htauth 1.2.0 → 2.0.0

data/spec/cli/passwd_spec.rb

@@ -0,0 +1,206 @@
+require 'spec_helper'
+require 'htauth/cli/passwd'
+require 'tempfile'
+
+describe HTAuth::CLI::Passwd do
+
+  before(:each) do
+
+    # existing 
+    @tf = Tempfile.new("rpasswrd-passwd-test")
+    @tf.write(IO.read(PASSWD_ORIGINAL_TEST_FILE))
+    @tf.close
+    @htauth = HTAuth::CLI::Passwd.new
+
+    # new file
+    @new_file = File.join(File.dirname(@tf.path), "new-testfile")
+
+    # rework stdout and stderr
+    @stdout = ConsoleIO.new
+    @old_stdout = $stdout
+    $stdout = @stdout
+
+    @stderr = ConsoleIO.new
+    @old_stderr = $stderr
+    $stderr = @stderr
+
+    @stdin = ConsoleIO.new
+    @old_stdin = $stdin
+    $stdin = @stdin
+  end
+
+  after(:each) do
+    @tf.close(true)
+    $stderr = @old_stderr
+    $stdout = @old_stdout
+    $stdin = @old_stdin
+    File.unlink(@new_file) if File.exist?(@new_file)
+  end
+
+  it "displays help appropriately" do
+    begin
+      @htauth.run([ "-h" ])
+    rescue SystemExit => se
+      se.status.must_equal 1
+      @stdout.string.must_match( /passwordfile username/m )
+    end
+  end
+
+  it "displays the version appropriately" do
+    begin
+      @htauth.run([ "--version" ])
+    rescue SystemExit => se
+      se.status.must_equal 1
+      @stdout.string.must_match( /version #{HTAuth::VERSION}/)
+    end
+  end
+
+  it "creates a new file with one md5 entry" do
+    begin
+      @stdin.puts "a secret"
+      @stdin.puts "a secret"
+      @stdin.rewind
+      @htauth.run([ "-m", "-c", @new_file, "alice" ])
+    rescue SystemExit => se
+      se.status.must_equal 0
+      l = IO.readlines(@new_file)
+      fields = l.first.split(':')
+      fields.first.must_equal "alice"
+      fields.last.must_match( /^\$apr1\$/ )
+    end
+  end
+
+  it "truncates an exiting file if told to create a new file" do
+    before_lines = IO.readlines(@tf.path)
+    begin
+      @stdin.puts "b secret"
+      @stdin.puts "b secret"
+      @stdin.rewind
+      @htauth.run([ "-c", @tf.path, "bob"])
+    rescue SystemExit => se
+      se.status.must_equal 0
+      after_lines = IO.readlines(@tf.path)
+      after_lines.size.must_equal 1
+      before_lines.size.must_equal 2
+    end
+  end
+
+  it "adds an entry to an existing file and force SHA" do
+    begin
+      @stdin.puts "c secret"
+      @stdin.puts "c secret"
+      @stdin.rewind
+      @htauth.run([ "-s", @tf.path, "charlie" ])
+    rescue SystemExit => se
+      se.status.must_equal 0
+      after_lines = IO.readlines(@tf.path)
+      after_lines.size.must_equal 3
+      al = after_lines.last.split(':')
+      al.first.must_equal "charlie"
+      al.last.must_match( /\{SHA\}/ )
+    end
+  end
+
+  it "can create a plaintext encrypted file" do
+    begin
+      @stdin.puts "a bad password"
+      @stdin.puts "a bad password"
+      @stdin.rewind
+      @htauth.run(["-c", "-p", @tf.path, "bradley"])
+    rescue SystemExit => se
+      se.status.must_equal 0
+      IO.read(@tf.path).strip.must_equal "bradley:a bad password"
+    end
+  end
+
+  it "has a batch mode for command line passwords" do
+    begin
+      @htauth.run(["-c", "-p", "-b", @tf.path, "bradley", "a bad password"])
+    rescue SystemExit => se
+      se.status.must_equal 0
+      IO.read(@tf.path).strip.must_equal "bradley:a bad password"
+    end
+  end
+
+  it "updates an entry in an existing file and force crypt" do
+    before_lines = IO.readlines(@tf.path)
+    begin
+      @stdin.puts "a new secret"
+      @stdin.puts "a new secret"
+      @stdin.rewind
+      @htauth.run([ "-d", @tf.path, "alice" ])
+    rescue SystemExit => se
+      @stderr.string.must_equal ""
+      se.status.must_equal 0
+      after_lines = IO.readlines(@tf.path)
+      after_lines.size.must_equal before_lines.size
+
+      a_b = before_lines.first.split(":")
+      a_a = after_lines.first.split(":")
+
+      a_b.first.must_equal a_a.first
+      a_b.last.wont_equal a_a.last
+    end
+  end
+
+  it "deletes an entry in an existing file" do
+    begin
+      @htauth.run([ "-D", @tf.path, "bob" ])
+    rescue SystemExit => se
+      @stderr.string.must_equal ""
+      se.status.must_equal 0
+      IO.read(@tf.path).must_equal IO.read(PASSWD_DELETE_TEST_FILE)
+    end
+  end
+
+  it "sends to STDOUT when the -n option is used" do
+    begin
+      @htauth.run(["-n", "-p", "-b", "bradley", "a bad password"])
+    rescue SystemExit => se
+      se.status.must_equal 0
+      @stdout.string.strip.must_equal "bradley:a bad password"
+    end
+  end
+
+  it "has an error if it does not have permissions on the file" do
+    begin
+      @stdin.puts "a secret"
+      @stdin.puts "a secret"
+      @stdin.rewind
+      @htauth.run([ "-c", "/etc/you-cannot-create-me", "alice"])
+    rescue SystemExit => se
+      @stderr.string.must_match( %r{Password file failure \(/etc/you-cannot-create-me\)}m )
+      se.status.must_equal 1
+    end
+  end
+
+  it "has an error if the input passwords do not match" do
+    begin
+      @stdin.puts "a secret"
+      @stdin.puts "a bad secret"
+      @stdin.rewind
+      @htauth.run([ @tf.path, "alice"])
+    rescue SystemExit => se
+      @stderr.string.must_match( /They don't match, sorry./m )
+      se.status.must_equal 1
+    end
+  end
+
+  it "has an error if the options are incorrect" do
+    begin
+      @htauth.run(["--blah"])
+    rescue SystemExit => se
+      @stderr.string.must_match( /ERROR:/m )
+      se.status.must_equal 1
+    end
+  end
+
+  it "errors if send to stdout and create a new file options are both used" do
+    begin
+      @htauth.run(["-c", "-n"])
+    rescue SystemExit => se
+      @stderr.string.must_match( /ERROR:/m )
+      se.status.must_equal 1
+    end
+  end
+end

