htauth 2.2.0 → 3.0.0

data/spec/passwd_entry_spec.rb

@@ -1,159 +0,0 @@
-require 'spec_helper'
-require 'htauth/passwd_entry'
-
-describe HTAuth::PasswdEntry do
-  before(:each) do
-    @alice = HTAuth::PasswdEntry.new("alice", "a secret", "crypt", { :salt => "mD" })
-    @bob   = HTAuth::PasswdEntry.new("bob", "b secret", "crypt", { :salt => "b8"})
-    @salt  = "lo1tk/.."
-  end
-
-  it "initializes with a user and realm" do
-    _(@alice.user).must_equal "alice"
-  end
-
-  it "has the correct crypt password" do
-    @alice.password = "a secret"
-    _(@alice.digest).must_equal "mDwdZuXalQ5zk"
-  end
-
-  it "encrypts correctly for md5" do
-    bob = HTAuth::PasswdEntry.new("bob", "b secret", "md5", { :salt => @salt })
-    _(bob.digest).must_equal "$apr1$lo1tk/..$CarApvZPee0F6Wj1U0GxZ1"
-  end
-
-  it "encrypts correctly for sha1" do
-    bob = HTAuth::PasswdEntry.new("bob", "b secret", "sha1", { :salt => @salt })
-    _(bob.digest).must_equal "{SHA}b/tjGXbX80MEKVnF200S43ca4hY="
-  end
-
-  it "encrypts correctly for plaintext" do
-    bob = HTAuth::PasswdEntry.new("bob", "b secret", "plaintext", { :salt => @salt })
-    _(bob.digest).must_equal "b secret"
-  end
-
-  it "encrypts with crypt as a default, when parsed from crypt()'d line" do
-    bob2 = HTAuth::PasswdEntry.from_line(@bob.to_s)
-    _(bob2.algorithm).must_be_instance_of(HTAuth::Crypt)
-    bob2.password = "another secret"
-    _(bob2.algorithm).must_be_instance_of(HTAuth::Crypt)
-  end
-
-  it "encrypts with crypt as a default, when parsed from plaintext line" do
-    p = HTAuth::PasswdEntry.new('paul', 'p secret', 'plaintext')
-    p2 = HTAuth::PasswdEntry.from_line(p.to_s)
-    _(p2.algorithm).must_be_instance_of(HTAuth::Plaintext)
-    p2.password = "another secret"
-    _(p2.algorithm).must_be_instance_of(HTAuth::Crypt)
-  end
-
-  it "encrypts with md5 as default, when parsed from an md5 line" do
-    m = HTAuth::PasswdEntry.new("mary", "m secret", "md5") 
-    m2 = HTAuth::PasswdEntry.from_line(m.to_s)
-    _(m2.algorithm).must_be_instance_of(HTAuth::Md5)
-  end
-
-  it "encrypts with sha1 as default, when parsed from an sha1 line" do
-    s = HTAuth::PasswdEntry.new("steve", "s secret", "sha1") 
-    s2 = HTAuth::PasswdEntry.from_line(s.to_s)
-    _(s2.algorithm).must_be_instance_of(HTAuth::Sha1)
-  end
-
-  it "encrypts with bcrypt as default when parsed from a bcrypt line" do
-    b = HTAuth::PasswdEntry.new("brenda", "b secret", "bcrypt")
-    b2 = HTAuth::PasswdEntry.from_line(b.to_s)
-    _(b2.algorithm).must_be_instance_of(HTAuth::Bcrypt)
-  end
-
-  it "determins the algorithm to be crypt when checking a password" do
-    bob2 = HTAuth::PasswdEntry.from_line(@bob.to_s)
-    _(bob2.algorithm).must_be_instance_of(HTAuth::Crypt)
-    _(bob2.authenticated?("b secret")).must_equal true
-    _(bob2.algorithm).must_be_instance_of(HTAuth::Crypt)
-  end
-
-  it "determins the algorithm to be plain when checking a password" do
-    bob2 = HTAuth::PasswdEntry.from_line("bob:b secret")
-    _(bob2.algorithm).must_be_instance_of(HTAuth::Plaintext)
-    _(bob2.authenticated?("b secret")).must_equal true
-    _(bob2.algorithm).must_be_instance_of(HTAuth::Plaintext)
-  end
-
-  it "authenticates correctly against md5" do
