custom-adal 1.0.1

data/spec/adal/authority_spec.rb

@@ -0,0 +1,122 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2015 Micorosft Corporation
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#-------------------------------------------------------------------------------
+
+require_relative '../spec_helper'
+
+describe ADAL::Authority do
+  let(:auth_host) { 'login.windows.net' }
+  let(:tenant) { 'atenant.onmicrosoft.com' }
+
+  describe '#token_endpoint' do
+    it 'should correctly construct token endpoints' do
+      auth = ADAL::Authority.new(auth_host, tenant)
+      expect(auth.token_endpoint.to_s).to eq(
+        "https://#{auth_host}/#{tenant}/oauth2/token")
+    end
+  end
+
+  describe '#authorize_endpoint' do
+    context 'with additional params' do
+      it 'should correctly construct the authorize endpoint' do
+        auth = ADAL::Authority.new(auth_host, tenant)
+        expect(auth.authorize_endpoint(foo: :bar).to_s).to eq(
+          "https://#{auth_host}/#{tenant}/oauth2/authorize?foo=bar")
+      end
+    end
+
+    context 'with no additional params' do
+      it 'should correctly construct the authorize endpoint' do
+        auth = ADAL::Authority.new(auth_host, tenant)
+        expect(auth.authorize_endpoint.to_s).to eq(
+          "https://#{auth_host}/#{tenant}/oauth2/authorize")
+      end
+    end
+  end
+
+  describe '#validate' do
+    it 'should not do anything if validate_authority was set to false in the ' \
+       ' constructor' do
+      auth = ADAL::Authority.new(auth_host, tenant)
+      expect(auth).to_not receive(:validated_statically?)
+      expect(auth).to_not receive(:validated_dynamically?)
+      expect(auth.validate).to be_truthy
+    end
+
+    it 'should attempt static validation before dynamic validation' do
+      auth = ADAL::Authority.new(
+        auth_host, tenant, true)
+      expect(auth).to receive(:validated_statically?).once.and_return true
+      expect(auth).to_not receive(:validated_dynamically?)
+      expect(auth.validate).to be_truthy
+    end
+
+    it 'should successfully validate statically with a well known host' do
+      auth = ADAL::Authority.new(
+        auth_host, tenant, true)
+      expect(auth).to_not receive(:validated_dynamically?)
+      expect(auth.validate).to be_truthy
+    end
+
+    it 'should successully validate dynamically with the discovery endpoint' do
+      auth = ADAL::Authority.new(
+        'someothersite.net', tenant, true)
+      expect(Net::HTTP).to receive(:get).once.and_return('{"tenant_discovery_' \
+        'endpoint": "https://login.windows.net/atenant.onmicrosoft.com/.well-' \
+        'known/openid-configuration"}')
+      expect(auth.validate).to be_truthy
+    end
+
+    it 'should not make a network connection after it validates once' do
+      auth = ADAL::Authority.new(
+        'someothersite.net', tenant, true)
+      expect(Net::HTTP).to receive(:get).once.and_return(
+        '{"tenant_discovery_endpoint": "endpoint"}')
+      expect(auth.validate).to be_truthy
+      expect(auth.validate).to be_truthy
+      expect(auth.validate).to be_truthy
+      expect(auth.validate).to be_truthy
+    end
+
+    it 'should be false if dynamic validation does not respond' do
+      auth_host = 'notvalid.com'
+      dynamic_validation_endpoint =
+        'https://login.microsoftonline.com/common/discovery/instance?api-vers' \
+        "ion=1.0&authorization_endpoint=https://#{auth_host}/#{tenant}/oauth2" \
+        '/authorize'
+      auth = ADAL::Authority.new('notvalid.com', tenant, true)
+      stub_request(:get, dynamic_validation_endpoint).to_return(status: 500)
+      expect(auth.validate).to be_falsey
+    end
+
+    it 'should be false if dynamic validation response is invalid' do
+      auth_host = 'notvalid.com'
+      dynamic_validation_endpoint =
+        'https://login.microsoftonline.com/common/discovery/instance?api-vers' \
+        "ion=1.0&authorization_endpoint=https://#{auth_host}/#{tenant}/oauth2" \
+        '/authorize'
+      auth = ADAL::Authority.new('notvalid.com', tenant, true)
+      stub_request(:get, dynamic_validation_endpoint)
+        .to_return(status: 200, body: '{}')
+      expect(auth.validate).to be_falsey
+    end
+  end
+end

