the future, relative
+  # to the time the browser received the cookie.
+  attr_reader :max_age
+  
+  # [Time] Time when this cookie was first evaluated and created.
+  attr_reader :created_at
+  
+  def initialize(name, value, options={})
+    @name = name
+    @value = value
+    @secure = false
+    @http_only = false
+    @version = 1
+    @discard = false
+    @created_at = Time.now
+    
+    options.each do |attr_name, attr_value|
+      self.instance_variable_set(:"@#{attr_name}", attr_value)
+    end
+  end
+  
+  # Evaluate when this cookie will expire. Uses the original cookie fields
+  # for a max-age or expires
+  #
+  # @return [Time, nil] Time of expiry, if this cookie has an expiry set
+  def expires_at
+    if max_age
+      created_at + max_age
+    else
+      expires
+    end
+  end
+  
+  # Indicates whether the cookie is currently considered valid
+  #
+  # @return [Boolean]
+  def expired?
+    expires_at && Time.now > expires_at
+  end
+  
+  # Indicates whether the cookie will be considered invalid after the end
+  # of the current user session
+  # @return [Boolean]
+  def session?
+    !expires_at || discard
+  end
+  
+  def to_s
+    if value.include?('"')
+      "#{name}=\"#{value.gsub('"', '\\"')}\""
+    else
+      "#{name}=#{value}"
+    end
+  end
+  
+  # Returns a true if the request_uri is a domain-match, a path-match, and a 
+  # port-match
+  def request_match?(request_uri)
+    uri = request_uri.is_a?(URI) ? request_uri : URI.parse(request_uri)
+    domain_match(uri.host) && path_match(uri.path) &&  port_match(uri.port)
+  end
+  
+  # From RFC2965 Section 1.
+  #
+  # For two strings that represent paths, P1 and P2, P1 path-matches P2
+  # if P2 is a prefix of P1 (including the case where P1 and P2 string-
+  # compare equal).  Thus, the string /tec/waldo path-matches /tec.
+  def path_match(request_path)
+    request_path.start_with?(path)
+  end
+
+  # From RFC2965 Section 1.
+  #
+  # Host A's name domain-matches host B's if
+  #
+  # *  their host name strings string-compare equal; or
+  #
+  # * A is a HDN string and has the form NB, where N is a non-empty
+  #   name string, B has the form .B', and B' is a HDN string.  (So,
+  #   x.y.com domain-matches .Y.com but not Y.com.)
+  def domain_match(request_domain)
+    request_domain = request_domain.downcase
+
+    return true if domain == request_domain
+    
+    return false if request_domain =~ IPADDR
+    
+    return true if domain == ".#{request_domain}"
+    
+    return false if !domain.include?('.') && domain != 'local'
+    
+    return false if !request_domain.end_with?(domain)
+
+    return !(request_domain[0...-domain.length].count('.') > (request_domain[-domain.length-1] == '.' ? 1 : 0))
+  end
+  
+  # From RFC2965 Section 3.3 
+  #
+  # The default behavior is that a cookie MAY be returned to any request-port.
+  #
+  # If the port attribute is set the port must be in the port-list.
+  def port_match(request_port)
+    return true unless ports
+    ports.include?(request_port)
+  end
+  
+  def self.parse(request_uri, set_cookie_value)
+    uri = request_uri.is_a?(URI) ? request_uri : URI.parse(request_uri)
+    data = COOKIE.match(set_cookie_value)
+    options = {}
+    
+    if !data
+      raise Net::HTTPHeaderSyntaxError.new("Invalid Set-Cookie header format")
+    end
+    
+    if data[:attributes]
+      data[:attributes].scan(COOKIE_AV) do |key, quoted_value, value|
+        value = quoted_value.gsub(/\\(.)/, '\1') if !value && quoted_value
+
+        # RFC 2109 4.1, Attributes (names) are case-insensitive
+        case key.downcase
+        when 'comment'
+          options[:comment] = value
+        when 'commenturl'
+          options[:comment_url] = value
+        when 'discard'
+          options[:discard] = true
+        when 'domain'
+          if value =~ IPADDR
+            options[:domain] = value
+          else
+            # As per RFC2965 if a host name contains no dots, the effective host name is
+            # that name with the string .local appended to it.
