kensa 1.1.3 → 1.1.4

data/Gemfile

@@ -0,0 +1,9 @@
+source :gemcutter
+gemspec
+group :development do 
+  gem 'json'
+  gem 'contest'
+  gem 'haml'
+  gem 'jeweler'
+  gem 'rr'
+end

data/Gemfile.lock

@@ -0,0 +1,58 @@
+PATH
+  remote: .
+  specs:
+    kensa (1.1.4)
+      kensa
+      launchy (>= 0.3.2)
+      mechanize (~> 1.0.0)
+      rest-client (< 1.7.0, >= 1.4.0)
+      term-ansicolor (~> 1.0)
+      yajl-ruby (~> 0.6)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    ansi (1.3.0)
+    contest (0.1.3)
+    git (1.2.5)
+    haml (3.1.2)
+    jeweler (1.6.4)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+    json (1.5.3)
+    launchy (2.0.5)
+      addressable (~> 2.2.6)
+    mechanize (1.0.0)
+      nokogiri (>= 1.2.1)
+    mime-types (1.16)
+    nokogiri (1.5.0)
+    rack (1.3.2)
+    rake (0.9.2)
+    rest-client (1.6.3)
+      mime-types (>= 1.16)
+    rr (1.0.3)
+    sinatra (1.2.6)
+      rack (~> 1.1)
+      tilt (>= 1.2.2, < 2.0)
+    term-ansicolor (1.0.6)
+    tilt (1.3.2)
+    timecop (0.3.5)
+    turn (0.8.2)
+      ansi (>= 1.2.2)
+    yajl-ruby (0.8.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  contest
+  haml
+  jeweler
+  json
+  kensa!
+  rr
+  sinatra (>= 0.9)
+  timecop (>= 0.3.5)
+  turn

data/Rakefile

@@ -2,8 +2,9 @@ desc 'Run all unit tests'
 task :test do
   fork do
     exec "ruby test/resources/server.rb > /dev/null 2>&1"
+    #exec "ruby test/resources/server.rb > log.txt 2>&1"
   end
-  system "turn"
+  system "turn test"
   system "ps -ax | grep test/resources/server.rb | grep -v grep | awk '{print $1}' | xargs kill"
 end
 
@@ -19,7 +20,7 @@ begin
     gemspec.description = "Kensa is a command-line tool to help add-on providers integrating their services with Heroku. It manages manifest files, and provides a TDD-like approach for programmers to test and develop their APIs."
     gemspec.email = "pedro@heroku.com"
     gemspec.homepage = "http://provider.heroku.com/resources"
-    gemspec.authors = ["Blake Mizerany", "Pedro Belo", "Adam Wiggins"]
+    gemspec.authors = ["Blake Mizerany", "Pedro Belo", "Adam Wiggins", "Chris Continanza"]
 
     gemspec.add_development_dependency(%q<turn>, [">= 0"])
     gemspec.add_development_dependency(%q<contest>, [">= 0"])

data/bin/kensa

@@ -1,5 +1,9 @@
 #!/usr/bin/env ruby
 
+lib = File.expand_path(File.dirname(__FILE__) + '/../lib')
+$LOAD_PATH.unshift(lib) if File.directory?(lib) && !$LOAD_PATH.include?(lib)
+
+require 'rubygems'
 require 'optparse'
 require 'heroku/kensa'
 require 'heroku/kensa/client'
@@ -56,6 +60,9 @@ OPTIONS
   --without-sso
     Skip single sign-on authentication when doing provision calls
 
