htauth 2.2.0 → 3.0.0

data/spec/cli/digest_spec.rb

@@ -1,149 +0,0 @@
-require 'spec_helper'
-require 'htauth/cli/digest'
-require 'tempfile'
-
-describe HTAuth::CLI::Digest do
-
-  before(:each) do
-
-    # existing 
-    @tf = Tempfile.new("rpasswrd-digest-test")
-    @tf.write(IO.read(DIGEST_ORIGINAL_TEST_FILE))
-    @tf.close
-    @rdigest = HTAuth::CLI::Digest.new
-
-    # new file
-    @new_file = File.join(File.dirname(@tf.path), "new-testfile")
-
-    # rework stdout and stderr
-    @stdout = ConsoleIO.new
-    @old_stdout = $stdout
-    $stdout = @stdout
-
-    @stderr = ConsoleIO.new
-    @old_stderr = $stderr
-    $stderr = @stderr
-
-    @stdin = ConsoleIO.new
-    @old_stdin = $stdin
-    $stdin = @stdin
-  end
-
-  after(:each) do
-    @tf.close(true)
-    $stderr = @old_stderr
-    $stdout = @old_stdout
-    $stdin = @old_stdin
-    File.unlink(@new_file) if File.exist?(@new_file)
-  end
-
-  it "displays help appropriately" do
-    begin
-      @rdigest.run([ "-h" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 1
-      _(@stdout.string).must_match( /passwordfile realm username/m )
-    end
-  end
-
-  it "displays the version appropriately" do
-    begin
-      @rdigest.run([ "--version" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 1
-      _(@stdout.string).must_match( /version #{HTAuth::VERSION}/ )
-    end
-  end
-
-  it "creates a new file with one entries" do
-    begin
-      @stdin.puts "b secret"
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @rdigest.run([ "-c", @new_file, "htauth", "bob" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      _(IO.read(@new_file)).must_equal IO.readlines(DIGEST_ORIGINAL_TEST_FILE).first
-    end
-  end
-
-  it "truncates an exiting file if told to create a new file" do
-    begin
-      @stdin.puts "b secret"
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @rdigest.run([ "-c", @tf.path, "htauth", "bob"])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      _(IO.read(@tf.path)).must_equal IO.read(DIGEST_DELETE_TEST_FILE)
-    end
-  end
-
-  it "adds an entry to an existing file" do
-    begin
-      @stdin.puts "c secret"
-      @stdin.puts "c secret"
-      @stdin.rewind
-      @rdigest.run([ @tf.path, "htauth-new", "charlie" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      _(IO.read(@tf.path)).must_equal IO.read(DIGEST_ADD_TEST_FILE)
-    end
-  end
-
-  it "updates an entry in an existing file" do
-    begin
-      @stdin.puts "a new secret"
-      @stdin.puts "a new secret"
-      @stdin.rewind
-      @rdigest.run([ @tf.path, "htauth", "alice" ])
-    rescue SystemExit => se
-      _(@stderr.string).must_equal ""
-      _(se.status).must_equal 0
-      _(IO.read(@tf.path)).must_equal IO.read(DIGEST_UPDATE_TEST_FILE)
-    end
-  end
-
-  it "deletes an entry in an existing file" do
-    begin
-      @rdigest.run([ "-d", @tf.path, "htauth", "alice" ])
-    rescue SystemExit => se
-      _(@stderr.string).must_equal ""
-      _(se.status).must_equal 0
-      _(IO.read(@tf.path)).must_equal IO.read(DIGEST_DELETE_TEST_FILE)
-    end
-  end
-
-  it "has an error if it does not have permissions on the file" do
-    begin
-      @stdin.puts "a secret"
-      @stdin.puts "a secret"
-      @stdin.rewind
-      @rdigest.run([ "-c", "/etc/you-cannot-create-me", "htauth", "alice"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( %r{Could not open password file /etc/you-cannot-create-me}m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "has an error if the input passwords do not match" do
-    begin
-      @stdin.puts "a secret"
-      @stdin.puts "a bad secret"
-      @stdin.rewind
-      @rdigest.run([ @tf.path, "htauth", "alice"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /They don't match, sorry./m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "has an error if the options are incorrect" do
-    begin
-      @rdigest.run(["--blah"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
-  end
-end