+            value = "#{value}.local" if !value.include?('.')
+            options[:domain] = (value.start_with?('.') ? value : ".#{value}").downcase
+          end
+        when 'expires'
+          if value.include?('-')
+            options[:expires] = DateTime.strptime(value, '%a, %d-%b-%Y %H:%M:%S %Z')
+          else
+            options[:expires] = DateTime.strptime(value, '%a, %d %b %Y %H:%M:%S %Z')
+          end
+        when 'max-age'
+          options[:max_age] = value.to_i
+        when 'path'
+          options[:path] = value
+        when 'port'
+          options[:ports] = value.split(',').map(&:to_i)
+        when 'secure'
+          options[:secure] = true
+        when 'httponly'
+          options[:http_only] = true
+        when 'version'
+          options[:version] = value.to_i
+        end
+      end
+    end
+    options[:domain]  ||= uri.host.downcase
+    options[:path]    ||= uri.path
+    
+    CookieStore::Cookie.new(data[:name], data[:value] || data[:quoted_value].gsub(/\\(.)/, '\1'), options)
+  end
+    
+end

data/lib/cookie_store/hash_store.rb

@@ -0,0 +1,52 @@
+class CookieStore::HashStore < CookieStore
+
+  def initialize
+    @domains = {}
+  end
+
+  def add(cookie)
+    #TODO: check for MAX_COOKIES_PER_DOMAIN && MAX_COOKIES_TOTAL, think remove the MAX_COOKIES_TOTAL tho
+    @domains[cookie.domain] ||= {}
+    @domains[cookie.domain][cookie.path] ||= {}
+    @domains[cookie.domain][cookie.path][cookie.name] = cookie
+  end
+
+  def cookies_for(request_uri)
+    request_uri = URI.parse(request_uri)
+    trigger_gc = false
+    request_cookies = []
+    
+    search_domains_for(request_uri.host).each do |domain|
+      next unless @domains[domain]
+      
+      @domains[domain].each do |path, cookies|
+        if request_uri.path.start_with?(path)
+          cookies.each do |name, cookie|
+            if cookie.expired?
+              trigger_gc = true
+            elsif cookie.port_match(request_uri.port) && (!cookie.secure || (cookie.secure && request_uri.scheme == 'https'))
+              request_cookies << cookie
+            end
+          end
+        end
+      end
+    end
+    
+    gc if trigger_gc
+    
+    request_cookies
+  end
+  
+  def gc(close_session=false)
+    @domains.delete_if do |domain, paths|
+      paths.delete_if do |path, cookies|
+        cookies.delete_if do |cookie_name, cookie|
+          cookie.expired? || (close_session && cookie.session?)
+        end
+        cookies.empty?
+      end
+      paths.empty?
