eac-rack 1.1.1

data/rack.gemspec

@@ -0,0 +1,38 @@
+Gem::Specification.new do |s|
+  s.name            = "eac-rack"
+  s.version         = "1.1.1"
+  s.platform        = Gem::Platform::RUBY
+  s.summary         = "a modular Ruby webserver interface"
+
+  s.description = <<-EOF
+Rack provides minimal, modular and adaptable interface for developing
+web applications in Ruby.  By wrapping HTTP requests and responses in
+the simplest way possible, it unifies and distills the API for web
+servers, web frameworks, and software in between (the so-called
+middleware) into a single method call.
+
+Also see http://rack.rubyforge.org.
+EOF
+
+  s.files           = Dir['{bin/*,contrib/*,example/*,lib/**/*}'] +
+                        %w(COPYING KNOWN-ISSUES rack.gemspec README)
+  s.bindir          = 'bin'
+  s.executables     << 'rackup'
+  s.require_path    = 'lib'
+  s.has_rdoc        = true
+  s.extra_rdoc_files = ['README', 'KNOWN-ISSUES']
+  s.test_files      = Dir['test/{test,spec}_*.rb']
+
+  s.author          = 'Christian Neukirchen'
+  s.email           = 'chneukirchen@gmail.com'
+  s.homepage        = 'http://rack.rubyforge.org'
+  #s.rubyforge_project = 'rack'
+
+  s.add_development_dependency 'test-spec'
+
+  s.add_development_dependency 'camping'
+  s.add_development_dependency 'fcgi'
+  s.add_development_dependency 'memcache-client'
+  s.add_development_dependency 'mongrel'
+  s.add_development_dependency 'thin'
+end

data/test/spec_rack_auth_basic.rb

@@ -0,0 +1,73 @@
+require 'test/spec'
+
+require 'rack/auth/basic'
+require 'rack/mock'
+
+context 'Rack::Auth::Basic' do
+
+  def realm
+    'WallysWorld'
+  end
+  
+  def unprotected_app
+    lambda { |env| [ 200, {'Content-Type' => 'text/plain'}, ["Hi #{env['REMOTE_USER']}"] ] }
+  end
+  
+  def protected_app
+    app = Rack::Auth::Basic.new(unprotected_app) { |username, password| 'Boss' == username }
+    app.realm = realm
+    app
+  end
+
+  setup do
+    @request = Rack::MockRequest.new(protected_app)
+  end
+
+  def request_with_basic_auth(username, password, &block)
+    request 'HTTP_AUTHORIZATION' => 'Basic ' + ["#{username}:#{password}"].pack("m*"), &block
+  end
+
+  def request(headers = {})
+    yield @request.get('/', headers)
+  end
+
+  def assert_basic_auth_challenge(response)
+    response.should.be.a.client_error
+    response.status.should.equal 401
+    response.should.include 'WWW-Authenticate'
+    response.headers['WWW-Authenticate'].should =~ /Basic realm="#{Regexp.escape(realm)}"/
+    response.body.should.be.empty
+  end
+
+  specify 'should challenge correctly when no credentials are specified' do
+    request do |response|
+      assert_basic_auth_challenge response
+    end
+  end
+
+  specify 'should rechallenge if incorrect credentials are specified' do
+    request_with_basic_auth 'joe', 'password' do |response|
+      assert_basic_auth_challenge response
+    end
+  end
+
+  specify 'should return application output if correct credentials are specified' do
+    request_with_basic_auth 'Boss', 'password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Boss'
+    end
+  end
+  
+  specify 'should return 400 Bad Request if different auth scheme used' do
+    request 'HTTP_AUTHORIZATION' => 'Digest params' do |response|
+      response.should.be.a.client_error
+      response.status.should.equal 400
+      response.should.not.include 'WWW-Authenticate'
+    end
+  end
+
+  specify 'realm as optional constructor arg' do
+    app = Rack::Auth::Basic.new(unprotected_app, realm) { true }
+    assert_equal realm, app.realm
+  end
+end