+  --post
+    Use HTTP POST for single sign-on instead of GET
+
 COMMANDS
 
   init            Creates a skeleton manifest

data/kensa.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{kensa}
-  s.version = "1.1.3"
+  s.version = "1.1.4"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Blake Mizerany", "Pedro Belo", "Adam Wiggins"]
-  s.date = %q{2011-02-21}
+  s.authors = ["Blake Mizerany", "Pedro Belo", "Adam Wiggins", 'Chris Continanza']
+  s.date = %q{2011-08-22}
   s.default_executable = %q{kensa}
   s.description = %q{Kensa is a command-line tool to help add-on providers integrating their services with Heroku. It manages manifest files, and provides a TDD-like approach for programmers to test and develop their APIs.}
   s.email = %q{pedro@heroku.com}
@@ -18,6 +18,8 @@ Gem::Specification.new do |s|
     "README.md"
   ]
   s.files = [
+    "Gemfile",
+    "Gemfile.lock",
     "README.md",
     "Rakefile",
     "bin/kensa",
@@ -27,6 +29,7 @@ Gem::Specification.new do |s|
     "lib/heroku/kensa/client.rb",
     "lib/heroku/kensa/http.rb",
     "lib/heroku/kensa/manifest.rb",
+    "lib/heroku/kensa/post_proxy.rb",
     "lib/heroku/kensa/sso.rb",
     "set-env.sh",
     "test/all_check_test.rb",
@@ -44,33 +47,23 @@ Gem::Specification.new do |s|
   ]
   s.homepage = %q{http://provider.heroku.com/resources}
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.6}
+  s.rubygems_version = %q{1.6.2}
   s.summary = %q{Tool to help Heroku add-on providers integrating their services}
-  s.test_files = [
-    "test/all_check_test.rb",
-    "test/deprovision_check_test.rb",
-    "test/helper.rb",
-    "test/manifest_check_test.rb",
-    "test/manifest_test.rb",
-    "test/plan_change_check_test.rb",
-    "test/provision_check_test.rb",
-    "test/provision_response_check_test.rb",
-    "test/resources/runner.rb",
-    "test/resources/server.rb",
-    "test/sso_check_test.rb",
-    "test/sso_test.rb"
-  ]
 
   if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
     s.specification_version = 3
 
-    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_development_dependency(%q<turn>, [">= 0"])
       s.add_development_dependency(%q<contest>, [">= 0"])
       s.add_development_dependency(%q<timecop>, [">= 0.3.5"])
       s.add_development_dependency(%q<sinatra>, [">= 0.9"])
-      s.add_runtime_dependency(%q<rest-client>, [">= 1.4.0", "< 1.7.0"])
+      s.add_development_dependency(%q<json>, [">= 0"])
+      s.add_development_dependency(%q<contest>, [">= 0"])
+      s.add_development_dependency(%q<haml>, [">= 0"])
+      s.add_development_dependency(%q<jeweler>, [">= 0"])
+      s.add_development_dependency(%q<rr>, [">= 0"])
+      s.add_runtime_dependency(%q<rest-client>, ["< 1.7.0", ">= 1.4.0"])
       s.add_runtime_dependency(%q<yajl-ruby>, ["~> 0.6"])
       s.add_runtime_dependency(%q<term-ansicolor>, ["~> 1.0"])
       s.add_runtime_dependency(%q<launchy>, [">= 0.3.2"])
@@ -80,7 +73,12 @@ Gem::Specification.new do |s|
       s.add_dependency(%q<contest>, [">= 0"])
       s.add_dependency(%q<timecop>, [">= 0.3.5"])
       s.add_dependency(%q<sinatra>, [">= 0.9"])
-      s.add_dependency(%q<rest-client>, [">= 1.4.0", "< 1.7.0"])
+      s.add_dependency(%q<json>, [">= 0"])
+      s.add_dependency(%q<contest>, [">= 0"])
+      s.add_dependency(%q<haml>, [">= 0"])
+      s.add_dependency(%q<jeweler>, [">= 0"])
+      s.add_dependency(%q<rr>, [">= 0"])
+      s.add_dependency(%q<rest-client>, ["< 1.7.0", ">= 1.4.0"])
       s.add_dependency(%q<yajl-ruby>, ["~> 0.6"])
       s.add_dependency(%q<term-ansicolor>, ["~> 1.0"])
       s.add_dependency(%q<launchy>, [">= 0.3.2"])
@@ -91,7 +89,12 @@ Gem::Specification.new do |s|
     s.add_dependency(%q<contest>, [">= 0"])
     s.add_dependency(%q<timecop>, [">= 0.3.5"])
     s.add_dependency(%q<sinatra>, [">= 0.9"])
-    s.add_dependency(%q<rest-client>, [">= 1.4.0", "< 1.7.0"])
+    s.add_dependency(%q<json>, [">= 0"])
+    s.add_dependency(%q<contest>, [">= 0"])
+    s.add_dependency(%q<haml>, [">= 0"])
+    s.add_dependency(%q<jeweler>, [">= 0"])
+    s.add_dependency(%q<rr>, [">= 0"])
+    s.add_dependency(%q<rest-client>, ["< 1.7.0", ">= 1.4.0"])
     s.add_dependency(%q<yajl-ruby>, ["~> 0.6"])
     s.add_dependency(%q<term-ansicolor>, ["~> 1.0"])
     s.add_dependency(%q<launchy>, [">= 0.3.2"])

data/lib/heroku/kensa/check.rb

@@ -8,7 +8,6 @@ module Heroku
   module Kensa
 
     class NilScreen
-
       def test(msg)
       end
 
@@ -25,6 +24,11 @@ module Heroku
       end
     end
 
+    class STDOUTScreen
+      [:test, :check, :error, :result, :message].each do |method|
+        eval %{ def #{method}(*args)\n STDOUT.puts *args\n end }
+      end
+    end
 
     class Check
       attr_accessor :screen, :data
@@ -376,8 +380,12 @@ module Heroku
         @agent ||= Mechanize.new
       end
 
