kensa 1.1.4 → 1.2.0rc1

data/test/lib/formatter.rb

@@ -0,0 +1,85 @@
+require 'test/unit'
+require 'test/unit/ui/console/testrunner'
+
+def format_kensa_test_name(name)
+  name.sub(/\Atest_/,"").match(/\A([^\(]*)/)[1].gsub("_", " ")
+end
+
+module Test
+  module Unit
+    class TestCase
+      alias_method :add_error_with_connection_exception, :add_error
+      alias_method :add_failure_with_connection_exception, :add_failure
+
+      private
+      def add_error(exception)
+        if exception.class == Errno::ECONNREFUSED
+          @test_passed = false
+          message = "Unable to connect to your API."
+          @_result.add_failure(Failure.new(name, filter_backtrace(caller()), message))
+        else
+          add_error_with_connection_exception(exception)
+        end
+      end
+    end
+
+    class Failure
+      def long_display
+        name = format_kensa_test_name(@test_name)
+        "#{name} - FAILED: #@message"
+      end
+    end
+
+    class Error
+      def long_display
+        backtrace = filter_backtrace(@exception.backtrace).join("\n    ")
+        name = format_kensa_test_name(@test_name)
+        "#{@exception.class.name} in #{name}:\n#{message}\n    #{backtrace}"
+      end
+    end
+
+    module UI
+      module Console
+        class TestRunner
+
+          alias_method :test_started_old, :test_started
+
+          def add_fault(fault)
+            @faults << fault
+            @already_outputted = true
+          end
+
+          def test_started(name)
+            if name =~ /\((.*)::([^\)]*)/
+              ctx, should = [$1, $2]
+            end
+            unless ctx.nil? or should.nil?
+              if ctx != @ctx
+                nl
+                output("#{ctx}:")
+              end
+              @ctx = ctx
+              @current_test_text = " ==> #{should}"
+            else
+              test_started_old(name)
+            end
+          end
+
+          def test_finished(name)
+            @current_test_text = name.sub(/\Atest_/,"").match(/\A([^\(]*)/)[1].gsub("_", " ")
+            if fault = @faults.find {|f| f.test_name == name}
+              fault_type = fault.is_a?(Test::Unit::Failure) ? "FAILED" : "ERROR!"
+              # NOTE -- Concatenation because "\e[0m]" does funky stuff.
+              output("[\e[0;31m#{fault_type}\e[0m" + "] #{@current_test_text}.")
+            else
+              output("[  \e[0;32mOK\e[0m  ] #{@current_test_text}.")
+            end
+            @already_outputted = false
+          end
+
+        end
+      end
+    end
+  end
+end
+

data/test/lib/response.rb

@@ -0,0 +1,6 @@
+Response = Struct.new(:code, :body, :cookies) do
+  def json_body
+    Yajl::Parser.parse(self.body)
+  end
+end
+

data/test/lib/test_case.rb

@@ -0,0 +1,56 @@
+class Test::Unit::TestCase
+  def make_token(id, salt, timestamp)
+    Digest::SHA1.hexdigest([id, salt, timestamp].join(':'))
+  end
+
+  def provider_request(meth, path, params = {}, auth_credentials = nil)
+    if auth_credentials.nil?
+      auth_credentials = [manifest["id"], manifest["api"]["password"]]
+    end
+    if path =~ /http/
+      uri = URI.parse(path)
+    else
+      uri = URI.parse(base_url)
+      uri.path = path
+    end
+    if auth_credentials
+      uri.userinfo = auth_credentials
+    end
+    opts = meth == :get ? { :params => params } : params
+    response = RestClient.send(meth, "#{uri.to_s}", opts)
+    Response.new(response.code, response.body, response.cookies)
+  rescue RestClient::Forbidden
+    Response.new(403)
+  rescue RestClient::Unauthorized
+    Response.new(401)
+  end
+
+  def get(path, params = {})
+    provider_request(:get, path, params, auth = false)
+  end
+
+  def delete(path, auth_credentials = nil)
+    provider_request(:delete, path, params = nil, auth_credentials)
+  end
+
+  def post(path, params = {}, auth_credentials = nil)
+    provider_request(:post, path, params, auth_credentials)
+  end
+
+  def put(path, params = {}, auth_credentials = nil)
+    provider_request(:put, path, params, auth_credentials)
+  end
+
+  def manifest
+    return @manifest if @manifest
+    @manifest ||= $manifest || Heroku::Kensa::Manifest.new.skeleton
+  end
+
+  def base_url
+    if manifest["api"]["test"].is_a?(Hash)
+      manifest["api"]["test"]["base_url"].chomp("/")
+    else
+      manifest["api"]["test"].chomp("/")
+    end
+  end
+end