data/spec/cli/passwd_spec.rb

@@ -1,330 +0,0 @@
-require 'spec_helper'
-require 'htauth/cli/passwd'
-require 'tempfile'
-
-describe HTAuth::CLI::Passwd do
-
-  before(:each) do
-
-    # existing 
-    @tf = Tempfile.new("rpasswrd-passwd-test")
-    @tf.write(IO.read(PASSWD_ORIGINAL_TEST_FILE))
-    @tf.close
-    @htauth = HTAuth::CLI::Passwd.new
-
-    # new file
-    @new_file = File.join(File.dirname(@tf.path), "new-testfile")
-
-    # rework stdout and stderr
-    @stdout = ConsoleIO.new
-    @old_stdout = $stdout
-    $stdout = @stdout
-
-    @stderr = ConsoleIO.new
-    @old_stderr = $stderr
-    $stderr = @stderr
-
-    @stdin = ConsoleIO.new
-    @old_stdin = $stdin
-    $stdin = @stdin
-  end
-
-  after(:each) do
-    @tf.close(true)
-    $stderr = @old_stderr
-    $stdout = @old_stdout
-    $stdin = @old_stdin
-    File.unlink(@new_file) if File.exist?(@new_file)
-  end
-
-  it "displays help appropriately" do
-    begin
-      @htauth.run([ "-h" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 1
-      _(@stdout.string).must_match( /passwordfile username/m )
-    end
-  end
-
-  it "displays the version appropriately" do
-    begin
-      @htauth.run([ "--version" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 1
-      _(@stdout.string).must_match( /version #{HTAuth::VERSION}/)
-    end
-  end
-
-  it "creates a new file with one md5 entry" do
-    begin
-      @stdin.puts "a secret"
-      @stdin.puts "a secret"
-      @stdin.rewind
-      @htauth.run([ "-m", "-c", @new_file, "alice" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      l = IO.readlines(@new_file)
-      fields = l.first.split(':')
-      _(fields.first).must_equal "alice"
-      _(fields.last).must_match( /^\$apr1\$/ )
-    end
-  end
-
-  it "creates a new file with one bcrypt entry" do
-    begin
-      @stdin.puts "b secret"
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @htauth.run([ "-B", "-c", @new_file, "brenda" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      l = IO.readlines(@new_file)
-      fields = l.first.split(':')
-      _(fields.first).must_equal "brenda"
-      bcrypt_hash = fields.last
-
-      _(::BCrypt::Password.valid_hash?(bcrypt_hash)).wont_be_nil
-    end
-  end
-
-  it "allows the bcrypt cost to be set" do
-    begin
-      cost = 12
-      @stdin.puts "b secret"
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @htauth.run([ "-C", "#{cost}", "-B", "-c", @new_file, "brenda" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      l = IO.readlines(@new_file)
-      fields = l.first.split(':')
-      _(fields.first).must_equal "brenda"
-      bcrypt_hash = fields.last
-      _(::BCrypt::Password.valid_hash?(bcrypt_hash)).wont_be_nil
-
-      _, _version, count, _rest = bcrypt_hash.split("$")
-      _(count).must_equal ("%02d" % cost)
-    end
-  end
-
-  it "raises an error if the bcrypt cost is out of range" do
-    begin
-      @stdin.puts "b secret"
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @htauth.run([ "-C", "42", "-B", "-c", @new_file, "brenda" ])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "raises an error if the bcrypt cost is not an integer" do
-    begin
-      @stdin.puts "b secret"
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @htauth.run([ "-C", "forty-two", "-B", "-c", @new_file, "brenda" ])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
- 
-  end
-
-  it "does not verify the password from stdin on -i option" do
-    begin
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @htauth.run([ "-i", "-B", "-c", @new_file, "brenda" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      l = IO.readlines(@new_file)
-      fields = l.first.split(':')
-      _(fields.first).must_equal "brenda"
-      bcrypt_hash = fields.last
-
-      _(::BCrypt::Password.valid_hash?(bcrypt_hash)).wont_be_nil
-    end
-  end
-
-  it "does not allow options -i and -b to both be set" do
-    begin
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @htauth.run([ "-i", "-b", "-B", "-c", @new_file, "brenda", "b-secret" ])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "truncates an exiting file if told to create a new file" do
-    before_lines = IO.readlines(@tf.path)
-    begin
-      @stdin.puts "b secret"
-      @stdin.puts "b secret"
-      @stdin.rewind
-      @htauth.run([ "-c", @tf.path, "bob"])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      after_lines = IO.readlines(@tf.path)
-      _(after_lines.size).must_equal 1
-      _(before_lines.size).must_equal 2
-    end
-  end
-
-  it "adds an entry to an existing file and force SHA" do
-    begin
-      @stdin.puts "c secret"
-      @stdin.puts "c secret"
-      @stdin.rewind
-      @htauth.run([ "-s", @tf.path, "charlie" ])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      after_lines = IO.readlines(@tf.path)
-      _(after_lines.size).must_equal 3
-      al = after_lines.last.split(':')
-      _(al.first).must_equal "charlie"
-      _(al.last).must_match( /\{SHA\}/ )
-    end
-  end
-
-  it "can create a plaintext encrypted file" do
-    begin
-      @stdin.puts "a bad password"
-      @stdin.puts "a bad password"
-      @stdin.rewind
-      @htauth.run(["-c", "-p", @tf.path, "bradley"])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      _(IO.read(@tf.path).strip).must_equal "bradley:a bad password"
-    end
-  end
-
-  it "has a batch mode for command line passwords" do
-    begin
-      @htauth.run(["-c", "-p", "-b", @tf.path, "bradley", "a bad password"])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      _(IO.read(@tf.path).strip).must_equal "bradley:a bad password"
-    end
-  end
-
-  it "updates an entry in an existing file and force crypt" do
-    before_lines = IO.readlines(@tf.path)
-    begin
-      @stdin.puts "a new secret"
-      @stdin.puts "a new secret"
-      @stdin.rewind
-      @htauth.run([ "-d", @tf.path, "alice" ])
-    rescue SystemExit => se
-      _(@stderr.string).must_equal ""
-      _(se.status).must_equal 0
-      after_lines = IO.readlines(@tf.path)
-      _(after_lines.size).must_equal before_lines.size
-
-      a_b = before_lines.first.split(":")
-      a_a = after_lines.first.split(":")
-
-      _(a_b.first).must_equal a_a.first
-      _(a_b.last).wont_equal a_a.last
-    end
-  end
-
-  it "deletes an entry in an existing file" do
-    begin
-      @htauth.run([ "-D", @tf.path, "bob" ])
-    rescue SystemExit => se
-      _(@stderr.string).must_equal ""
-      _(se.status).must_equal 0
-      _(IO.read(@tf.path)).must_equal IO.read(PASSWD_DELETE_TEST_FILE)
-    end
-  end
-
-  it "sends to STDOUT when the -n option is used" do
-    begin
-      @htauth.run(["-n", "-p", "-b", "bradley", "a bad password"])
-    rescue SystemExit => se
-      _(se.status).must_equal 0
-      _(@stdout.string.strip).must_equal "bradley:a bad password"
-    end
-  end
-
-  it "verifies a password when --verify is used - valid" do
-    begin
-      @htauth.run(["--verify", "-b", @tf.path, "alice", "a secret"])
-    rescue SystemExit => se
-      _(@stderr.string.strip).must_equal "Password for user alice correct."
-      _(se.status).must_equal 0
-    end
-  end
-
-  it "verifies a password when --verify is used - invalid" do
-    begin
-      @htauth.run(["--verify", "-b", @tf.path, "alice", "the wrong secret"])
-    rescue SystemExit => se
-      _(@stderr.string.strip).must_equal "Password verification for user alice failed."
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "has an error if it does not have permissions on the file" do
-    begin
-      @stdin.puts "a secret"
-      @stdin.puts "a secret"
-      @stdin.rewind
-      @htauth.run([ "-c", "/etc/you-cannot-create-me", "alice"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( %r{Password file failure \(/etc/you-cannot-create-me\)}m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "has an error if the input passwords do not match" do
-    begin
-      @stdin.puts "a secret"
-      @stdin.puts "a bad secret"
-      @stdin.rewind
-      @htauth.run([ @tf.path, "alice"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /They don't match, sorry./m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "has an error if the options are incorrect" do
-    begin
-      @htauth.run(["--blah"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "errors if send to stdout and create a new file options are both used" do
-    begin
-      @htauth.run(["-c", "-n"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
-  end
-
-  it "errors if multiple types of operations are attmpted to be used at once" do
-    begin
-      @htauth.run(["-n", "-D"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
-
-    begin
-      @htauth.run(["--verify", "-D"])
-    rescue SystemExit => se
-      _(@stderr.string).must_match( /ERROR:/m )
-      _(se.status).must_equal 1
-    end
- 
-  end
-end

data/spec/crypt_spec.rb

@@ -1,12 +0,0 @@
-require 'spec_helper'
-require 'htauth/crypt'
-
-describe HTAuth::Crypt do
-  it "encrypts the same way that apache does" do
-    apache_salt = "L0LDd/.."
-    apache_result = "L0ekWYm59LT1M"
-    crypt = HTAuth::Crypt.new({ :salt => apache_salt} )
-    _(crypt.encode("a secret")).must_equal apache_result
-  end
-end
-

data/spec/digest_entry_spec.rb

@@ -1,60 +0,0 @@
-require 'spec_helper'
-require 'htauth/digest_entry'
-
-describe HTAuth::DigestEntry do
-  before(:each) do
-    @alice = HTAuth::DigestEntry.new("alice", "htauth")
-    @bob   = HTAuth::DigestEntry.new("bob", "htauth", "b secret")
-  end
-
-  it "initializes with a user and realm" do
-    _(@alice.user).must_equal "alice"
-    _(@alice.realm).must_equal "htauth"
-  end
-
-  it "has the correct digest for a password" do
-    @alice.password = "digit"
-    _(@alice.digest).must_equal "4ed9e5744c6747af8f292d28afd6372e"
-  end
-
-  it "returns username:realm for a key" do
-    _(@alice.key).must_equal "alice:htauth"
-  end
-
-  it "checks the password correctly" do
-    _(@bob.authenticated?("b secret")).must_equal true
-  end
-
-  it "formats correctly when put to a string" do
-    _(@bob.to_s).must_equal "bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e"
-  end
-
-  it "parses an input line" do
-    @bob_new = HTAuth::DigestEntry.from_line("bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e")
-    _(@bob.user).must_equal @bob_new.user
-    _(@bob.digest).must_equal @bob_new.digest
-    _(@bob.realm).must_equal @bob_new.realm
-  end
-
-  it "knows if an input line is a possible entry and raises an exception" do
-    _ { HTAuth::DigestEntry.is_entry!("#stuff") }.must_raise(HTAuth::InvalidDigestEntry)
-    _ { HTAuth::DigestEntry.is_entry!("this:that:other:stuff") }.must_raise(HTAuth::InvalidDigestEntry)
-    _ { HTAuth::DigestEntry.is_entry!("this:that:other") }.must_raise(HTAuth::InvalidDigestEntry)
-    _ { HTAuth::DigestEntry.is_entry!("this:that:0a90549e8ffb2dd62f98252a95d88xyz") }.must_raise(HTAuth::InvalidDigestEntry)
-  end
-
-  it "knows if an input line is a possible entry and returns false" do
-    _(HTAuth::DigestEntry.is_entry?("#stuff")).must_equal false
-    _(HTAuth::DigestEntry.is_entry?("this:that:other:stuff")).must_equal false 
-    _(HTAuth::DigestEntry.is_entry?("this:that:other")).must_equal false 
-    _(HTAuth::DigestEntry.is_entry?("this:that:0a90549e8ffb2dd62f98252a95d88xyz")).must_equal false
-  end
-
-  it "knows if an input line is a possible entry and returns true" do
-    _(HTAuth::DigestEntry.is_entry?("bob:htauth:0a90549e8ffb2dd62f98252a95d88697")).must_equal true
-  end
-
-  it "duplicates itself" do
-    _(@alice.dup.to_s).must_equal @alice.to_s
-  end
-end

data/spec/digest_file_spec.rb

@@ -1,65 +0,0 @@
-require 'spec_helper'
-require 'htauth/digest_file'
-require 'tempfile'
-
-describe HTAuth::DigestFile do
-
-  before(:each) do
-    @tf             = Tempfile.new("rpasswrd-digest")
-    @tf.write(IO.read(DIGEST_ORIGINAL_TEST_FILE))
-    @tf.close
-    @digest_file    = HTAuth::DigestFile.new(@tf.path)
-
-    @tf2                = Tempfile.new("rpasswrd-digest-empty")
-    @tf2.close
-    @empty_digest_file  = HTAuth::DigestFile.new(@tf2.path)
-  end
-
-  after(:each) do
-    @tf2.close(true)
-    @tf.close(true)
-  end
-
-  it "can add a new entry to an already existing digest file" do
-    @digest_file.add_or_update("charlie", "htauth-new", "c secret")
-    _(@digest_file.contents).must_equal IO.read(DIGEST_ADD_TEST_FILE)
-  end
-
-  it "can tell if an entry already exists in the digest file" do
-    _(@digest_file.has_entry?("alice", "htauth")).must_equal true
-    _(@digest_file.has_entry?("alice", "some other realm")).must_equal false
-  end
-
-  it "can update an entry in an already existing digest file" do
-    @digest_file.add_or_update("alice", "htauth", "a new secret")
-    _(@digest_file.contents).must_equal IO.read(DIGEST_UPDATE_TEST_FILE)
-  end
-
-  it "fetches a copy of an entry" do
-    _(@digest_file.fetch("alice", "htauth").to_s).must_equal "alice:htauth:2f361db93147d84831eb34f19d05bfbb"
-  end
-
-  it "raises an error if an attempt is made to alter a non-existenet file" do
-    _ { HTAuth::DigestFile.new("some-file") }.must_raise(HTAuth::FileAccessError)
-  end
-
-  # this test will only work on systems that have /etc/ssh_host_rsa_key 
-  it "raises an error if an attempt is made to open a file where no permissions are granted" do
-    _ { HTAuth::DigestFile.new("/etc/ssh_host_rsa_key") }.must_raise(HTAuth::FileAccessError)
-  end
-
-  it "deletes an entry" do
-    @digest_file.delete("alice", "htauth")
-    _(@digest_file.contents).must_equal IO.read(DIGEST_DELETE_TEST_FILE)
-  end
-
-  it "is usable in a ruby manner and yeilds itself when opened" do
-    HTAuth::DigestFile.open(@tf.path) do |pf|
-      pf.add_or_update("alice", "htauth", "a secret")
-      pf.delete('bob', 'htauth')
-    end
-    lines = IO.readlines(@tf.path)
-    _(lines.size).must_equal 1
-    _(lines.first.strip).must_equal "alice:htauth:2f361db93147d84831eb34f19d05bfbb"
-  end
-end

data/spec/md5_spec.rb

@@ -1,13 +0,0 @@
-require File.join(File.dirname(__FILE__),"spec_helper.rb")
-
-require 'htauth/md5'
-
-describe HTAuth::Md5 do
-  it "encrypts the same way that apache does" do
-    apache_salt = "L0LDd/.."
-    apache_result = "$apr1$L0LDd/..$yhUzDjpxam5F1kWdtwMco1"
-    md5 = HTAuth::Md5.new({ 'salt' => apache_salt })
-    _(md5.encode("a secret")).must_equal apache_result
-  end
-end
-