data/spec/adal/cache_driver_spec.rb

@@ -0,0 +1,191 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2015 Micorosft Corporation
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#-------------------------------------------------------------------------------
+
+require_relative '../spec_helper'
+require_relative '../support/fake_data'
+
+include FakeData
+
+describe ADAL::CacheDriver do
+  let(:authority) { ADAL::Authority.new(AUTHORITY, TENANT) }
+  let(:client_id) { CLIENT_ID }
+  let(:client) { ADAL::ClientCredential.new(client_id) }
+  let(:driver) { ADAL::CacheDriver.new(authority, client, token_cache) }
+  let(:success_response) { ADAL::SuccessResponse.new }
+
+  describe '#add' do
+    let(:token_cache) { ADAL::MemoryCache.new }
+
+    context 'with an empty memory cache' do
+      before(:each) { driver.add(success_response) }
+
+      it 'should leave the cache with exactly one entry' do
+        expect(token_cache.entries.size).to eq 1
+      end
+
+      it 'should put the token response in the token cache' do
+        expect(token_cache.entries.map(&:token_response))
+          .to include success_response
+      end
+    end
+
+    context 'when the cache already contains the entry' do
+      before(:each) do
+        driver.add(success_response)
+        driver.add(success_response)
+      end
+
+      it 'should not put a duplicate in the cache' do
+        expect(token_cache.entries.uniq).to match_array(token_cache.entries)
+      end
+
+      it 'should leave the cache with the same number of entries' do
+        expect(token_cache.entries.size).to eq 1
+      end
+    end
+
+    context 'when the cache contains non-matching entries' do
+      let(:idtoken1) { JWT.encode({ upn: 'user1' }, '') }
+      let(:idtoken2) { JWT.encode({ upn: 'user2' }, '') }
+      let(:token1) { ADAL::SuccessResponse.new(id_token: idtoken1) }
+      let(:token2) { ADAL::SuccessResponse.new(id_token: idtoken2) }
+      before(:each) do
+        driver.add(token1)
+        driver.add(token2)
+        driver.add(ADAL::SuccessResponse.new(refresh_token: REFRESH_TOKEN,
+                                             resource: RESOURCE,
+                                             id_token: idtoken1))
+      end
+
+      it 'should update the refresh tokens of the matching entries' do
+        expect(token1.refresh_token).to eq(REFRESH_TOKEN)
+      end
+
+      it 'should not update the refresh tokens of the non-matching entries' do
+        expect(token2.refresh_token).to be nil
+      end
+    end
+  end
+
+  describe '#find' do
+    let(:token_cache) { ADAL::MemoryCache.new }
+    let(:resource1) { 'resource1' }
+    let(:resource2) { 'resource2' }
+    let(:user1) { 'user1' }
+    let(:user2) { 'user2' }
+    let(:user3) { 'user3' }
+    let(:expiry) { 100 }
+    let(:response1) do
+      ADAL::SuccessResponse.new(resource: resource1,
+                                user_info: user1,
+                                expires_in: expiry)
+    end
+    let(:response2) do
+      ADAL::SuccessResponse.new(resource: resource1,
+                                user_info: user2,
+                                expires_in: expiry,
+                                refresh_token: REFRESH_TOKEN)
+    end
+    before(:each) do
+      driver.add(response1)
+      driver.add(response2)
+    end
+
+    let(:query) { { user_info: user, resource: resource } }
+    subject { driver.find(query) }
+
+    context 'with a user that is not in the cache' do
+      let(:resource) { resource1 }
+      let(:user) { user3 }
+      it { is_expected.to be nil }
+    end
+
+    context 'with a user that is in the cache' do
+      let(:user) { user2 }
+
+      context 'with a resource that is in the cache' do
+        let(:resource) { resource1 }
+
+        context 'which is expired' do
+          let(:expiry) { -10 }
+          let(:updated_access_token) { 'some access token' }
+          let(:refresh_response) do
+            double(body: "{\"access_token\": \"#{updated_access_token}\", \"r" \
+                         "esource\": \"#{resource1}\"}")
+          end
+          before(:each) do
+            allow_any_instance_of(Net::HTTP).to receive(:request)
+              .and_return(refresh_response)
+          end
+
+          it { is_expected.to_not be_nil }
+          it 'should refresh the access token' do
+            expect(subject.access_token).to eq(updated_access_token)
+          end
+        end
+
+        context 'which is not expired' do
+          it { is_expected.to be response2 }
+        end
+      end
+
+      context 'with a resource that is not in the cache' do
+        let(:resource) { resource2 }
+
+        context 'without an mrrt' do
+          let(:user) { user1 }
+          it { is_expected.to be nil }
+        end
+
+        context 'with an mrrt' do
+          it { is_expected.to_not be nil }
+          it 'should fetch a new access token from OAuth' do
+            expect(subject.access_token).to eq(RETURNED_TOKEN)
+          end
+        end
+      end
+    end
+
+    context 'with no cache' do
+      let(:token_cache) { ADAL::NoopCache.new }
+      let(:user) { user1 }
+      let(:resource) { resource1 }
+
+      it { is_expected.to be_nil }
+      it { expect { subject }.to_not raise_error }
+    end
+  end
+
+  context 'with a nonmatching client' do
+    describe '#find' do
+      let(:query) { { resource: RESOURCE, client_id: client.client_id } }
+      subject { driver.find(query) }
+
+      let(:token_cache) { ADAL::MemoryCache.new }
+      before(:each) do
+        driver.add(ADAL::SuccessResponse.new(client_id: 'different client id'))
+      end
+
+      it { is_expected.to be_nil }
+    end
+  end
+end