-      def mechanize_get url
-        page = agent.get(url)
+      def mechanize_get
+        if @sso.POST?
+          page = agent.post(@sso.post_url, @sso.query_params)
+        else
+          page = agent.get(@sso.get_url)
+        end
         return page, 200
       rescue Mechanize::ResponseCodeError => error
         return nil, error.response_code.to_i
@@ -385,37 +393,43 @@ module Heroku
         error("connection refused to #{url}")
       end
 
+      def check(msg)
+        @sso = Sso.new(data)
+        super
+      end
+
       def call!
         error("need an sso salt to perform sso test") unless data['api']['sso_salt']
 
-        sso = Sso.new(data)
-        t   = Time.now.to_i
+        sso  = Sso.new(data)
+        verb = sso.POST? ? 'POST' : 'GET'
+        test "#{verb} #{sso.path}"
 
-        test "GET #{sso.path}"
         check "validates token" do
-          page, respcode = mechanize_get sso.url + sso.path + "?token=invalid&timestamp=#{t}"
-          error("expected 403, got 200") unless respcode == 403
+          @sso.token = 'invalid'
+          page, respcode = mechanize_get 
+          error("expected 403, got #{respcode}") unless respcode == 403
           true
         end
 
         check "validates timestamp" do
-          prev = (Time.now - 60*6).to_i
-          page, respcode = mechanize_get sso.url + sso.path + "?token=#{sso.make_token(prev)}&timestamp=#{prev}"
-          error("expected 403, got 200") unless respcode == 403
+          @sso.timestamp = (Time.now - 60*6).to_i
+          page, respcode = mechanize_get
+          error("expected 403, got #{respcode}") unless respcode == 403
           true
         end
 
         page_logged_in = nil
         check "logs in" do
-          page_logged_in, respcode = mechanize_get sso.url + sso.path + sso.querystring
+          page_logged_in, respcode = mechanize_get 
           error("expected 200, got #{respcode}") unless respcode == 200
           true
         end
 
         check "creates the heroku-nav-data cookie" do
-          cookie = agent.cookie_jar.cookies(URI.parse(sso.full_url)).detect { |c| c.name == 'heroku-nav-data' }
+          cookie = agent.cookie_jar.cookies(URI.parse(@sso.full_url)).detect { |c| c.name == 'heroku-nav-data' }
           error("could not find cookie heroku-nav-data") unless cookie
-          error("expected #{sso.sample_nav_data}, got #{cookie.value}") unless cookie.value == sso.sample_nav_data
+          error("expected #{@sso.sample_nav_data}, got #{cookie.value}") unless cookie.value == @sso.sample_nav_data
           true
         end
 

data/lib/heroku/kensa/client.rb

@@ -58,9 +58,9 @@ module Heroku
       def sso
         id = @args.shift || abort("! no id specified; see usage")
         data = Yajl::Parser.parse(resolve_manifest).merge(:id => id)
-        sso = Sso.new(data.merge(@options))
-        puts "Opening #{sso.full_url}"
-        Launchy.open sso.full_url
+        sso = Sso.new(data.merge(@options)).start
+        puts sso.message
+        Launchy.open sso.sso_url
       end
 
       def push

data/lib/heroku/kensa/post_proxy.rb

@@ -0,0 +1,33 @@
+require 'webrick'
+
+class Heroku::Kensa::PostProxy < WEBrick::HTTPServer
+  def initialize(sso)
+    @params = sso.query_params
+    @sso = sso
+    super :Port => sso.proxy_port, :AccessLog => WEBrick::Log.new(StringIO.new),
+            :Logger => WEBrick::Log.new(StringIO.new)
+  end
+
+  def service(req, res)
+    res.status = 200
+    res.body = <<-HTML
+      <html>
+        <head>
+          <script type="text/javascript">
+            window.onload = function() { document.forms[0].submit() }
+          </script>
+        </head>
+        <body>
+          <form action="#{@sso.post_url}" method="POST">
+            #{ @params.map do |key, value|
+                %|<input type="hidden" name="#{key}" value="#{value}" />|
+               end.join("\n")  
+             }
+          </form>
+        </body>
+      </html>
+    HTML
+    res["Content-Lengh"] = res.body.size
+    @status = :Shutdown
+  end
+end