-    m = HTAuth::PasswdEntry.new("mary", "m secret", "md5") 
-    m2 = HTAuth::PasswdEntry.from_line(m.to_s)
-    _(m2.authenticated?("m secret")).must_equal true
-  end
-
-  it "authenticates correctly against sha1" do
-    s = HTAuth::PasswdEntry.new("steve", "s secret", "sha1") 
-    s2 = HTAuth::PasswdEntry.from_line(s.to_s)
-    _(s2.authenticated?("s secret")).must_equal true
-  end
-
-  it "authenticates correctly against bcrypt" do
-    s = HTAuth::PasswdEntry.new("brenda", "b secret", "bcrypt")
-    s2 = HTAuth::PasswdEntry.from_line(s.to_s)
-    _(s2.authenticated?("b secret")).must_equal true
-  end
-
-  it "can update the cost of an entry after initialization before encoding password" do
-    s = HTAuth::PasswdEntry.new("brenda", "b secret", "bcrypt")
-    _(s.algorithm.cost).must_equal(::HTAuth::Bcrypt::DEFAULT_APACHE_COST)
-
-    s2 = HTAuth::PasswdEntry.from_line(s.to_s)
-    s2.algorithm_args = { :cost => 12 }
-    s2.password = "b secret" # forces recalculation
-
-    _(s2.algorithm.cost).must_equal(12)
-  end
-
-  it "raises an error if assinging an invalid algorithm" do
-    b = HTAuth::PasswdEntry.new("brenda", "b secret", "bcrypt")
-    _ { b.algorithm = 42 }.must_raise(HTAuth::InvalidAlgorithmError)
-  end
-
-  it "returns username for a key" do
-    _(@alice.key).must_equal "alice"
-  end
-
-  it "checks the password correctly" do
-    _(@bob.authenticated?("b secret")).must_equal true
-  end
-
-  it "formats correctly when put to a string" do
-    _(@bob.to_s).must_equal "bob:b8Ml4Jp9I0N8E"
-  end
-
-  it "parses an input line" do
-    @bob_new = HTAuth::PasswdEntry.from_line("bob:b8Ml4Jp9I0N8E")
-    _(@bob.user).must_equal @bob_new.user
-    _(@bob.digest).must_equal @bob_new.digest
-  end
-
-  it "knows if an input line is a possible entry and raises an exception" do
-    _ { HTAuth::PasswdEntry.is_entry!("#stuff") }.must_raise(HTAuth::InvalidPasswdEntry)
-    _ { HTAuth::PasswdEntry.is_entry!("this:that:other:stuff") }.must_raise(HTAuth::InvalidPasswdEntry)
-    _ { HTAuth::PasswdEntry.is_entry!("this:that:other") }.must_raise(HTAuth::InvalidPasswdEntry)
-    _ { HTAuth::PasswdEntry.is_entry!("this:that:0a90549e8ffb2dd62f98252a95d88xyz") }.must_raise(HTAuth::InvalidPasswdEntry)
-  end
-
-  it "knows if an input line is a possible entry and returns false" do
-    _(HTAuth::PasswdEntry.is_entry?("#stuff")).must_equal false
-    _(HTAuth::PasswdEntry.is_entry?("this:that:other:stuff")).must_equal false 
-    _(HTAuth::PasswdEntry.is_entry?("this:that:other")).must_equal false 
-    _(HTAuth::PasswdEntry.is_entry?("this:that:0a90549e8ffb2dd62f98252a95d88xyz")).must_equal false
-  end
-
-  it "knows if an input line is a possible entry and returns true" do
-    _(HTAuth::PasswdEntry.is_entry?("bob:irRm0g.SDfCyI")).must_equal true
-    _(HTAuth::PasswdEntry.is_entry?("bob:b secreat")).must_equal true
-    _(HTAuth::PasswdEntry.is_entry?("bob:{SHA}b/tjGXbX80MEKVnF200S43ca4hY=")).must_equal true
-    _(HTAuth::PasswdEntry.is_entry?("bob:$apr1$lo1tk/..$CarApvZPee0F6Wj1U0GxZ1")).must_equal true
-    _(HTAuth::PasswdEntry.is_entry?("bob:$2y$05$ts3k1r.t0Cne6j6DLt0/SepT5X4qthDFEdfqHBBMO5MhqzyMz34j2")).must_equal true
-  end
-
-  it "duplicates itself" do
-    _(@alice.dup.to_s).must_equal @alice.to_s
-  end
-end