data/spec/adal/cached_token_response_spec.rb

@@ -0,0 +1,148 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2015 Micorosft Corporation
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#-------------------------------------------------------------------------------
+
+require_relative '../support/fake_data'
+require_relative '../spec_helper'
+
+include FakeData
+
+describe ADAL::CachedTokenResponse do
+  let(:authority) { ADAL::Authority.new(AUTHORITY, TENANT) }
+  let(:client) { ADAL::ClientCredential.new(CLIENT_ID) }
+  let(:expires_in) { 100 }
+  let(:resource) { RESOURCE }
+  let(:refresh_token) { REFRESH_TOKEN }
+  let(:response) do
+    ADAL::SuccessResponse.new(
+      resource: resource, refresh_token: refresh_token, expires_in: expires_in)
+  end
+
+  describe '#initialize' do
+    subject { -> { ADAL::CachedTokenResponse.new(client, authority, resp) } }
+
+    context 'with a SuccessResponse' do
+      let(:resp) { ADAL::SuccessResponse.new }
+
+      it { is_expected.to_not raise_error }
+    end
+
+    context 'with an ErrorResponse' do
+      let(:resp) { ADAL::ErrorResponse.new }
+
+      it { is_expected.to raise_error ArgumentError }
+    end
+  end
+
+  describe '#validate' do
+    subject do
+      ADAL::CachedTokenResponse.new(client, authority, response).validate
+    end
+
+    context 'with a non expired token' do
+      let(:expires_in) { 100 }
+
+      it { is_expected.to be_truthy }
+    end
+
+    context 'with an expired token' do
+      let(:expires_in) { -100 }
+
+      context 'with no refresh token' do
+        let(:refresh_token) { nil }
+
+        it { is_expected.to be_falsey }
+      end
+
+      context 'with a refresh token that fails to refresh' do
+        let(:refresh_token) { REFRESH_TOKEN }
+        before(:each) { stub_request(:post, /.*/).and_return(status: 500) }
+
+        it { is_expected.to be_falsey }
+      end
+    end
+  end
+
+  describe '#mrrt?' do
+    subject { ADAL::CachedTokenResponse.new(client, authority, response) }
+
+    context 'with a refresh_token' do
+      let(:refresh_token) { REFRESH_TOKEN }
+
+      context 'with a resource' do
+        let(:resource) { RESOURCE }
+        it { is_expected.to be_mrrt }
+      end
+
+      context 'without a resource' do
+        let(:resource) { nil }
+        it { is_expected.to_not be_mrrt }
+      end
+    end
+
+    context 'wihout a refresh_token' do
+      let(:refresh_token) { nil }
+
+      context 'with a resource' do
+        let(:resource) { RESOURCE }
+        it { is_expected.to_not be_mrrt }
+      end
+
+      context 'without a resource' do
+        let(:resource) { nil }
+        it { is_expected.to_not be_mrrt }
+      end
+    end
+  end
+
+  describe '#can_refresh?' do
+    let(:other) { ADAL::CachedTokenResponse.new(client, oauthority, response) }
+    subject do
+      ADAL::CachedTokenResponse.new(client, authority, response)
+        .can_refresh?(other)
+    end
+
+    context 'when not an mrrt' do
+      let(:oauthority) { authority }
+      let(:refresh_token) { nil }
+
+      it { is_expected.to be_falsey }
+    end
+
+    context 'when an mrrt' do
+      context 'when fields match' do
+        let(:oauthority) { authority }
+        it { is_expected.to be_truthy }
+      end
+
+      context 'when fields do not match' do
+        let(:oauthority) { 'some other authority' }
+        it { is_expected.to be_falsey }
+      end
+    end
+  end
+
+  it 'provides proxy access to token response fields' do
+    expect(
+      ADAL::CachedTokenResponse.new(client, AUTHORITY, response).resource
+    ).to eq RESOURCE
+  end
+end