+    end
+  end
+
+end

data/test/cookie_store/cookie_test.rb

@@ -0,0 +1,313 @@
+require 'test_helper'
+
+class CookieStore::CookieTest < Minitest::Test
+
+  # CookieStore::Cookie.new ================================================================
+  
+  test "::new(name, value)" do
+    cookie = CookieStore::Cookie.new('foo', 'bar')
+
+    assert_equal 'foo', cookie.name
+    assert_equal 'bar', cookie.value
+  end
+  
+  test "::new(name, value, options)" do
+    #TODO: test all options are set
+    cookie = CookieStore::Cookie.new('foo', 'bar', :domain => 'test.com')
+
+    assert_equal 'test.com', cookie.domain
+  end
+  
+  # CookieStore::Cookie.domain_match =======================================================
+
+  test "::domain_match(request_domain)" do
+    {
+      'a.com'                     => 'a.com',
+      'test.com'                  => '.test.com',
+      '123.456.57.21'             => '123.456.57.21'
+      #TODO: not sure how ipv6 works '[E3D7::51F4:9BC8:C0A8:6420]' => '[E3D7::51F4:9BC8:C0A8:6420]'
+    }.each do |host, cookie_host|
+      cookie = CookieStore::Cookie.new('key', 'value', :domain => cookie_host)
+      assert_equal true, cookie.domain_match(host)
+    end
+    
+    {
+      'a.com'                     => 'b.com',
+      'test.com'                  => '.com',
+      'test.com'                  => '.com.',
+      'test.com'                  => 'com',
+      'test.com'                  => 'com.',
+      'y.x.foo.com'               => '.foo.com',
+      'y.x.foo.com'               => 'foo.com',
+      '123.456.57.21'             => '123.456.57.22',
+      '123.456.57.21'             => '.123.456.57.21'
+      #TODO: not sure how ipv6 works '[E3D7::51F4:9BC8:C0A8:6420]' => '[E3D7::51F4:9BC8:C0A8:6421]'
+    }.each do |host, cookie_host|
+      cookie = CookieStore::Cookie.new('key', 'value', :domain => cookie_host)
+      assert_equal false, cookie.domain_match(host)
+    end
+  end
+  
+  # CookieStore::Cookie.path_match =========================================================
+  
+  test "::path_match(request_path)" do
+    {
+      '/test'                     => '/',
+      '/this/is/my/url'           => '/this/is'
+    }.each do |path, cookie_path|
+      cookie = CookieStore::Cookie.new('key', 'value', :path => cookie_path)
+      assert_equal true, cookie.path_match(path)
+    end
+    
+    {
+      '/test'                     => '/rest',
+      '/'                         => '/test'
+    }.each do |path, cookie_path|
+      cookie = CookieStore::Cookie.new('key', 'value', :path => cookie_path)
+      assert_equal false, cookie.path_match(path)
+    end
+  end
+  
+  # CookieStore::Cookie.port_match =========================================================
+  
+  test "::port_match(request_port) without ports attribute set" do
+    cookie = CookieStore::Cookie.new('key', 'value')
+    assert_equal true, cookie.port_match(158)
+  end
+  
+  test "::port_match(request_port) with ports attribute set" do
+    cookie = CookieStore::Cookie.new('key', 'value', :ports => [80, 8700])
+    assert_equal true, cookie.port_match(8700)
+    assert_equal false, cookie.port_match(87)
+  end
+  
+  # CookieStore::Cookie.expires_at =========================================================
+  
+  test "#expires_at based on max-age" do
+    travel_to Time.new(2013, 12, 13, 8, 26, 12, 0) do
+      cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3600')
+      assert_equal Time.new(2013, 12, 13, 9, 26, 12, 0), cookie.expires_at
+    end
+  end
+  
+  test "#expires_at based on expires attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Expires="Wed, 13 Jan 2021 22:23:01 GMT"')
+    assert_equal DateTime.new(2021, 1, 13, 22, 23, 1, 0), cookie.expires_at
+  end
+  
+  test "#expires_at perfers max-age to expires" do
+    travel_to Time.new(2013, 12, 13, 8, 26, 12, 0) do
+      cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3600 Expires="Wed, 13 Jan 2021 22:23:01 GMT"')
+      assert_equal Time.new(2013, 12, 13, 9, 26, 12, 0), cookie.expires_at
+    end
+  end
+  
+  test "#expires_at returns nil if no max-age or expires attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar')
+    assert_equal nil, cookie.expires_at
+  end
+  
+  # CookieStore::Cookie.expired? =========================================================
+  
+  test "#expired?" do
+    cookie = travel_to Time.new(2013, 12, 13, 8, 26, 12, 0) do
+      CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3600')
+    end
+    
+    assert_equal true, cookie.expired?
+
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3600')
+    assert_equal false, cookie.expired?
+  end
+  
+  # CookieStore::Cookie.session? ===========================================================
+  
+  test "#session? true by default" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar')
+    assert_equal true, cookie.session?
+  end
+  
+  test "#session? false if on expiration" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3600')
+    assert_equal false, cookie.session?
+  end
+  
+  test "#session? true if discard attribute is present" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3600; Discard')
+    assert_equal true, cookie.session?
+        
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Discard')
+    assert_equal true, cookie.session?