data/test/manifest_generation_test.rb

@@ -0,0 +1,32 @@
+$:.unshift(File.expand_path("../..",__FILE__))
+require 'test/helper'
+class ManifestGenerationTest < Test::Unit::TestCase
+  include Heroku::Kensa
+
+  def setup
+    super
+    @manifest = Manifest.new
+  end
+
+  def test_generates_a_new_sso_salt_every_time
+    assert @manifest.skeleton['api']['sso_salt'] != Manifest.new.skeleton['api']['sso_salt']
+  end
+
+  def test_generates_a_new_password_every_time
+    assert @manifest.skeleton['api']['password'] != Manifest.new.skeleton['api']['password']
+  end
+end
+
+class ManifestGenerationWithoutSSOTest < Test::Unit::TestCase
+  include Heroku::Kensa
+
+  def setup
+    super
+    options = { :sso => false }
+    @manifest = Manifest.new 'test.txt', options
+  end
+
+  def test_exclude_sso_salt
+    assert_nil @manifest.skeleton['api']['sso_salt']
+  end
+end

data/test/manifest_test.rb

@@ -1,36 +1,51 @@
+$:.unshift(File.expand_path("../..",__FILE__))
 require 'test/helper'
-
 class ManifestTest < Test::Unit::TestCase
-  include Heroku::Kensa
 
-  context 'manifest' do
-    setup { @manifest = Manifest.new }
+  def test_has_an_id
+    assert manifest["id"], "Manifest needs to specify the ID of the add-on."
+  end
 
-    test 'have sso salt' do
-      assert_not_nil @manifest.skeleton['api']['sso_salt']
-    end
+  def test_has_a_hash_of_api_settings
+    assert manifest["api"], "Manifest needs to contain a Hash of API settings."
+    assert manifest["api"].is_a?(Hash), "Manifest needs to contain a Hash of API settings."
+  end
 
-    test 'generates a new sso salt every time' do
-      assert @manifest.skeleton['api']['ssl_salt'] != Manifest.new.skeleton['api']['sso_salt']
-    end
+  def test_api_has_a_password
+    assert manifest["api"]["password"], "Manifest must define a password within the API settings."
+  end
 
-    test 'has an api password' do
-      assert_not_nil @manifest.skeleton['api']['password']
-    end
+  def test_api_contains_test
+    assert manifest["api"]["test"], "Manifest must define a test environment with the API settings."
+  end
+
+  def test_api_contains_production
+    assert manifest["api"]["production"], "Manifest must define a production environment with the API settings."
+  end
 
-    test 'generates a new password every time' do
-      assert @manifest.skeleton['api']['password'] != Manifest.new.skeleton['api']['password']
+  def test_api_contains_production_of_https
+    if manifest["api"]["production"].is_a?(Hash)
+      url = manifest["api"]["production"]["base_url"]
+    else
+      url = manifest["api"]["production"]
     end
+    assert url.match(%r{\Ahttps://}), "Production environment must communicate over HTTPS."
   end
 