data/test/spec_rack_auth_digest.rb

@@ -0,0 +1,226 @@
+require 'test/spec'
+
+require 'rack/auth/digest/md5'
+require 'rack/mock'
+
+context 'Rack::Auth::Digest::MD5' do
+
+  def realm
+    'WallysWorld'
+  end
+
+  def unprotected_app
+    lambda do |env|
+      [ 200, {'Content-Type' => 'text/plain'}, ["Hi #{env['REMOTE_USER']}"] ]
+    end
+  end
+
+  def protected_app
+    app = Rack::Auth::Digest::MD5.new(unprotected_app) do |username|
+      { 'Alice' => 'correct-password' }[username]
+    end
+    app.realm = realm
+    app.opaque = 'this-should-be-secret'
+    app
+  end
+
+  def protected_app_with_hashed_passwords
+    app = Rack::Auth::Digest::MD5.new(unprotected_app) do |username|
+      username == 'Alice' ? Digest::MD5.hexdigest("Alice:#{realm}:correct-password") : nil
+    end
+    app.realm = realm
+    app.opaque = 'this-should-be-secret'
+    app.passwords_hashed = true
+    app
+  end
+
+  def partially_protected_app
+    Rack::URLMap.new({
+      '/' => unprotected_app,
+      '/protected' => protected_app
+    })
+  end
+
+  def protected_app_with_method_override
+    Rack::MethodOverride.new(protected_app)
+  end
+
+  setup do
+    @request = Rack::MockRequest.new(protected_app)
+  end
+
+  def request(method, path, headers = {}, &block)
+    response = @request.request(method, path, headers)
+    block.call(response) if block
+    return response
+  end
+
+  class MockDigestRequest
+    def initialize(params)
+      @params = params
+    end
+    def method_missing(sym)
+      if @params.has_key? k = sym.to_s
+        return @params[k]
+      end
+      super
+    end
+    def method
+      @params['method']
+    end
+    def response(password)
+      Rack::Auth::Digest::MD5.new(nil).send :digest, self, password
+    end
+  end
+
+  def request_with_digest_auth(method, path, username, password, options = {}, &block)
+    request_options = {}
+    request_options[:input] = options.delete(:input) if options.include? :input
+
+    response = request(method, path, request_options)
+
+    return response unless response.status == 401
+
+    if wait = options.delete(:wait)
+      sleep wait
+    end
+
+    challenge = response['WWW-Authenticate'].split(' ', 2).last
+
+    params = Rack::Auth::Digest::Params.parse(challenge)
+
+    params['username'] = username
+    params['nc'] = '00000001'
+    params['cnonce'] = 'nonsensenonce'
+    params['uri'] = path
+
+    params['method'] = method
+
+    params.update options
+
+    params['response'] = MockDigestRequest.new(params).response(password)
+
+    request(method, path, request_options.merge('HTTP_AUTHORIZATION' => "Digest #{params}"), &block)
+  end
+
+  def assert_digest_auth_challenge(response)
+    response.should.be.a.client_error
+    response.status.should.equal 401
+    response.should.include 'WWW-Authenticate'
+    response.headers['WWW-Authenticate'].should =~ /^Digest /
+    response.body.should.be.empty
+  end
+
+  def assert_bad_request(response)
+    response.should.be.a.client_error
+    response.status.should.equal 400
+    response.should.not.include 'WWW-Authenticate'
+  end
+
+  specify 'should challenge when no credentials are specified' do
+    request 'GET', '/' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+
+  specify 'should return application output if correct credentials given' do
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'should return application output if correct credentials given (hashed passwords)' do
+    @request = Rack::MockRequest.new(protected_app_with_hashed_passwords)
+
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'should rechallenge if incorrect username given' do
+    request_with_digest_auth 'GET', '/', 'Bob', 'correct-password' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+
+  specify 'should rechallenge if incorrect password given' do
+    request_with_digest_auth 'GET', '/', 'Alice', 'wrong-password' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+
+  specify 'should rechallenge with stale parameter if nonce is stale' do
+    begin
+      Rack::Auth::Digest::Nonce.time_limit = 1
+
+      request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', :wait => 2 do |response|
+        assert_digest_auth_challenge response
+        response.headers['WWW-Authenticate'].should =~ /\bstale=true\b/
+      end
+    ensure
+      Rack::Auth::Digest::Nonce.time_limit = nil
+    end
+  end
+
+  specify 'should return 400 Bad Request if incorrect qop given' do
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'qop' => 'auth-int' do |response|
+      assert_bad_request response
+    end
+  end
+
+  specify 'should return 400 Bad Request if incorrect uri given' do
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'uri' => '/foo' do |response|
+      assert_bad_request response
+    end
+  end
+
+  specify 'should return 400 Bad Request if different auth scheme used' do
+    request 'GET', '/', 'HTTP_AUTHORIZATION' => 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==' do |response|
+      assert_bad_request response
+    end
+  end
+
+  specify 'should not require credentials for unprotected path' do
+    @request = Rack::MockRequest.new(partially_protected_app)
+    request 'GET', '/' do |response|
+      response.should.be.ok
+    end
+  end
+
+  specify 'should challenge when no credentials are specified for protected path' do
+    @request = Rack::MockRequest.new(partially_protected_app)
+    request 'GET', '/protected' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+
+  specify 'should return application output if correct credentials given for protected path' do
+    @request = Rack::MockRequest.new(partially_protected_app)
+    request_with_digest_auth 'GET', '/protected', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'should return application output if correct credentials given for POST' do
+    request_with_digest_auth 'POST', '/', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'should return application output if correct credentials given for PUT (using method override of POST)' do
+    @request = Rack::MockRequest.new(protected_app_with_method_override)
+    request_with_digest_auth 'POST', '/', 'Alice', 'correct-password', :input => "_method=put" do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'realm as optional constructor arg' do
+    app = Rack::Auth::Digest::MD5.new(unprotected_app, realm) { true }
+    assert_equal realm, app.realm
+  end
+end

data/test/spec_rack_builder.rb

@@ -0,0 +1,84 @@
+require 'test/spec'
+
+require 'rack/builder'
+require 'rack/mock'
+require 'rack/showexceptions'
+require 'rack/auth/basic'
+
+context "Rack::Builder" do
+  specify "chains apps by default" do
+    app = Rack::Builder.new do
+      use Rack::ShowExceptions
+      run lambda { |env| raise "bzzzt" }
+    end.to_app
+
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+  end
+
+  specify "has implicit #to_app" do
+    app = Rack::Builder.new do
+      use Rack::ShowExceptions
+      run lambda { |env| raise "bzzzt" }
+    end
+
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+  end
+
+  specify "supports blocks on use" do
+    app = Rack::Builder.new do
+      use Rack::ShowExceptions
+      use Rack::Auth::Basic do |username, password|
+        'secret' == password
+      end
+
+      run lambda { |env| [200, {}, ['Hi Boss']] }
+    end
+
+    response = Rack::MockRequest.new(app).get("/")
+    response.should.be.client_error
+    response.status.should.equal 401
+
+    # with auth...
+    response = Rack::MockRequest.new(app).get("/", 
+        'HTTP_AUTHORIZATION' => 'Basic ' + ["joe:secret"].pack("m*"))
+    response.status.should.equal 200
+    response.body.to_s.should.equal 'Hi Boss'
+  end
+
+  specify "has explicit #to_app" do
+    app = Rack::Builder.app do
+      use Rack::ShowExceptions
+      run lambda { |env| raise "bzzzt" }
+    end
+
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+  end
+
+  specify "apps are initialized once" do
+    app = Rack::Builder.new do
+      class AppClass
+        def initialize
+          @called = 0
+        end
+        def call(env)
+          raise "bzzzt"  if @called > 0
+        @called += 1
+          [200, {'Content-Type' => 'text/plain'}, ['OK']]
+        end
+      end
+
+      use Rack::ShowExceptions
+      run AppClass.new
+    end
+
+    Rack::MockRequest.new(app).get("/").status.should.equal 200
+    Rack::MockRequest.new(app).get("/").should.be.server_error
+  end
+
+end

data/test/spec_rack_camping.rb

@@ -0,0 +1,51 @@
+require 'test/spec'
+require 'stringio'
+require 'uri'
+
+begin
+  require 'rack/mock'
+
+  $-w, w = nil, $-w               # yuck
+  require 'camping'
+  require 'rack/adapter/camping'
+
+  Camping.goes :CampApp
+  module CampApp
+    module Controllers
+      class HW < R('/')
+        def get
+          @headers["X-Served-By"] = URI("http://rack.rubyforge.org")
+          "Camping works!"
+        end
+
+        def post
+          "Data: #{input.foo}"
+        end
+      end
+    end
+  end
+  $-w = w
+
+  context "Rack::Adapter::Camping" do
+    specify "works with GET" do
+      res = Rack::MockRequest.new(Rack::Adapter::Camping.new(CampApp)).
+        get("/")
+
+      res.should.be.ok
+      res["Content-Type"].should.equal "text/html"
+      res["X-Served-By"].should.equal "http://rack.rubyforge.org"
+
+      res.body.should.equal "Camping works!"
+    end
+
+    specify "works with POST" do
+      res = Rack::MockRequest.new(Rack::Adapter::Camping.new(CampApp)).
+        post("/", :input => "foo=bar")
+
+      res.should.be.ok
+      res.body.should.equal "Data: bar"
+    end
+  end
+rescue LoadError
+  $stderr.puts "Skipping Rack::Adapter::Camping tests (Camping is required). `gem install camping` and try again."
+end