+  end
+  
+  # CookieStore::Cookie.to_s ===============================================================
+  
+  test "#to_s" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar')
+    assert_equal "foo=bar", cookie.to_s
+  end
+  
+  test "#to_s with a \" in the value" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo="ba\"r"')
+    assert_equal "foo=\"ba\\\"r\"", cookie.to_s
+  end
+  
+  #TODO: # CookieStore::Cookie.to_h ===============================================================
+  #
+  # test "#to_h" do
+  #   cookie = travel_to Time.new(2013, 12, 13, 8, 26, 12, 0) do
+  #     CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3600; Discard')
+  #   end
+  #
+  #   assert_equal({
+  #     :name     => 'foo',
+  #     :value    => 'bar',
+  #     :domain   => 'google.com',
+  #     :path     => '/test/this',
+  #     :secure   => false,
+  #     :http_only => false,
+  #     :version   => 1,
+  #     :comment   => nil,
+  #     :comment_url => nil,
+  #     :discard     => true,
+  #     :ports        => nil,
+  #     :expires      => nil,
+  #     :max_age      => 3600,
+  #     :created_at   => Time.new(2013, 12, 13, 8, 26, 12, 0)
+  #   }, cookie.to_h)
+  # end
+  
+  # CookieStore::Cookie.parse ==============================================================
+  
+  test "::parse a simple cookie" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test', "foo=bar")
+
+    assert_equal 'foo',         cookie.name
+    assert_equal 'bar',         cookie.value
+    assert_equal 'google.com',  cookie.domain
+    assert_equal '/test',       cookie.path
+    assert_equal false,         cookie.secure
+    assert_equal false,         cookie.http_only
+    assert_equal nil,           cookie.comment
+    assert_equal nil,           cookie.comment_url
+    assert_equal 1,             cookie.version
+    assert_equal false,         cookie.discard
+    assert_equal nil,           cookie.ports
+    assert_equal nil,           cookie.expires
+    assert_equal nil,           cookie.max_age
+  end
+
+  test "::parse normalizes the request domain" do
+    cookie = CookieStore::Cookie.parse('http://GoOGlE.com/test', "foo=bar")
+    assert_equal 'google.com',  cookie.domain
+  end
+  
+  test "::parse parth with a ? at the end" do
+    cookie = CookieStore::Cookie.parse('http://GoOGlE.com/test?key=value', "foo=bar")
+    assert_equal '/test',  cookie.path
+  end
+  
+  
+  test "::parse parth with a # at the end" do
+    cookie = CookieStore::Cookie.parse('http://GoOGlE.com/test#anchor', "foo=bar")
+    assert_equal '/test',  cookie.path
+  end
+  
+  test "::parse a simple quoted cookie" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test', 'foo="b\"ar"')
+
+    assert_equal 'google.com', cookie.domain
+    assert_equal 'foo', cookie.name
+    assert_equal 'b"ar', cookie.value
+  end
+  
+  test "::parse domain attribute without leading ." do
+    cookie = CookieStore::Cookie.parse('http://google.com/test', "foo=bar; Domain=google.com")
+    assert_equal '.google.com', cookie.domain
+  end
+
+  test "::parse domain attribute with leading ." do
+    cookie = CookieStore::Cookie.parse('http://google.com/test', "foo=bar; Domain=.google.com")
+    assert_equal '.google.com', cookie.domain
+  end
+  
+  test "::parse domain attribute that is the superdomain" do
+    cookie = CookieStore::Cookie.parse('http://site.google.com/test', "foo=bar; Domain=google.com")
+    assert_equal '.google.com', cookie.domain
+  end
+  
+  test "::parse domain attribute as ip" do
+    cookie = CookieStore::Cookie.parse('http://123.456.57.21/test', "foo=bar; Domain=123.456.57.21")
+
+    assert_equal '123.456.57.21', cookie.domain
+  end
+  
+  test "::parse path attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Path="/"')
+    
+    assert_equal '/', cookie.path
+  end
+  
+  test "::parse secure attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Secure')