data/spec/adal/client_assertion_certificate_spec.rb

@@ -0,0 +1,113 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2015 Micorosft Corporation
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#-------------------------------------------------------------------------------
+
+require_relative '../spec_helper'
+
+require 'jwt'
+
+include FakeData
+
+describe ADAL::ClientAssertionCertificate do
+  describe '#initialize' do
+    let(:auth) { ADAL::Authority.new(AUTHORITY, TENANT) }
+    let(:cert) { OpenSSL::X509::Certificate.new }
+
+    it "should fail if the public key isn't large enough" do
+      # The key is an integer number of bytes so we have to subtract at least 8.
+      too_few_bits = ADAL::ClientAssertionCertificate::MIN_KEY_SIZE_BITS - 8
+      key = OpenSSL::PKey::RSA.new(too_few_bits)
+      cert.public_key = key.public_key
+      pfx = OpenSSL::PKCS12.create('', '', key, cert)
+      expect do
+        ADAL::ClientAssertionCertificate.new(auth, CLIENT_ID, pfx)
+      end.to raise_error(ArgumentError)
+    end
+
+    it 'should succeed if the public key is the minimum size' do
+      just_enough_bits = ADAL::ClientAssertionCertificate::MIN_KEY_SIZE_BITS
+      key = OpenSSL::PKey::RSA.new(just_enough_bits)
+      cert.public_key = key.public_key
+      pfx = OpenSSL::PKCS12.create('', '', key, cert)
+      expect do
+        ADAL::ClientAssertionCertificate.new(auth, CLIENT_ID, pfx)
+      end.to_not raise_error
+    end
+
+    it 'should fail if the certificate is not PKCS12' do
+      pfx = 'Not an OpenSSL::PKCS12'
+      expect { ADAL::ClientAssertionCertificate.new(auth, CLIENT_ID, pfx) }
+        .to raise_error ArgumentError
+    end
+
+    it 'should fail if the pkcs12 does not use valid rsa' do
+      key = OpenSSL::PKey::DSA.new 2048
+      cert.public_key = key.public_key
+      pfx = OpenSSL::PKCS12.create('', '', key, cert)
+      expect { ADAL::ClientAssertionCertificate.new(auth, CLIENT_ID, pfx) }
+        .to raise_error ArgumentError
+    end
+
+    it 'should fail if the pkcs12 does not use valid x509' do
+      key = OpenSSL::PKey::RSA.new 2048
+      cert.public_key = key.public_key
+      pfx = OpenSSL::PKCS12.create('', '', key, cert)
+
+      # In practice, no one would ever do this. But we do check for it just in
+      # case.
+      pfx.instance_variable_set(:@certificate, 'Not an x509 certificate')
+      expect { ADAL::ClientAssertionCertificate.new(auth, CLIENT_ID, pfx) }
+        .to raise_error ArgumentError
+    end
+  end
+
+  describe '#request_params' do
+    ONE_YEAR_IN_SECONDS = 60 * 60 * 24 * 365
+    let(:cert) { OpenSSL::X509::Certificate.new }
+    before(:each) do
+      key = OpenSSL::PKey::RSA.new 2048