-  context 'manifest without sso' do
-    setup do
-      options = { :sso => false }
-      @manifest = Manifest.new 'test.txt', options
+  def test_all_config_vars_are_in_upper_case
+    manifest["api"]["config_vars"].each do |var|
+      assert_equal var.upcase, var, "All config vars must be uppercase, #{var} is not."
     end
+  end
 
-    test 'exclude sso salt' do
-      assert_nil @manifest.skeleton['api']['sso_salt']
+  def test_assert_config_var_prefixes_match_addon_id
+    id = manifest["id"].upcase.gsub("-", "_")
+    manifest["api"]["config_vars"].each do |var|
+      assert var.match(%r{\A#{id}_}), "All config vars must be prefixed with the add-on ID (#{id}), #{var} is not."
     end
   end
+
+  def test_username_is_deprecated
+    assert !manifest["api"]["username"], "Username has been deprecated."
+  end
 end

data/test/plan_change_test.rb

@@ -0,0 +1,30 @@
+$:.unshift(File.expand_path("../..",__FILE__))
+require 'test/lib/dependencies'
+class PlanChangeTest < Test::Unit::TestCase
+
+  def setup
+    super
+    @params = { :plan => "new_plan" }
+  end
+
+  def plan_change(auth = nil, params = @params)
+    response = put "/heroku/resources/123", params, auth
+  end
+
+  def test_working_plan_change_call
+    response = plan_change
+    assert_equal 200, response.code, "Expected a 200 response code on successful plan change."
+  end
+
+  def test_detects_missing_auth
+    response = plan_change(auth = false)
+    assert_equal 401, response.code, "Provisioning request should require authentication."
+
+    response = plan_change(auth = [manifest["id"]+"a", manifest["api"]["password"]])
+    assert_equal 401, response.code, "Provisioning request appears to allow any username, should require '#{manifest["id"]}'."
+
+    response = plan_change(auth = [manifest["id"], manifest["api"]["password"]+"a"])
+    assert_equal 401, response.code, "Provisioning request appears to allow any password, should require '#{manifest["api"]["password"]}'."
+  end
+
+end

data/test/provision_test.rb

@@ -0,0 +1,84 @@
+$:.unshift(File.expand_path("../..",__FILE__))
+require 'test/lib/dependencies'
+class ProvisionTest < Test::Unit::TestCase
+
+  def setup
+    super
+    @params = {}
+  end
+
+  def provision(auth = nil, params = @params)
+    post "/heroku/resources", params, auth
+  end
+
+  def test_working_provision_call
+    response = provision
+    assert_equal 201, response.code, "Expects a 201 - Created response/status code when successfully provisioned."
+  end
+
+  def test_allows_the_definition_of_a_custom_provisioning_endpoint
+    #Artifice.activate_with(KensaServer.new)
+    #@data['api']['test'] = {
+    #  "base_url" => "https://example.org/providers/provision",
+    #  "sso_url"  => "https://example.org/sso"
+    #}
+    #assert_valid
+  end
+
+  def test_expects_a_valid_json_response
+    response = provision
+    assert response.json_body, "Expects a valid JSON object as response body."
+  end
+
+  def test_detects_missing_id
+    response = provision
+    assert response.json_body["id"], "Expects JSON response to contain the Provider's unique ID for this app."
+    assert response.json_body["id"].to_s.strip != "", "Expects JSON response to contain the Provider's unique ID for this app."
+  end
+
+  def test_provides_app_config
+    response = provision
+    assert response.json_body["config"].is_a?(Hash), "Expects JSON response to contain a hash of config variables."
+  end
+
+  def test_all_config_values_are_strings
+    response = provision
+    response.json_body["config"].each do |k,v|
+      assert k.is_a?(String), "Expect all config names to be strings ('#{k}' is not)."
+      assert v.is_a?(String), "Expect all config values to be strings ('#{v}' is not)."
+    end
+  end
+
+  def test_all_config_vars_are_defined_in_the_manifest
+    response = provision
+    response.json_body["config"].each do |k,v|
+      assert manifest["api"]["config_vars"].include?(k), "Only config vars defined in the manfiest can be set ('#{k}' is not)."
+    end
+  end
+
+  def test_all_config_url_values_are_valid
+    response = provision
+    response.json_body["config"].each do |k,v|
+      next unless k =~ /_URL\z/
+      begin
+        uri = URI.parse(v)
+        assert uri.host, "#{v} is not a valid URI - missing host"
+        assert uri.scheme, "#{v} is not a valid URI - missing scheme"
+      rescue URI::InvalidURIError
+        assert false, "#{v} is not a valud URI"
+      end
+    end
+  end
+
+  def test_detects_missing_auth
+    response = provision(auth = false)
+    assert_equal 401, response.code, "Provisioning request should require authentication."
+
+    response = provision(auth = [manifest["id"]+"a", manifest["api"]["password"]])
+    assert_equal 401, response.code, "Provisioning request appears to allow any username, should require '#{manifest["id"]}'."
+
+    response = provision(auth = [manifest["id"], manifest["api"]["password"]+"a"])
+    assert_equal 401, response.code, "Provisioning request appears to allow any password, should require '#{manifest["api"]["password"]}'."
+  end
+
+end