+    assert_equal true, cookie.secure
+  end
+  
+  test "::parse http_only attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; HttpOnly')
+    assert_equal true, cookie.http_only
+  end
+  
+  test "::parse comment attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Comment="the c\"omment"')
+    assert_equal 'the c"omment', cookie.comment
+  end
+  
+  test "::parse coment_url attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; CommentURL="http://google.com/url"')
+    assert_equal "http://google.com/url", cookie.comment_url
+  end
+  
+  test "::parse version attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Version=0')
+    assert_equal 0, cookie.version
+  end
+  
+  test "::parse discard attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Discard')
+    assert_equal true, cookie.discard
+  end
+  
+  test "::parse port attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Port="80"')
+    assert_equal [80], cookie.ports
+    
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Port="80,8080"')
+    assert_equal [80, 8080], cookie.ports
+  end
+
+  test "::parse expires attribute" do
+    # Wed, 13 Jan 2021 22:23:01 GMT format
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Expires=Wed, 13 Jan 2021 22:23:01 GMT')
+    assert_equal DateTime.new(2021, 1, 13, 22, 23, 1, 0), cookie.expires
+    
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Expires="Wed, 13 Jan 2021 22:23:01 GMT"')
+    assert_equal DateTime.new(2021, 1, 13, 22, 23, 1, 0), cookie.expires
+    
+    # Wed, 13-Jan-2021 22:23:01 GMT format
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Expires=Wed, 13-Jan-2021 22:23:01 GMT')
+    assert_equal DateTime.new(2021, 1, 13, 22, 23, 1, 0), cookie.expires
+    
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Expires="Wed, 13-Jan-2021 22:23:01 GMT"')
+    assert_equal DateTime.new(2021, 1, 13, 22, 23, 1, 0), cookie.expires
+  end
+  
+  test "::parse max_age attribute" do
+    cookie = CookieStore::Cookie.parse('http://google.com/test/this', 'foo=bar; Max-Age=3660')
+    assert_equal 3660, cookie.max_age
+  end
+  
+  # TODO: test expires_at, based on expires attribute
+  # TODO: test expires_at, based on max-age attribute
+  
+end

data/test/cookie_store/hash_store_test.rb

@@ -0,0 +1,78 @@
+require 'test_helper'
+
+class CookieStore::HashStoreTest < Minitest::Test
+
+  test "#cookies_for" do
+    store = CookieStore::HashStore.new
+    
+    store.add(CookieStore::Cookie.new('a','value', :domain => 'google.com', :path => '/'))
+    store.add(CookieStore::Cookie.new('b','value', :domain => '.google.com', :path => '/'))
+    store.add(CookieStore::Cookie.new('c','value', :domain => 'www.google.com', :path => '/'))
+    store.add(CookieStore::Cookie.new('d','value', :domain => 'random.com', :path => '/'))
+    
+    store.add(CookieStore::Cookie.new('e','value', :domain => '.google.com', :path => '/'))
+    store.add(CookieStore::Cookie.new('f','value', :domain => '.google.com', :path => '/test'))
+    
+    store.add(CookieStore::Cookie.new('g','value', :domain => '.google.com', :path => '/', :max_age => 3660))
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/', :max_age => 0))
+    
+    store.add(CookieStore::Cookie.new('i','value', :domain => '.google.com', :path => '/', :ports => [80,8080]))
+    store.add(CookieStore::Cookie.new('j','value', :domain => '.google.com', :path => '/', :ports => [80,8080], :secure => true))
+    
+    store.add(CookieStore::Cookie.new('k','value', :domain => '.google.com', :path => '/', :secure => true))
+    
+    assert_equal %w(a b e g i), store.cookies_for('http://google.com/').map(&:name).sort
+    assert_equal %w(b e g i), store.cookies_for('http://test.google.com/').map(&:name).sort
+    assert_equal %w(b c e g i), store.cookies_for('http://www.google.com/').map(&:name).sort
+    
+    assert_equal %w(b c e g i), store.cookies_for('http://www.google.com/rest').map(&:name).sort