data/spec/passwd_file_spec.rb

@@ -1,84 +0,0 @@
-require 'spec_helper'
-require 'htauth/passwd_file'
-require 'tempfile'
-
-describe HTAuth::PasswdFile do
-
-  before(:each) do
-    @tf             = Tempfile.new("rpasswrd-passwd")
-    @tf.write(IO.read(PASSWD_ORIGINAL_TEST_FILE))
-    @tf.close
-    @passwd_file    = HTAuth::PasswdFile.new(@tf.path)
-
-    @tf2                = Tempfile.new("rpasswrd-passwd-empty")
-    @tf2.close
-    @empty_passwd_file  = HTAuth::PasswdFile.new(@tf2.path)
-  end
-
-  after(:each) do
-    @tf2.close(true)
-    @tf.close(true)
-  end
-
-  it "can add a new entry to an already existing passwd file" do
-    @passwd_file.add_or_update("charlie", "c secret", "sha1")
-    _(@passwd_file.contents).must_equal IO.read(PASSWD_ADD_TEST_FILE)
-  end
-
-  it "can tell if an entry already exists in the passwd file" do
-    _(@passwd_file.has_entry?("alice")).must_equal true
-    _(@passwd_file.has_entry?("david")).must_equal false
-  end
-
-  it "can update an entry in an already existing passwd file, algorithm can change" do
-    @passwd_file.add_or_update("alice", "a new secret", "sha1")
-    _(@passwd_file.contents).must_equal IO.read(PASSWD_UPDATE_TEST_FILE)
-  end
-
-  it "can update an entry in an already existing passwd file, algorithm and arguments can change" do
-    @passwd_file.add_or_update("brenda", "b secret", "bcrypt")
-    entry = @passwd_file.fetch("brenda")
-    _(entry.algorithm.cost).must_equal(::HTAuth::Bcrypt::DEFAULT_APACHE_COST)
-    @passwd_file.add_or_update("brenda", "b secret", "bcrypt", :cost => 12)
-    entry = @passwd_file.fetch("brenda")
-    _(entry.algorithm.cost).must_equal(12)
-  end
-
-  it "fetches a copy of an entry" do
-    _(@passwd_file.fetch("alice").to_s).must_equal "alice:$apr1$DghnA...$CsPcgerfsI/Ryy0AOAJtb0"
-  end
-
-  it "raises an error if an attempt is made to alter a non-existent file" do
-    _ { HTAuth::PasswdFile.new("some-file") }.must_raise(HTAuth::FileAccessError)
-  end
-
-  # this test will only work on systems that have /etc/ssh_host_rsa_key 
-  it "raises an error if an attempt is made to open a file where no permissions are granted" do
-    _ { HTAuth::PasswdFile.new("/etc/ssh_host_rsa_key") }.must_raise(HTAuth::FileAccessError)
-  end
-
-  it "deletes an entry" do
-    @passwd_file.delete("bob")
-    _(@passwd_file.contents).must_equal IO.read(PASSWD_DELETE_TEST_FILE)
-  end
-
-  it "checks authentication of an entry - true" do
-    _(@passwd_file.authenticated?("alice", "a secret")).must_equal true
-  end
-
-  it "checks authentication of an entry - false" do
-    _(@passwd_file.authenticated?("alice", "the wrong secret")).must_equal false
-  end
-
-
-  it "is usable in a ruby manner and yields itself when opened" do
-    HTAuth::PasswdFile.open(@tf.path) do |pf|
-      pf.add_or_update("alice", "a new secret", "md5")
-      pf.delete('bob')
-    end
-    lines = IO.readlines(@tf.path)
-    _(lines.size).must_equal 1
-    _(lines.first.split(':').first).must_equal "alice"
-    _(lines.first.split(':').last).must_match( /\$apr1\$/ )
-  end
-end