+      cert.public_key = key.public_key
+      @pfx = OpenSSL::PKCS12.create('', '', key, cert)
+      @assertion_cert = ADAL::ClientAssertionCertificate.new(
+        ADAL::Authority.new(AUTHORITY, TENANT), CLIENT_ID, @pfx)
+    end
+
+    it 'should contain client id, client assertion and client assertion type' do
+      params = @assertion_cert.request_params
+      expect(params.keys).to contain_exactly(
+        :client_id, :client_assertion, :client_assertion_type)
+    end
+
+    it 'should have client assertion type be JWT_BEARER' do
+      expect(
+        @assertion_cert.request_params[:client_assertion_type]
+      ).to eq('urn:ietf:params:oauth:grant-type:jwt-bearer')
+    end
+
+    it 'should have an assertion that is a decodable JWT' do
+      expect do
+        JWT.decode(@assertion_cert.request_params[:client_assertion],
+                   cert.public_key,
+                   options: { verify_not_before: false })
+      end.to_not raise_error
+    end
+  end
+end

data/spec/adal/client_assertion_spec.rb

@@ -0,0 +1,38 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2015 Micorosft Corporation
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#-------------------------------------------------------------------------------
+
+require_relative '../spec_helper'
+
+include FakeData
+
+describe ADAL::ClientAssertion do
+  describe '#initialize' do
+    it 'should fail if any parameters are nil' do
+      expect do
+        ADAL::ClientAssertion.new(nil, ASSERTION)
+      end.to raise_error(ArgumentError)
+      expect do
+        ADAL::ClientAssertion.new(CLIENT_ID, nil)
+      end.to raise_error(ArgumentError)
+    end
+  end
+end

data/spec/adal/core_ext/hash_spec.rb

@@ -0,0 +1,47 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2015 Micorosft Corporation
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+#-------------------------------------------------------------------------------
+
+require 'spec_helper'
+
+using ADAL::CoreExt
+
+describe Hash do
+  describe '#reverse_merge' do
+    it 'should work on empty hashes' do
+      expect({}.reverse_merge({})).to eq({})
+    end
+
+    it 'should work just like merge if the keys do not conflict' do
+      hash1 = { a: 5, b: 10 }
+      hash2 = { c: 8, d: 12 }
+      expect(hash1.reverse_merge(hash2)).to eq(hash1.merge(hash2))
+      expect(hash2.reverse_merge(hash1)).to eq(hash2.merge(hash1))
+    end
+
+    it "should prefer self's values to other_hash's values" do
+      hash1 = { a: 5, c: 10 }
+      hash2 = { a: 6, b: 15 }
+      expect(hash1.reverse_merge(hash2)).to eq(a: 5, b: 15, c: 10)
+      expect(hash2.reverse_merge(hash1)).to eq(a: 6, b: 15, c: 10)
+    end
+  end
+end