+    assert_equal %w(b c e f g i), store.cookies_for('http://www.google.com/test').map(&:name).sort
+    
+    assert_equal %w(b c e f g k), store.cookies_for('https://www.google.com/test').map(&:name).sort
+  end
+  
+  test '#cookies_for removes expired cookies while iterating' do
+    store = CookieStore::HashStore.new
+    store.expects(:gc).once
+    
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/', :max_age => 0))
+    store.cookies_for('http://google.com/')
+  end
+  
+  test '#gc clears out expired cookies' do
+    store = CookieStore::HashStore.new
+    
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/', :max_age => 0))
+    store.gc
+    assert_equal({}, store.instance_variable_get(:@domains))
+    
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/', :max_age => 0))
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/'))
+    store.gc
+    assert_equal 1, store.instance_variable_get(:@domains).size
+    assert_equal 1, store.instance_variable_get(:@domains)['.google.com'].size
+    assert_equal 1, store.instance_variable_get(:@domains)['.google.com']['/'].size
+  end
+  
+  test "#gc doesn't clears out session cookies when not out the session" do
+    store = CookieStore::HashStore.new
+    
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/', :max_age => 0))
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/', :discard => true))
+    
+    store.gc
+    assert_equal 1, store.instance_variable_get(:@domains).size
+    assert_equal 1, store.instance_variable_get(:@domains)['.google.com'].size
+    assert_equal 1, store.instance_variable_get(:@domains)['.google.com']['/'].size
+  end
+  
+  test '#gc clears out session cookies when closing out the session' do
+    store = CookieStore::HashStore.new
+    
+    store.add(CookieStore::Cookie.new('h','value', :domain => '.google.com', :path => '/', :discard => true))
+    
+    store.gc(true)
+    assert_equal({}, store.instance_variable_get(:@domains))
+  end
+  
+end

data/test/cookie_store_test.rb

@@ -0,0 +1,88 @@
+require 'test_helper'
+
+class CookieStoreTest < Minitest::Test
+  
+  # Cookie.set_cookie =========================================================
+  
+  test "#set_cookie" do
+    store = CookieStore.new
+    store.expects(:add)
+    
+    store.set_cookie('http://google.com/test/this', 'foo=bar; Max-Age=3600')
+  end
+  
+  test "#set_cookie rejects cookies where the value for the Domain attribute contains no embedded dots" do
+    store = CookieStore.new
+    store.expects(:add).never
+    
+    store.set_cookie('http://google.com/test', 'foo=bar; Domain=com')
+    store.set_cookie('http://google.com/test', 'foo=bar; Domain=.com')
+    store.set_cookie('http://google.com/test', 'foo=bar; Domain=com.')
+    store.set_cookie('http://google.com/test', 'foo=bar; Domain=.com.')
+  end
+  
+  test "#set_cookie rejects cookies that do not domain-match" do
+    store = CookieStore.new
+    store.expects(:add).never
+    
+    store.set_cookie('http://google.com/test', 'foo=bar; Domain=gobble.com')
+    store.set_cookie('http://y.x.foo.com/test', 'foo=bar; Domain=.foo.com')
+    store.set_cookie('http://y.x.foo.com/test', 'foo=bar; Domain=foo.com')
+    store.set_cookie('http://123.456.57.21/test', 'foo=bar; Domain=123.456.57.22')
+    store.set_cookie('http://123.456.57.21/test', 'foo=bar; Domain=.123.456.57.21')
+    #TODO: not sure how ipv6 works '' => '[E3D7::51F4:9BC8:C0A8:6421]'
+  end
+  
+  test "#set_cookie rejects cookies that do not path-match" do
+    store = CookieStore.new
+    store.expects(:add).never
+    
+    store.set_cookie('http://google.com/test', 'foo=bar; Path=/text')
+    store.set_cookie('http://google.com/test', 'foo=bar; Path=/test/mykey')
+  end
+  
+  test "#set_cookie rejects cookies that do not port-match" do
+    store = CookieStore.new
+    store.expects(:add).never
+    
+    store.set_cookie('http://google.com:97/test', 'foo=bar; Port="80,8080"')