data/test/resources/provider_server.rb

@@ -0,0 +1,82 @@
+require 'sinatra'
+require 'json'
+
+class ProviderServer < Sinatra::Base
+  set :views, File.dirname(__FILE__) + "/views"
+
+  def initialize(manifest = nil)
+    @manifest = manifest
+    super
+  end
+
+  helpers do
+    def unauthorized!(status=403)
+      halt status, "Not authorized\n"
+    end
+
+    def check_timestamp!
+      unauthorized! if params[:timestamp].to_i < (Time.now-60*2).to_i
+    end
+
+    def check_token!
+      salt = @manifest && @manifest["sso_salt"]
+      token = Digest::SHA1.hexdigest([params[:id], salt, params[:timestamp]].join(':'))
+      unauthorized! if params[:token] != token
+    end
+
+    def authenticate!
+      unless auth_heroku?
+        response['WWW-Authenticate'] = %(Basic realm="Kensa Test Server")
+        unauthorized!(401)
+      end
+    end
+
+    def auth_heroku?
+      auth =  Rack::Auth::Basic::Request.new(request.env)
+      return false unless auth.provided? && auth.basic? && auth.credentials
+      if @manifest
+        auth.credentials == [@manifest["id"], @manifest["api"]["password"]]
+      else
+        auth.credentials == ['myaddon', 'secret']
+      end
+    end
+  end
+
+  delete '/heroku/resources/:id' do
+    authenticate!
+    status 200
+  end
+
+  put '/heroku/resources/:id' do
+    authenticate!
+    status 200
+  end
+
+  post '/heroku/resources' do
+    authenticate!
+    status 201
+    { "id" => 52343.to_s,
+      "config" => {
+        "MYADDON_USER" => "1",
+        "MYADDON_URL" => "http://host.example.org/"
+      }
+    }.to_json
+  end
+
+  get '/heroku/resources/:id' do
+    check_timestamp!
+    check_token!
+    response.set_cookie('heroku-nav-data', params['nav-data'])
+    session[:heroku] = true
+    haml :index
+  end
+
+  post '/sso/login' do
+    check_timestamp!
+    check_token!
+    response.set_cookie('heroku-nav-data', params['nav-data'])
+    session[:heroku] = true
+    haml :index
+  end
+
+end

data/test/resources/views/index.haml

@@ -0,0 +1,6 @@
+%html
+  %body
+    - if session[:heroku]
+      #heroku-header
+        %h1 Heroku
+    %h1 Sample Addon

data/test/sso_launch_test.rb

@@ -0,0 +1,130 @@
+$:.unshift(File.expand_path("../..",__FILE__))
+require 'test/helper'
+require 'cgi'
+
+module SsoSetupActions
+  include Heroku::Kensa
+
+  def sso_setup
+    Timecop.freeze Time.utc(2010, 1)
+    @data = Manifest.new.skeleton.merge(:id => 1)
+    @data['api']['test'] = 'http://localhost:4567/'
+    @data['api']['sso_salt'] = 'SSO_SALT'
+    @sso = Sso.new @data
+  end
+
+  def asserts_builds_full_url(env)
+    url, query = @sso.full_url.split('?')
+    data = CGI.parse(query)
+
+    assert_equal "#{@data['api'][env]}heroku/resources/1", url
+    assert_equal 'b6010f6fbb850887a396c2bc0ab23974003008f6', data['token'].first
+    assert_equal '1262304000', data['timestamp'].first
+    assert_equal 'username@example.com', data['user'].first
+  end
+end
+
+class SsoLaunchTest < Test::Unit::TestCase
+  include SsoSetupActions
+
+  def setup
+    super
+    sso_setup
+  end
+
+  def test_builds_path
+    assert_equal '/heroku/resources/1', @sso.path
+  end
+
+  def test_builds_full_url
+    asserts_builds_full_url('test')
+  end
+end
+
+class SsoGetLaunchTest < Test::Unit::TestCase
+  include SsoSetupActions
+
+  def setup
+    super
+    sso_setup
+    @data["api"]["test"] = "http://example.org/"
+    @sso = Sso.new(@data).start
+  end
+
+  def test_sso_url_should_be_the_full_url
+    assert_equal @sso.full_url, @sso.sso_url
+  end
+
+  def test_message_is_opening_full_url
+    assert_equal "Opening #{@sso.full_url}", @sso.message
+  end
+end
+
+class SsoPostLaunchTest < Test::Unit::TestCase
+  include SsoSetupActions
+
+  def setup
+    super
+    sso_setup
+    @data['api']['test'] = {
+      "base_url" => "http://localhost:4567",
+      "sso_url" => "http://localhost:4567/users/login/sso"
+    }
+  end
+
+  def test_it_starts_the_proxy_server
+    Artifice.deactivate
+    @sso = Sso.new(@data).start
+    body = RestClient.get(@sso.sso_url)
+
+    assert body.include? 'b6010f6fbb850887a396c2bc0ab23974003008f6'
+    assert body.include? '1262304000'
+    assert body.include? @sso.url
+    assert body.include? @sso.sample_nav_data
+  end
+end
+
+class SsoPostProxyLaunchTest < Test::Unit::TestCase
+  include SsoSetupActions
+
+  def setup
+    super
+    sso_setup
+    @data['api']['test'] = {
+      "base_url" => "http://localhost:4567",
+      "sso_url" => "http://localhost:4567/users/login/sso"
+    }
+    any_instance_of(Sso, :run_proxy => false)
+    @sso = Sso.new(@data).start
+  end
+
+  def test_sso_url_should_point_to_the_proxy
+    assert_equal "http://localhost:#{@sso.proxy_port}/", @sso.sso_url
+  end
+
+  def test_post_url_contains_url_and_path
+    assert_equal "http://localhost:4567/users/login/sso", @sso.post_url
+  end
+
+  def test_message_is_posting_data_to_post_url_via_proxy_on_port_proxy_port
+    assert_equal "POSTing #{@sso.query_data} to #{@sso.post_url} via proxy on port #{@sso.proxy_port}", @sso.message
+  end
+end
+
+class SsoEnvironmentLaunchTest < Test::Unit::TestCase
+  include SsoSetupActions
+
+  def setup
+    super
+    sso_setup
+    env = 'production'
+    @data[:env] = env
+    @data['api'][env] = 'http://localhost:7654/'
+
+    @sso = Sso.new @data
+  end
+
+  def test_builds_full_url
+    asserts_builds_full_url('production')
+  end
+end