data/spec/digest_entry_spec.rb

@@ -2,59 +2,59 @@ require 'spec_helper'
 require 'htauth/digest_entry'
 
 describe HTAuth::DigestEntry do
-    before(:each) do
-        @alice = HTAuth::DigestEntry.new("alice", "htauth")
-        @bob   = HTAuth::DigestEntry.new("bob", "htauth", "b secret")
-    end
-
-    it "initializes with a user and realm" do
-        @alice.user.must_equal "alice"
-        @alice.realm.must_equal "htauth"
-    end
-
-    it "has the correct digest for a password" do
-        @alice.password = "digit"
-        @alice.digest.must_equal "4ed9e5744c6747af8f292d28afd6372e"
-    end
-
-    it "returns username:realm for a key" do
-        @alice.key.must_equal "alice:htauth"
-    end
-
-    it "checks the password correctly" do
-        @bob.authenticated?("b secret").must_equal true
-    end
-
-    it "formats correctly when put to a string" do
-        @bob.to_s.must_equal "bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e"
-    end
-
-    it "parses an input line" do
-        @bob_new = HTAuth::DigestEntry.from_line("bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e")
-        @bob.user.must_equal @bob_new.user
-        @bob.digest.must_equal @bob_new.digest
-        @bob.realm.must_equal @bob_new.realm
-    end
-
-    it "knows if an input line is a possible entry and raises an exception" do
-        lambda { HTAuth::DigestEntry.is_entry!("#stuff") }.must_raise(HTAuth::InvalidDigestEntry)
-        lambda { HTAuth::DigestEntry.is_entry!("this:that:other:stuff") }.must_raise(HTAuth::InvalidDigestEntry)
-        lambda { HTAuth::DigestEntry.is_entry!("this:that:other") }.must_raise(HTAuth::InvalidDigestEntry)
-        lambda { HTAuth::DigestEntry.is_entry!("this:that:0a90549e8ffb2dd62f98252a95d88xyz") }.must_raise(HTAuth::InvalidDigestEntry)
-    end
-    
-    it "knows if an input line is a possible entry and returns false" do
-        HTAuth::DigestEntry.is_entry?("#stuff").must_equal false
-        HTAuth::DigestEntry.is_entry?("this:that:other:stuff").must_equal false 
-        HTAuth::DigestEntry.is_entry?("this:that:other").must_equal false 
-        HTAuth::DigestEntry.is_entry?("this:that:0a90549e8ffb2dd62f98252a95d88xyz").must_equal false
-    end
-    
-    it "knows if an input line is a possible entry and returns true" do
-        HTAuth::DigestEntry.is_entry?("bob:htauth:0a90549e8ffb2dd62f98252a95d88697").must_equal true
-    end
-
-    it "duplicates itself" do
-        @alice.dup.to_s.must_equal @alice.to_s
-    end
+  before(:each) do
+    @alice = HTAuth::DigestEntry.new("alice", "htauth")
+    @bob   = HTAuth::DigestEntry.new("bob", "htauth", "b secret")
+  end
+
+  it "initializes with a user and realm" do
+    @alice.user.must_equal "alice"
+    @alice.realm.must_equal "htauth"
+  end
+
+  it "has the correct digest for a password" do
+    @alice.password = "digit"
+    @alice.digest.must_equal "4ed9e5744c6747af8f292d28afd6372e"
+  end
+
+  it "returns username:realm for a key" do