+  end
+  
+  test "#set_cookie rejects cookies that are over the byte limit" do
+    store = CookieStore.new
+    store.expects(:add).never
+    
+    store.set_cookie('http://google.com/test', "foo=#{'k'*(CookieStore::MAX_COOKIE_LENGTH-3)}; Max-Age=3600")
+  end
+  
+  test "#search_domains_for" do
+    store = CookieStore.new
+    
+    assert_equal ['google.com', '.google.com'],                         store.search_domains_for('google.com')
+    assert_equal ["www.google.com", ".www.google.com", ".google.com"],  store.search_domains_for('www.google.com')
+    assert_equal ["com.local", ".com.local"],                           store.search_domains_for('com')
+    assert_equal ["123.456.57.22"],                                     store.search_domains_for('123.456.57.22')
+    #TODO: not sure about ipv6 assert_equal ["com.local", ".com.local"],                           store.search_domains_for('[E3D7::51F4:9BC8:C0A8:6420]')
+  end
+  
+  test "#close_session calls gc(true)" do
+    store = CookieStore.new
+    store.expects(:gc).with(true).once
+    
+    store.close_session
+  end
+  
+  test "#cookie_header_for" do
+    store = CookieStore.new
+    
+    store.expects(:cookies_for).with('url').returns([CookieStore::Cookie.new('key', 'value')])
+    assert_equal 'key=value', store.cookie_header_for('url')
+    
+    store.expects(:cookies_for).with('url').returns([CookieStore::Cookie.new('key', 'value'), CookieStore::Cookie.new('foo', 'bar')])
+    assert_equal 'key=value; foo=bar', store.cookie_header_for('url')
+    
+    store.expects(:cookies_for).with('url').returns([CookieStore::Cookie.new('key', 'v"alue')])
+    assert_equal 'key="v\"alue"', store.cookie_header_for('url')
+  end
+  
+end

data/test/test_helper.rb

@@ -0,0 +1,38 @@
+# To make testing/debugging easier, test within this source tree versus an
+# installed gem
+dir = File.dirname(__FILE__)
+root = File.expand_path(File.join(dir, '..'))
+lib = File.expand_path(File.join(root, 'lib'))
+
+$LOAD_PATH << lib
+
+require 'cookie_store'
+require "minitest/autorun"
+require 'minitest/unit'
+require 'minitest/reporters'
+require 'faker'
+require 'webmock/minitest'
+require "mocha"
+require "mocha/mini_test"
+require 'active_support/testing/time_helpers'
+
+Minitest::Reporters.use! Minitest::Reporters::SpecReporter.new
+
+# File 'lib/active_support/testing/declarative.rb', somewhere in rails....
+class Minitest::Test
+  include ActiveSupport::Testing::TimeHelpers
+  
+  def self.test(name, &block)
+    test_name = "test_#{name.gsub(/\s+/,'_')}".to_sym
+    defined = instance_method(test_name) rescue false
+    raise "#{test_name} is already defined in #{self}" if defined
+    if block_given?
+      define_method(test_name, &block)
+    else
+      define_method(test_name) do
+        flunk "No implementation provided for #{name}"
+      end
+    end
+  end
+  
+end

metadata

@@ -0,0 +1,116 @@
+--- !ruby/object:Gem::Specification
+name: cookie_store
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Jon Bracy
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-07-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest-reporters
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A Ruby library to handle and store client-side HTTP cookies
+email:
+- jonbracy@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE
+- README.md
+- Rakefile
+- cookie_store.gemspec
+- lib/cookie_store.rb
+- lib/cookie_store/cookie.rb
+- lib/cookie_store/hash_store.rb
+- test/cookie_store/cookie_test.rb
+- test/cookie_store/hash_store_test.rb
+- test/cookie_store_test.rb
+- test/test_helper.rb
+homepage: https://github.com/malomalo/cookie_store
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: A Ruby library to handle client-side HTTP cookies
+test_files:
+- test/cookie_store/cookie_test.rb
+- test/cookie_store/hash_store_test.rb
+- test/cookie_store_test.rb
+- test/test_helper.rb
+has_rdoc: