hassox-warden 0.2.1

data/spec/warden/errors_spec.rb

@@ -0,0 +1,46 @@
+require File.join(File.dirname(__FILE__), "..", 'spec_helper.rb')
+
+describe Warden::Proxy::Errors do
+ 
+  before(:each) do
+    @errors = Warden::Proxy::Errors.new
+  end
+ 
+  it "should report that it is empty on first creation" do
+    @errors.empty?.should == true
+  end
+ 
+  it "should continue to report that it is empty even after being checked" do
+    @errors.on(:foo)
+    @errors.empty?.should == true
+  end
+  
+  it "should add an error" do
+    @errors.add(:login, "Login or password incorrect")
+    @errors[:login].should == ["Login or password incorrect"]
+  end
+  
+  it "should allow many errors to be added to the same field" do
+    @errors.add(:login, "bad 1")
+    @errors.add(:login, "bad 2")
+    @errors.on(:login).should == ["bad 1", "bad 2"]
+  end
+  
+  it "should give the full messages for an error" do
+    @errors.add(:login, "login wrong")
+    @errors.add(:password, "password wrong")
+    ["password wrong", "login wrong"].each do |msg|
+      @errors.full_messages.should include(msg)
+    end
+  end
+  
+  it "should return the error for a specific field / label" do
+    @errors.add(:login, "wrong")
+    @errors.on(:login).should == ["wrong"]
+  end
+  
+  it "should return nil for a specific field if it's not been set" do
+    @errors.on(:not_there).should be_nil
+  end
+
+end

data/spec/warden/hooks_spec.rb

@@ -0,0 +1,103 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe "standard authentication hooks" do
+  
+  describe "after_set_user" do
+    before(:each) do
+      RAM = Warden::Manager unless defined?(RAM)
+      RAM._after_set_user.clear
+    end
+    
+    after(:each) do
+      RAM._after_set_user.clear
+    end
+    
+    it "should allow me to add an after_set_user hook" do
+      RAM.after_set_user do |user, auth, opts|
+        "boo"
+      end
+      RAM._after_set_user.should have(1).item
+    end
+    
+    it "should allow me to add multiple after_set_user hooks" do
+      RAM.after_set_user{|user, auth, opts| "foo"}
+      RAM.after_set_user{|u,a| "bar"}
+      RAM._after_set_user.should have(2).items
+    end
+    
+    it "should run each after_set_user hook after the user is set" do
+      RAM.after_set_user{|u,a,o| a.env['warden.spec.hook.foo'] = "run foo"}
+      RAM.after_set_user{|u,a,o| a.env['warden.spec.hook.bar'] = "run bar"}
+      app = lambda{|e| e['warden'].set_user("foo"); valid_response}
+      env = env_with_params
+      setup_rack(app).call(env)
+      env['warden.spec.hook.foo'].should == "run foo"
+      env['warden.spec.hook.bar'].should == "run bar"
+    end
+  end
+  
+  describe "after_authenticate" do
+    before(:each) do
+      RAM = Warden::Manager unless defined?(RAM)
+      RAM._after_authentication.clear
+    end
+    
+    after(:each) do
+      RAM._after_authentication.clear
+    end
+    
+    it "should allow me to add an after_authetnication hook" do
+      RAM.after_authentication{|user, auth, opts| "foo"}
+      RAM._after_authentication.should have(1).item
+    end
+    
+    it "should allow me to add multiple after_authetnication hooks" do
+      RAM.after_authentication{|u,a,o| "bar"}
+      RAM.after_authentication{|u,a,o| "baz"}
+      RAM._after_authentication.should have(2).items
+    end
+    
+    it "should run each after_authentication hook after authentication is run" do
+      RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.baz'] = "run baz"}
+      RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.paz'] = "run paz"}
+      app = lambda{|e| e['warden'].authenticated?(:pass); valid_response}
+      env = env_with_params
+      setup_rack(app).call(env)
+      env['warden.spec.hook.baz'].should == 'run baz'
+      env['warden.spec.hook.paz'].should == 'run paz'
+    end
+  end
+  
+  describe "before_failure" do
+    before(:each) do
+      RAM = Warden::Manager unless defined?(RAM)
+      RAM._before_failure.clear
+    end
+    
+    after(:each) do
+      RAM._before_failure.clear
+    end
+    
+    it "should allow me to add a before_failure hook" do
+      RAM.before_failure{|env, opts| "foo"}
+      RAM._before_failure.should have(1).item
+    end
+    
+    it "should allow me to add multiple before_failure hooks" do
+      RAM.before_failure{|env, opts| "foo"}
+      RAM.before_failure{|env, opts| "bar"}
+      RAM._before_failure.should have(2).items
+    end
+    
+    it "should run each before_failure hooks before failing" do
+      RAM.before_failure{|e,o| e['warden.spec.before_failure.foo'] = "foo"}
+      RAM.before_failure{|e,o| e['warden.spec.before_failure.bar'] = "bar"}
+      app = lambda{|e| e['warden'].authenticate!(:failz); valid_response}
+      env = env_with_params
+      setup_rack(app).call(env)
+      env['warden.spec.before_failure.foo'].should == "foo"
+      env['warden.spec.before_failure.bar'].should  == "bar"
+    end
+  end
+  
+end

