faye-authentication 0.1.0

data/spec/javascripts/support/jasmine.yml

@@ -0,0 +1,124 @@
+# src_files
+#
+# Return an array of filepaths relative to src_dir to include before jasmine specs.
+# Default: []
+#
+# EXAMPLE:
+#
+# src_files:
+#   - lib/source1.js
+#   - lib/source2.js
+#   - dist/**/*.js
+#
+src_files:
+  - app/assets/javascripts/*.js
+  - spec/utils/javascripts/*.js
+
+# stylesheets
+#
+# Return an array of stylesheet filepaths relative to src_dir to include before jasmine specs.
+# Default: []
+#
+# EXAMPLE:
+#
+# stylesheets:
+#   - css/style.css
+#   - stylesheets/*.css
+#
+stylesheets:
+  - stylesheets/**/*.css
+
+# helpers
+#
+# Return an array of filepaths relative to spec_dir to include before jasmine specs.
+# Default: ["helpers/**/*.js"]
+#
+# EXAMPLE:
+#
+# helpers:
+#   - helpers/**/*.js
+#
+helpers:
+  - 'helpers/**/*.js'
+
+# spec_files
+#
+# Return an array of filepaths relative to spec_dir to include.
+# Default: ["**/*[sS]pec.js"]
+#
+# EXAMPLE:
+#
+# spec_files:
+#   - **/*[sS]pec.js
+#
+spec_files:
+  - '**/*[sS]pec.js'
+
+# src_dir
+#
+# Source directory path. Your src_files must be returned relative to this path. Will use root if left blank.
+# Default: project root
+#
+# EXAMPLE:
+#
+# src_dir: public
+#
+src_dir:
+
+# spec_dir
+#
+# Spec directory path. Your spec_files must be returned relative to this path.
+# Default: spec/javascripts
+#
+# EXAMPLE:
+#
+# spec_dir: spec/javascripts
+#
+spec_dir:
+
+# spec_helper
+#
+# Ruby file that Jasmine server will require before starting.
+# Returned relative to your root path
+# Default spec/javascripts/support/jasmine_helper.rb
+#
+# EXAMPLE:
+#
+# spec_helper: spec/javascripts/support/jasmine_helper.rb
+#
+spec_helper: spec/javascripts/support/jasmine_helper.rb
+
+# boot_dir
+#
+# Boot directory path. Your boot_files must be returned relative to this path.
+# Default: Built in boot file
+#
+# EXAMPLE:
+#
+# boot_dir: spec/javascripts/support/boot
+#
+boot_dir:
+
+# boot_files
+#
+# Return an array of filepaths relative to boot_dir to include in order to boot Jasmine
+# Default: Built in boot file
+#
+# EXAMPLE
+#
+# boot_files:
+#   - '**/*.js'
+#
+boot_files:
+
+# rack_options
+#
+# Extra options to be passed to the rack server
+# by default, Port and AccessLog are passed.
+#
+# This is an advanced options, and left empty by default
+#
+# EXAMPLE
+#
+# rack_options:
+#   server: 'thin'

data/spec/javascripts/support/jasmine_helper.rb

@@ -0,0 +1,29 @@
+#Use this file to set/override Jasmine configuration options
+#You can remove it if you don't need it.
+#This file is loaded *after* jasmine.yml is interpreted.
+#
+#Example: using a different boot file.
+#Jasmine.configure do |config|
+#   config.boot_dir = '/absolute/path/to/boot_dir'
+#   config.boot_files = lambda { ['/absolute/path/to/boot_dir/file.js'] }
+#end
+#
+
+require 'faye'
+require 'faye/authentication'
+require 'rack'
+
+FAYE_SECRET_KEY = 'macaroni'
+
+# Start faye web server.
+fork do
+    Faye::WebSocket.load_adapter('thin')
+    faye = Faye::RackAdapter.new(:mount => '/faye')
+    faye.add_extension Faye::Authentication::Extension.new(FAYE_SECRET_KEY)
+   Rack::Handler::Thin.run faye, :Port => 9296
+end.tap do |id|
+  parent = $$
+  at_exit {
+    Process.kill("KILL", id) if $$ == parent # Only if the parent process exits
+  }
+end

data/spec/lib/faye/authentication/extension_spec.rb

@@ -0,0 +1,45 @@
+require 'spec_helper'
+require 'faye/authentication/extension'
+
+describe Faye::Authentication::Extension do
+
+  let(:secret) { 'macaroni' }
+  let(:extension) { Faye::Authentication::Extension.new(secret) }
+
+  it 'does not add an eror if the message is correctly signed' do
+    message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever'}
+    signature = Faye::Authentication.sign(message, secret)
+    message['signature'] = signature
+
+    result = nil
+
+    extension.incoming(message, ->(m) { result = m });
+
+    expect(result).to_not have_key('error')
+  end
+
+  it 'adds an eror if the message is not signed' do
+    message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever'}
+    result = nil
+    extension.incoming(message, ->(m) { result = m });
+
+    expect(result).to have_key('error')
+  end
+
+  it 'adds an error if the signature is incorrect' do
+    message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever', 'signature' => 'hello'}
+    result = nil
+    extension.incoming(message, ->(m) { result = m });
+
+    expect(result).to have_key('error')
+  end
+
+  ['/meta/handshake', '/meta/connect', '/meta/unsubscribe', '/meta/disconnect'].each do |channel|
+    it "does not check the signature for #{channel}" do
+      message = {'channel' => channel, 'clientId' => '42', 'text' => 'whatever', 'signature' => 'hello'}
+      expect(Faye::Authentication).to_not receive(:valid?)
+      extension.incoming(message, ->(_) {});
+    end
+  end
+
+end

data/spec/lib/faye/authentication/http_client_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper'
+require 'faye/authentication'
+
+describe Faye::Authentication::HTTPClient do
+
+  describe '.publish' do
+
+    it 'should publish a HTTP request with correct params' do
+      message = {'channel' => '/foo/bar', 'data' => 'hello', 'clientId' => 'http'}
+      message['signature'] = Faye::Authentication.sign(message, 'my private key')
+      request = stub_request(:post, "http://www.example.com").with(:body => {:message => JSON.dump(message)}).to_return(:status => 200, :body => "", :headers => {})
+      Faye::Authentication::HTTPClient.publish('http://www.example.com', '/foo/bar', "hello", 'my private key')
+      expect(request).to have_been_made
+    end
+
+  end
+
+end

data/spec/lib/faye/authentication_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+require 'faye/authentication'
+
+describe Faye::Authentication do
+
+  let(:secret) { 'helloworld' }
+
+  describe '#valid?' do
+    it 'returns true if the message is correctly signed' do
+      message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever'}
+      signature = Faye::Authentication.sign(message, secret)
+      message['signature'] = signature
+      expect(Faye::Authentication.valid?(message, secret)).to be(true)
+    end
+
+    it 'returns false if the message if keys differ' do
+      message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever'}
+      signature = Faye::Authentication.sign(message, secret)
+      message['signature'] = signature
+      expect(Faye::Authentication.valid?(message, secret + 'foo')).to be(false)
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,86 @@
+# This file was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# The generated `.rspec` file contains `--require spec_helper` which will cause this
+# file to always be loaded, without a need to explicitly require it in any files.
+#
+# Given that it is always loaded, you are encouraged to keep this file as
+# light-weight as possible. Requiring heavyweight dependencies from this file
+# will add to the boot time of your test suite on EVERY test run, even for an
+# individual file that may not need all of that loaded. Instead, make a
+# separate helper file that requires this one and then use it only in the specs
+# that actually need it.
+#
+# The `.rspec` file also contains a few flags that are not defaults but that
+# users commonly want.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+require 'webmock/rspec'
+
+RSpec.configure do |config|
+# The settings below are suggested to provide a good initial experience
+# with RSpec, but feel free to customize to your heart's content.
+=begin
+  # These two settings work together to allow you to limit a spec run
+  # to individual examples or groups you care about by tagging them with
+  # `:focus` metadata. When nothing is tagged with `:focus`, all examples
+  # get run.
+  config.filter_run :focus
+  config.run_all_when_everything_filtered = true
+
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # RSpec filters the backtrace by default so as not to be so noisy.
+    # This causes the full backtrace to be printed when running a single
+    # spec file (e.g. to troubleshoot a particular spec failure).
+    config.full_backtrace = true
+
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = 'doc'
+  end
+
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # Enable only the newer, non-monkey-patching expect syntax.
+    # For more details, see:
+    #   - http://myronmars.to/n/dev-blog/2012/06/rspecs-new-expectation-syntax
+    expectations.syntax = :expect
+  end
+
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Enable only the newer, non-monkey-patching expect syntax.
+    # For more details, see:
+    #   - http://teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
+    mocks.syntax = :expect
+
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended.
+    mocks.verify_partial_doubles = true
+  end
+=end
+end