data/spec/plaintext_spec.rb

@@ -1,11 +0,0 @@
-require 'spec_helper'
-require 'htauth/plaintext'
-
-describe HTAuth::Plaintext do
-  it "encrypts the same way that apache does" do
-    apache_result = "a secret"
-    pt = HTAuth::Plaintext.new
-    _(pt.encode("a secret")).must_equal apache_result
-  end
-end
-

data/spec/sha1_spec.rb

@@ -1,11 +0,0 @@
-require 'spec_helper'
-require 'htauth/sha1'
-
-describe HTAuth::Sha1 do
-  it "encrypts the same way that apache does" do
-    apache_result = "{SHA}ZrnlrvmM7ZCOV3FAvM7la89NKbk="
-    sha1 = HTAuth::Sha1.new
-    _(sha1.encode("a secret")).must_equal apache_result
-  end
-end
-

data/spec/spec_helper.rb

@@ -1,28 +0,0 @@
-if RUBY_VERSION >= '1.9.2' then
-  require 'simplecov'
-  puts "Using coverage!"
-  SimpleCov.start if ENV['COVERAGE']
-end
-
-gem 'minitest'
-require 'minitest/autorun'
-require 'minitest/pride'
-
-PASSWD_ORIGINAL_TEST_FILE  = File.join(File.dirname(__FILE__), "test.original.passwd")
-PASSWD_ADD_TEST_FILE       = File.join(File.dirname(__FILE__), "test.add.passwd")
-PASSWD_UPDATE_TEST_FILE    = File.join(File.dirname(__FILE__), "test.update.passwd")
-PASSWD_DELETE_TEST_FILE    = File.join(File.dirname(__FILE__), "test.delete.passwd")
-PASSWD_COMMENTED_TEST_FILE = File.join(File.dirname(__FILE__), "test.comments.passwd")
-
-DIGEST_ORIGINAL_TEST_FILE  = File.join(File.dirname(__FILE__), "test.original.digest")
-DIGEST_ADD_TEST_FILE       = File.join(File.dirname(__FILE__), "test.add.digest")
-DIGEST_UPDATE_TEST_FILE    = File.join(File.dirname(__FILE__), "test.update.digest")
-DIGEST_DELETE_TEST_FILE    = File.join(File.dirname(__FILE__), "test.delete.digest")
-DIGEST_COMMENTED_TEST_FILE = File.join(File.dirname(__FILE__), "test.comments.digest")
-
-require 'stringio'
-class ConsoleIO < StringIO
-  def noecho(&block)
-    yield self
-  end
-end

data/spec/test.add.digest

@@ -1,3 +0,0 @@
-bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e
-alice:htauth:2f361db93147d84831eb34f19d05bfbb
-charlie:htauth-new:1ec9da72c45d9140949f338dc537c089

data/spec/test.add.passwd

@@ -1,3 +0,0 @@
-alice:$apr1$DghnA...$CsPcgerfsI/Ryy0AOAJtb0
-bob:SFUkhjaJc18KA
-charlie:{SHA}Cqrkk2no+ly0vYClUp49OJQahSE=

data/spec/test.delete.digest

@@ -1 +0,0 @@
-bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e

data/spec/test.delete.passwd

@@ -1 +0,0 @@
-alice:$apr1$DghnA...$CsPcgerfsI/Ryy0AOAJtb0

data/spec/test.original.digest

@@ -1,2 +0,0 @@
-bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e
-alice:htauth:2f361db93147d84831eb34f19d05bfbb

data/spec/test.original.passwd

@@ -1,2 +0,0 @@
-alice:$apr1$DghnA...$CsPcgerfsI/Ryy0AOAJtb0
-bob:SFUkhjaJc18KA

data/spec/test.update.digest

@@ -1,2 +0,0 @@
-bob:htauth:fcbeab6821d2ab3b00934c958db0fd1e
-alice:htauth:c32a4df25c6ecf75f3eaeb96771520de

data/spec/test.update.passwd

@@ -1,2 +0,0 @@
-alice:{SHA}GnoUUjgrLF07/6L9lW2BcaDXxB0=
-bob:SFUkhjaJc18KA

data/tasks/default.rake

@@ -1,242 +0,0 @@
-# vim: syntax=ruby
-require 'rake/clean'
-require 'digest'
-#------------------------------------------------------------------------------
-# If you want to Develop on this project just run 'rake develop' and you'll
-# have all you need to get going. If you want to use bundler for development,
-# then run 'rake develop:using_bundler'
-#------------------------------------------------------------------------------
-namespace :develop do
-
-  # Install all the development and runtime dependencies of this gem using the
-  # gemspec.
-  task :default => 'Gemfile' do
-    require 'rubygems/dependency_installer'
-    installer = ::Gem::DependencyInstaller.new
-    puts "Installing bundler..."
-    installer.install 'bundler'
-    sh 'bundle install'
-    puts "\n\nNow run 'rake test'"
-  end
-
-  # Create a Gemfile that just references the gemspec
-  file 'Gemfile' => :gemspec do
-    File.open( "Gemfile", "w+" ) do |f|
-      f.puts "# DO NOT EDIT - This file is automatically generated"
-      f.puts "# Make changes to Manifest.txt and/or Rakefile and regenerate"
-      f.puts 'source "https://rubygems.org"'
-      f.puts 'gemspec'
-    end
-  end
-end
-desc "Bootstrap development"
-task :develop => "develop:default"
-
-#------------------------------------------------------------------------------
-# Minitest - standard TestTask
-#------------------------------------------------------------------------------
-begin
-  require 'rake/testtask'
-  Rake::TestTask.new( :test ) do |t|
-    t.ruby_opts    = %w[ -w ]
-    t.libs         = %w[ lib spec test ]
-    t.pattern      = "{test,spec}/**/{test_*,*_spec}.rb"
-  end
-
-  task :test_requirements
-  task :test => :test_requirements
-  task :default => :test
-rescue LoadError
-  This.task_warning( 'test' )
-end
-
-#------------------------------------------------------------------------------
-# RDoc - standard rdoc rake task, although we must make sure to use a more
-#        recent version of rdoc since it is the one that has 'tomdoc' markup
-#------------------------------------------------------------------------------
-begin
-  gem 'rdoc' # otherwise we get the wrong task from stdlib
-  require 'rdoc/task'
-  RDoc::Task.new do |t|
-    t.markup   = 'tomdoc'
-    t.rdoc_dir = 'doc'
-    t.main     = 'README.md'
-    t.title    = "#{This.name} #{This.version}"
-    t.rdoc_files.include( FileList['*.{rdoc,md,txt}'], FileList['ext/**/*.c'],
-                          FileList['lib/**/*.rb'] )
-  end
-rescue StandardError, LoadError
-  This.task_warning( 'rdoc' )
-end
-
-#------------------------------------------------------------------------------
-# Coverage - optional code coverage, rcov for 1.8 and simplecov for 1.9, so
-#            for the moment only rcov is listed.
-#------------------------------------------------------------------------------
-begin
-  require 'simplecov'
-  desc 'Run tests with code coverage'
-  task :coverage do
-    ENV['COVERAGE'] = 'true'
-    Rake::Task[:test].execute
-  end
-  CLOBBER << 'coverage' if File.directory?( 'coverage' )
-rescue LoadError
-  This.task_warning( 'simplecov' )
-end
-
-#------------------------------------------------------------------------------
-# Manifest - We want an explicit list of thos files that are to be packaged in
-#            the gem. Most of this is from Hoe.
-#------------------------------------------------------------------------------
-namespace 'manifest' do
-  desc "Check the manifest"
-  task :check => :clean do
-    files = FileList["**/*", ".*"].exclude( This.exclude_from_manifest ).to_a.sort
-    files = files.select{ |f| File.file?( f ) }
-
-    tmp = "Manifest.tmp"
-    File.open( tmp, 'w' ) do |f|
-      f.puts files.join("\n")
-    end
-
-    begin
-      sh "diff -du Manifest.txt #{tmp}"
-    ensure
-      rm tmp
-    end
-    puts "Manifest looks good"
-  end
-
-  desc "Generate the manifest"
-  task :generate => :clean do
-    files = %x[ git ls-files ].split("\n").sort
-    files.reject! { |f| f =~ This.exclude_from_manifest }
-    File.open( "Manifest.txt", "w" ) do |f|
-      f.puts files.join("\n")
-    end
-  end
-end
-
-#------------------------------------------------------------------------------
-# Fixme - look for fixmes and report them
-#------------------------------------------------------------------------------
-namespace :fixme do
-  task :default => 'manifest:check' do
-    This.manifest.each do |file|
-      next if file == __FILE__
-      next unless file =~ %r/(txt|rb|md|rdoc|css|html|xml|css)\Z/
-      puts "FIXME: Rename #{file}" if file =~ /fixme/i
-      IO.readlines( file ).each_with_index do |line, idx|
-        prefix = "FIXME: #{file}:#{idx+1}".ljust(42)
-        puts "#{prefix} => #{line.strip}" if line =~ /fixme/i
-      end
-    end
-  end
-
-  def fixme_project_root
-    This.project_path( '../fixme' )
-  end
-
-  def fixme_project_path( subtree )
-    fixme_project_root.join( subtree )
-  end
-
-  def local_fixme_files
-    This.manifest.select { |p| p =~ %r|^tasks/| }
-  end
-
-  def outdated_fixme_files
-    local_fixme_files.select do |local|
-      upstream     = fixme_project_path( local )
-      upstream.exist? &&
-        ( Digest::SHA256.file( local ) != Digest::SHA256.file( upstream ) )
-    end
-  end
-
-  def fixme_up_to_date?
-    outdated_fixme_files.empty?
-  end
-
-  desc "See if the fixme tools are outdated"
-  task :outdated do
-    if fixme_up_to_date? then
-      puts "Fixme files are up to date."
-    else
-      outdated_fixme_files.each do |f|
-        puts "#{f} is outdated"
-      end
-    end
-  end
-
-  desc "Update outdated fixme files"
-  task :update do
-    if fixme_up_to_date? then
-      puts "Fixme files are already up to date."
-    else
-      puts "Updating fixme files:"
-      outdated_fixme_files.each do |local|
-        upstream = fixme_project_path( local )
-        puts "  * #{local}"
-        FileUtils.cp( upstream, local )
-      end
-      puts "Use your git commands as appropriate."
-    end
-  end
-end
-desc "Look for fixmes and report them"
-task :fixme => "fixme:default"
-
-#------------------------------------------------------------------------------
-# Gem Specification
-#------------------------------------------------------------------------------
-# Really this is only here to support those who use bundler
-desc "Build the #{This.name}.gemspec file"
-task :gemspec do
-  File.open( This.gemspec_file, "wb+" ) do |f|
-    f.puts "# DO NOT EDIT - This file is automatically generated"
-    f.puts "# Make changes to Manifest.txt and/or Rakefile and regenerate"
-    f.write This.platform_gemspec.to_ruby
-  end
-end
-
-# .rbc files from ruby 2.0
-CLOBBER << FileList["**/*.rbc"]
-
-# The standard gem packaging task, everyone has it.
-require 'rubygems/package_task'
-::Gem::PackageTask.new( This.platform_gemspec ) do
-  # nothing
-end
-
-#------------------------------------------------------------------------------
-# Release - the steps we go through to do a final release, this is pulled from
-#           a compbination of mojombo's rakegem, hoe and hoe-git
-#
-# 1) make sure we are on the main branch
-# 2) make sure there are no uncommitted items
-# 3) check the manifest and make sure all looks good
-# 4) build the gem
-# 5) do an empty commit to have the commit message of the version
-# 6) tag that commit as the version
-# 7) push main
-# 8) push the tag
-# 7) pus the gem
-#------------------------------------------------------------------------------
-task :release_check do
-  unless `git branch` =~ /^\* main/
-    abort "You must be on the main branch to release!"
-  end
-  unless `git status` =~ /^nothing to commit/m
-    abort "Nope, sorry, you have unfinished business"
-  end
-end
-
-desc "Create tag v#{This.version}, build and push #{This.platform_gemspec.full_name} to rubygems.org"
-task :release => [ :release_check, 'manifest:check', :gem ] do
-  sh "git commit --allow-empty -a -m 'Release #{This.version}'"
-  sh "git tag -a -m 'v#{This.version}' v#{This.version}"
-  sh "git push origin main"
-  sh "git push origin v#{This.version}"
-  sh "gem push pkg/#{This.platform_gemspec.full_name}.gem"
-end