+    @alice.key.must_equal "alice:htauth"
+  end
+
+  it "checks the password correctly" do
+    @bob.authenticated?("b secret").must_equal true
+  end
+
+  it "formats correctly when put to a string" do
+    @bob.to_s.must_equal "bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e"
+  end
+
+  it "parses an input line" do
+    @bob_new = HTAuth::DigestEntry.from_line("bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e")
+    @bob.user.must_equal @bob_new.user
+    @bob.digest.must_equal @bob_new.digest
+    @bob.realm.must_equal @bob_new.realm
+  end
+
+  it "knows if an input line is a possible entry and raises an exception" do
+    lambda { HTAuth::DigestEntry.is_entry!("#stuff") }.must_raise(HTAuth::InvalidDigestEntry)
+    lambda { HTAuth::DigestEntry.is_entry!("this:that:other:stuff") }.must_raise(HTAuth::InvalidDigestEntry)
+    lambda { HTAuth::DigestEntry.is_entry!("this:that:other") }.must_raise(HTAuth::InvalidDigestEntry)
+    lambda { HTAuth::DigestEntry.is_entry!("this:that:0a90549e8ffb2dd62f98252a95d88xyz") }.must_raise(HTAuth::InvalidDigestEntry)
+  end
+
+  it "knows if an input line is a possible entry and returns false" do
+    HTAuth::DigestEntry.is_entry?("#stuff").must_equal false
+    HTAuth::DigestEntry.is_entry?("this:that:other:stuff").must_equal false 
+    HTAuth::DigestEntry.is_entry?("this:that:other").must_equal false 
+    HTAuth::DigestEntry.is_entry?("this:that:0a90549e8ffb2dd62f98252a95d88xyz").must_equal false
+  end
+
+  it "knows if an input line is a possible entry and returns true" do
+    HTAuth::DigestEntry.is_entry?("bob:htauth:0a90549e8ffb2dd62f98252a95d88697").must_equal true
+  end
+
+  it "duplicates itself" do
+    @alice.dup.to_s.must_equal @alice.to_s
+  end
 end

data/spec/digest_file_spec.rb

@@ -4,62 +4,62 @@ require 'tempfile'
 
 describe HTAuth::DigestFile do
 
-    before(:each) do
-        @tf             = Tempfile.new("rpasswrd-digest")
-        @tf.write(IO.read(DIGEST_ORIGINAL_TEST_FILE))
-        @tf.close       
-        @digest_file    = HTAuth::DigestFile.new(@tf.path)
-        
-        @tf2                = Tempfile.new("rpasswrd-digest-empty")
-        @tf2.close
-        @empty_digest_file  = HTAuth::DigestFile.new(@tf2.path)
-    end
+  before(:each) do
+    @tf             = Tempfile.new("rpasswrd-digest")
+    @tf.write(IO.read(DIGEST_ORIGINAL_TEST_FILE))
+    @tf.close
+    @digest_file    = HTAuth::DigestFile.new(@tf.path)
 
-    after(:each) do
-        @tf2.close(true)
-        @tf.close(true)
-    end
+    @tf2                = Tempfile.new("rpasswrd-digest-empty")
+    @tf2.close
+    @empty_digest_file  = HTAuth::DigestFile.new(@tf2.path)
+  end
 
-    it "can add a new entry to an already existing digest file" do
-        @digest_file.add_or_update("charlie", "htauth-new", "c secret")
-        @digest_file.contents.must_equal IO.read(DIGEST_ADD_TEST_FILE)
-    end
+  after(:each) do
+    @tf2.close(true)
+    @tf.close(true)
+  end
 
-    it "can tell if an entry already exists in the digest file" do
-        @digest_file.has_entry?("alice", "htauth").must_equal true
-        @digest_file.has_entry?("alice", "some other realm").must_equal false
-    end
-    
-    it "can update an entry in an already existing digest file" do
-        @digest_file.add_or_update("alice", "htauth", "a new secret")
-        @digest_file.contents.must_equal IO.read(DIGEST_UPDATE_TEST_FILE)
-    end
+  it "can add a new entry to an already existing digest file" do
+    @digest_file.add_or_update("charlie", "htauth-new", "c secret")
+    @digest_file.contents.must_equal IO.read(DIGEST_ADD_TEST_FILE)
+  end
 
-    it "fetches a copy of an entry" do
-        @digest_file.fetch("alice", "htauth").to_s.must_equal "alice:htauth:2f361db93147d84831eb34f19d05bfbb"
-    end
+  it "can tell if an entry already exists in the digest file" do
+    @digest_file.has_entry?("alice", "htauth").must_equal true
+    @digest_file.has_entry?("alice", "some other realm").must_equal false
+  end
 
-    it "raises an error if an attempt is made to alter a non-existenet file" do
-        lambda { HTAuth::DigestFile.new("some-file") }.must_raise(HTAuth::FileAccessError)
-    end
+  it "can update an entry in an already existing digest file" do
+    @digest_file.add_or_update("alice", "htauth", "a new secret")
+    @digest_file.contents.must_equal IO.read(DIGEST_UPDATE_TEST_FILE)
+  end
 
-    # this test will only work on systems that have /etc/ssh_host_rsa_key 
-    it "raises an error if an attempt is made to open a file where no permissions are granted" do
-        lambda { HTAuth::DigestFile.new("/etc/ssh_host_rsa_key") }.must_raise(HTAuth::FileAccessError)
-    end
+  it "fetches a copy of an entry" do
+    @digest_file.fetch("alice", "htauth").to_s.must_equal "alice:htauth:2f361db93147d84831eb34f19d05bfbb"
+  end
 
-    it "deletes an entry" do
-        @digest_file.delete("alice", "htauth")
-        @digest_file.contents.must_equal IO.read(DIGEST_DELETE_TEST_FILE)
-    end
-    
-    it "is usable in a ruby manner and yeilds itself when opened" do
-        HTAuth::DigestFile.open(@tf.path) do |pf|
-            pf.add_or_update("alice", "htauth", "a secret")
-            pf.delete('bob', 'htauth')
-        end
-        lines = IO.readlines(@tf.path)
-        lines.size.must_equal 1
-        lines.first.strip.must_equal "alice:htauth:2f361db93147d84831eb34f19d05bfbb"
+  it "raises an error if an attempt is made to alter a non-existenet file" do
+    lambda { HTAuth::DigestFile.new("some-file") }.must_raise(HTAuth::FileAccessError)
+  end
+
+  # this test will only work on systems that have /etc/ssh_host_rsa_key 
+  it "raises an error if an attempt is made to open a file where no permissions are granted" do
+    lambda { HTAuth::DigestFile.new("/etc/ssh_host_rsa_key") }.must_raise(HTAuth::FileAccessError)
+  end
+
+  it "deletes an entry" do
+    @digest_file.delete("alice", "htauth")
+    @digest_file.contents.must_equal IO.read(DIGEST_DELETE_TEST_FILE)
+  end
+
+  it "is usable in a ruby manner and yeilds itself when opened" do
+    HTAuth::DigestFile.open(@tf.path) do |pf|
+      pf.add_or_update("alice", "htauth", "a secret")
+      pf.delete('bob', 'htauth')
     end
+    lines = IO.readlines(@tf.path)
+    lines.size.must_equal 1
+    lines.first.strip.must_equal "alice:htauth:2f361db93147d84831eb34f19d05bfbb"
+  end
 end

data/spec/md5_spec.rb

@@ -3,15 +3,15 @@ require File.join(File.dirname(__FILE__),"spec_helper.rb")
 require 'htauth/md5'
 
 describe HTAuth::Md5 do
-    it "has a prefix" do
-        HTAuth::Md5.new.prefix.must_equal "$apr1$"
-    end
+  it "has a prefix" do
+    HTAuth::Md5.new.prefix.must_equal "$apr1$"
+  end
 
-    it "encrypts the same way that apache does" do
-        apache_salt = "L0LDd/.."
-        apache_result = "$apr1$L0LDd/..$yhUzDjpxam5F1kWdtwMco1"
-        md5 = HTAuth::Md5.new({ 'salt' => apache_salt })
-        md5.encode("a secret").must_equal apache_result
-    end
+  it "encrypts the same way that apache does" do
+    apache_salt = "L0LDd/.."
+    apache_result = "$apr1$L0LDd/..$yhUzDjpxam5F1kWdtwMco1"
+    md5 = HTAuth::Md5.new({ 'salt' => apache_salt })
+    md5.encode("a secret").must_equal apache_result
+  end
 end