data/spec/warden/manager_spec.rb

@@ -0,0 +1,158 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe Warden::Manager do
+
+  it "should insert a Base object into the rack env" do
+    env = env_with_params
+    setup_rack(success_app).call(env)
+    env["warden"].should be_an_instance_of(Warden::Proxy)
+  end
+  
+  describe "user storage" do
+    it "should take a user and store it in the provided session" do
+      session = {}
+      Warden::Manager._store_user("The User", session, "some_scope")
+      session["warden.user.some_scope.key"].should == "The User"
+    end
+  end
+
+  describe "thrown auth" do
+    before(:each) do
+      @basic_app = lambda{|env| [200,{'Content-Type' => 'text/plain'},'OK']}
+      @authd_app = lambda do |e| 
+        if e['warden'].authenticated? 
+          [200,{'Content-Type' => 'text/plain'},"OK"]
+        else
+          [401,{'Content-Type' => 'text/plain'},"You Fail"]
+        end
+      end
+      @env = Rack::MockRequest.
+        env_for('/', 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET')
+    end # before(:each)
+    
+    describe "Failure" do
+      it "should respond with a 401 response if the strategy fails authentication" do
+         env = env_with_params("/", :foo => "bar")
+         app = lambda do |env|
+           env['warden'].authenticate(:failz)
+           throw(:warden, :action => :unauthenticated)
+         end
+         result = setup_rack(app, :failure_app => @fail_app).call(env)
+         result.first.should == 401
+      end
+    
+      it "should use the failure message given to the failure method" do
+        env = env_with_params("/", {})
+        app = lambda do |env|
+          env['warden'].authenticate(:failz)
+          throw(:warden, :action => :unauthenticated)
+        end
+        result = setup_rack(app, :failure_app => @fail_app).call(env)
+        result.last.should == ["You Fail!"]
+      end
+      
+      it "should render the failure app when there's a failure" do
+        app = lambda do |e| 
+          throw(:warden, :action => :unauthenticated) unless e['warden'].authenticated?(:failz)
+        end
+        fail_app = lambda do |e|
+          [401, {"Content-Type" => "text/plain"}, ["Failure App"]]
+        end
+        result = setup_rack(app, :failure_app => fail_app).call(env_with_params)
+        result.last.should == ["Failure App"]
+      end
+    end # failure
+    
+  end
+  
+  describe "integrated strategies" do
+    before(:each) do
+      RAS = Warden::Strategies unless defined?(RAS)
+      Warden::Strategies.clear!
+      @app = setup_rack do |env|
+        env['warden'].authenticate!(:foobar)
+        [200, {"Content-Type" => "text/plain"}, ["Foo Is A Winna"]]        
+      end
+    end
+
+    describe "redirecting" do
+  
+      it "should redirect with a message" do
+        RAS.add(:foobar) do
+          def authenticate!
+            redirect!("/foo/bar", {:foo => "bar"}, :message => "custom redirection message")
+          end
+        end
+        result = @app.call(env_with_params)
+        result[0].should == 302
+        result[1]["Location"].should == "/foo/bar?foo=bar"
+        result[2].should == ["custom redirection message"]
+      end
+      
+      it "should redirect with a default message" do
+        RAS.add(:foobar) do
+          def authenticate!
+            redirect!("/foo/bar", {:foo => "bar"})
+          end
+        end
+        result = @app.call(env_with_params)
+        result[0].should == 302
+        result[1]['Location'].should == "/foo/bar?foo=bar"
+        result[2].should == ["You are being redirected to /foo/bar?foo=bar"]
+      end
+      
+      it "should redirect with a permanent redirect" do
+        RAS.add(:foobar) do
+          def authenticate!
+            redirect!("/foo/bar", {}, :permanent => true)
+          end
+        end
+        result = @app.call(env_with_params)
+        result[0].should == 301
+      end
+    end
+  
+    describe "failing" do
+      it "should fail according to the failure app" do
+        RAS.add(:foobar) do
+          def authenticate!
+            fail!
+          end
+        end
+        env = env_with_params
+        result = @app.call(env)
+        result[0].should == 401
+        result[2].should == ["You Fail!"]
+        env['PATH_INFO'].should == "/unauthenticated"
+      end
+    end # failing
+    
+    describe "custom rack response" do
+      it "should return a custom rack response" do
+        RAS.add(:foobar) do
+          def authenticate!
+            custom!([523, {"Content-Type" => "text/plain", "Custom-Header" => "foo"}, ["Custom Stuff"]])
+          end
+        end
+        result = @app.call(env_with_params)
+        result[0].should == 523
+        result[1]["Custom-Header"].should == "foo"
+        result[2].should == ["Custom Stuff"]
+      end
+    end
+  
+    describe "success" do
+      it "should pass through to the application when there is success" do
+        RAS.add(:foobar) do
+          def authenticate!
+            success!("A User")
+          end
+        end
+        env = env_with_params
+        result = @app.call(env)
+        result[0].should == 200
+        result[2].should == ["Foo Is A Winna"]
+      end
+    end
+  end # integrated strategies
+end

data/spec/warden/proxy_spec.rb

@@ -0,0 +1,218 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe Warden::Proxy do
+  
+  before(:all) do
+    Dir[File.join(File.dirname(__FILE__), "strategies/**/*.rb")].each{|f| load f}
+  end
+
+  before(:each) do
+    @basic_app = lambda{|env| [200,{'Content-Type' => 'text/plain'},'OK']}
+    @authd_app = lambda do |e| 
+      if e['warden'].authenticated?
+        [200,{'Content-Type' => 'text/plain'},"OK"]
+      else
+        [401,{'Content-Type' => 'text/plain'},"You Fail"]
+      end
+    end
+    @env = Rack::MockRequest.
+      env_for('/', 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET')
+  end # before(:each)
+  
+  describe "authentication" do
+
+    it "should not check the authentication if it is not checked" do
+      app = setup_rack(@basic_app)
+      app.call(@env).first.should == 200
+    end
+
+    it "should check the authentication if it is explicity checked" do
+      app = setup_rack(@authd_app)
+      app.call(@env).first.should == 401
+    end
+
+    it "should not allow the request if incorrect conditions are supplied" do
+      env = env_with_params("/", :foo => "bar")
+      app = setup_rack(@authd_app)
+      response = app.call(env)
+      response.first.should == 401
+    end
+
+    it "should allow the request if the correct conditions are supplied" do
+      env = env_with_params("/", :username => "fred", :password => "sekrit")
+      app = setup_rack(@authd_app)
+      resp = app.call(env)
+      resp.first.should == 200
+    end
+    
+    describe "authenticate!" do
+      
+      it "should allow authentication in my application" do
+        env = env_with_params('/', :username => "fred", :password => "sekrit")
+        app = lambda do |env|
+          env['warden'].should be_authenticated
+          env['warden.spec.strategies'].should == [:password]
+        end
+      end
+      
+      it "should be false in my application" do
+        env = env_with_params("/", :foo => "bar")
+        app = lambda do |env|
+          env['warden'].should_not be_authenticated
+          env['warden.spec.strategies'].should == [:password]
+          valid_response
+        end
+        setup_rack(app).call(env)
+      end
+      
+      it "should allow me to select which strategies I use in my appliction" do
+        env = env_with_params("/", :foo => "bar")
+        app = lambda do |env|
+          env['warden'].should_not be_authenticated(:failz)
+          env['warden.spec.strategies'].should == [:failz]
+          valid_response
+        end
+        setup_rack(app).call(env)
+      end
+      
+      it "should allow me to get access to the user at warden.user." do
+        env = env_with_params("/")
+        app = lambda do |env|
+          env['warden'].should be_authenticated(:pass)
+          env['warden.spec.strategies'].should == [:pass]
+          valid_response
+        end
+        setup_rack(app).call(env)
+      end
+      
+      it "should try multiple authentication strategies" do
+        env = env_with_params("/")
+        app = lambda do |env|
+          env['warden'].should be_authenticated(:password, :pass)
+          env['warden.spec.strategies'].should == [:password, :pass]
+          valid_response
+        end
+        setup_rack(app).call(env)
+      end
+      
+      it "should look for an active user in the session with authenticate!" do
+        app = lambda do |env|
+          env['rack.session']["warden.user.default.key"] = "foo as a user"
+          env['warden'].authenticate!(:pass)
+          valid_response
+        end
+        env = env_with_params
+        setup_rack(app).call(env)
+        env['warden'].user.should == "foo as a user"
+      end
+      
+      it "should look for an active user in the session with authenticate?" do
+        app = lambda do |env|
+          env['rack.session']['warden.user.foo_scope.key'] = "a foo user"
+          env['warden'].authenticated?(:pass, :scope => :foo_scope)
+          valid_response
+        end
+        env = env_with_params
+        setup_rack(app).call(env)
+        env['warden'].user(:foo_scope).should == "a foo user"
+      end
+      
+      it "should login 2 different users from the session" do
+        app = lambda do |env|
+          env['rack.session']['warden.user.foo.key'] = 'foo user'
+          env['rack.session']['warden.user.bar.key'] = 'bar user'
+          env['warden'].authenticated?(:pass, :scope => :foo).should be_true
+          env['warden'].authenticated?(:pass, :scope => :bar).should be_true
+          env['warden'].authenticated?(:password).should be_false
+          valid_response
+        end
+        env = env_with_params
+        setup_rack(app).call(env)
+        env['warden'].user(:foo).should == 'foo user'
+        env['warden'].user(:bar).should == 'bar user'
+        env['warden'].user.should be_nil
+      end
+    end
+  end # describe "authentication"
+  
+  describe "set user" do
+    it "should store the user into the session" do
+      env = env_with_params("/")
+      app = lambda do |env|
+        env['warden'].should be_authenticated(:pass)
+        env['warden'].user.should == "Valid User"
+        env['rack.session']["warden.user.default.key"].should == "Valid User"
+        valid_response
+      end
+      setup_rack(app).call(env)
+    end
+  end
+
+  describe "logout" do
+
+    before(:each) do
+      @env = env = env_with_params
+      @env['rack.session'] = {"warden.user.default.key" => "default key", "warden.user.foo.key" => "foo key", :foo => "bar"}
+      app = lambda do |e|
+        e['warden'].logout(env['warden.spec.which_logout'])
+        valid_response
+      end
+      @app = setup_rack(app)
+    end
+    
+    it "should logout only the scoped foo user" do
+      @env['warden.spec.which_logout'] = :foo
+      @app.call(@env)
+      @env['rack.session']['warden.user.default.key'].should == "default key"
+      @env['rack.session']['warden.user.foo.key'].should be_nil
+      @env['rack.session'][:foo].should == "bar"
+    end
+    
+    it "should logout only the scoped default user" do 
+      @env['warden.spec.which_logout'] = :default
+      @app.call(@env)
+      @env['rack.session']['warden.user.default.key'].should be_nil
+      @env['rack.session']['warden.user.foo.key'].should == "foo key"
+      @env['rack.session'][:foo].should == "bar"
+    end
+    
+    it "should clear the session when no argument is given to logout" do
+      @env['rack.session'].should_not be_nil
+      app = lambda do |e|
+        e['warden'].logout
+        valid_response
+      end
+      setup_rack(app).call(@env)
+      @env['rack.session'].should be_empty
+    end
+  end
+  
+  describe "when all strategies are not valid?" do
+    it "should return false for authenticated when there are no valid? strategies" do
+     @env['rack.session'] = {}
+     app = lambda do |e|
+       e['warden'].authenticated?(:invalid).should be_false
+     end
+     setup_rack(app).call(@env)
+    end
+    
+    it "should return nil for authenticate when there are no valid strategies" do
+      @env['rack.session'] = {}
+      app = lambda do |e|
+        e['warden'].authenticate(:invalid).should be_nil
+      end
+      setup_rack(app).call(@env)
+    end
+    
+    it "should respond with a 401 when authenticate! cannot find any valid strategies" do
+      @env['rack.session'] = {}
+      app = lambda do |e| 
+        e['warden'].authenticate!(:invalid)
+      end
+      result = setup_rack(app).call(@env)
+      result.first.should == 401
+    end
+    
+  end
+  
+end