data/lib/heroku/kensa/sso.rb

@@ -3,7 +3,7 @@ require 'restclient'
 module Heroku
   module Kensa
     class Sso
-      attr_accessor :id, :url
+      attr_accessor :id, :url, :proxy_port, :timestamp, :token
 
       def initialize(data)
         @id   = data[:id]
@@ -11,15 +11,42 @@ module Heroku
 
         env   = data.fetch :env, 'test'
         @url  = data["api"][env].chomp('/')
+        @use_post   = data['api']['sso'].to_s.match(/post/i)
+        @proxy_port = find_available_port
+        @timestamp  = Time.now.to_i
+        @token      = make_token(@timestamp)
       end
 
       def path
-        "/heroku/resources/#{id}"
+        extra = self.POST? ? '/sso' : ''
+        "/heroku/resources/#{id}#{extra}"
+      end
+
+      def POST?
+        @use_post
+      end
+
+      def sso_url
+        if self.POST?
+          "http://localhost:#{@proxy_port}/"
+        else
+          full_url
+        end
       end
 
       def full_url
         [ url, path, querystring ].join
       end
+      alias get_url full_url
+
+      def post_url
+        [ url, path ].join
+      end
+
+      def timestamp=(other)
+        @timestamp = other
+        @token = make_token(@timestamp)
+      end 
 
       def make_token(t)
         Digest::SHA1.hexdigest([@id, @salt, t].join(':'))
@@ -27,9 +54,18 @@ module Heroku
 
       def querystring
         return '' unless @salt
+        '?' + query_data 
+      end
+
+      def query_data
+        query_params.map{|p| p.join('=')}.join('&')
+      end
 
-        t = Time.now.to_i
-        "?token=#{make_token(t)}&timestamp=#{t}&nav-data=#{sample_nav_data}"
+      def query_params
+        { 'token' => @token,  
+          'timestamp' => @timestamp.to_s,
+          'nav-data' => sample_nav_data,
+          'user'     => 'username@example.com' }
       end
 
       def sample_nav_data
@@ -50,6 +86,37 @@ module Heroku
         base64.tr('+/','-_')
       end
 
+      def message
+        if self.POST?
+          "POSTing #{query_data} to #{post_url} via proxy on port #{@proxy_port}"
+        else
+          "Opening #{full_url}"
+        end
+      end
+
+      def start
+        run_proxy
+        self
+      end
+
+      def find_available_port
+        server = TCPServer.new('127.0.0.1', 0)
+        server.addr[1]
+      ensure
+        server.close if server
+      end
+
+      def run_proxy
+        return unless self.POST?
+        server = PostProxy.new self
+        @proxy = server
+
+        trap("INT") { server.stop }
+        pid = fork do
+          server.start 
+        end
+        at_exit { server.stop; Process.waitpid pid }
+      end
     end
   end
 end

data/lib/heroku/kensa.rb

@@ -2,9 +2,10 @@ require 'heroku/kensa/http'
 require 'heroku/kensa/manifest'
 require 'heroku/kensa/check'
 require 'heroku/kensa/sso'
+require 'heroku/kensa/post_proxy'
 
 module Heroku
   module Kensa
-    VERSION = "1.1.3"
+    VERSION = "1.1.4"
   end
-end
+end

data/test/deprovision_check_test.rb

@@ -15,21 +15,21 @@ class DeprovisionCheckTest < Test::Unit::TestCase
 
   test "valid on 200" do
     assert_valid do |check|
-      stub :delete, check, @responses
+      kensa_stub :delete, check, @responses
     end
   end
 
   test "status other than 200" do
     @responses[0] = [500, ""]
     assert_invalid do |check|
-      stub :delete, check, @responses
+      kensa_stub :delete, check, @responses
     end
   end
 
   test "runs auth check" do
     @responses[1] = [200, ""]
     assert_invalid do |check|
-      stub :delete, check, @responses
+      kensa_stub :delete, check, @responses
     end
   end
 

data/test/helper.rb

@@ -1,16 +1,22 @@
 require 'heroku/kensa'
 require 'contest'
 require 'timecop'
+require 'rr'
 
 class Test::Unit::TestCase
+  include RR::Adapters::TestUnit
 
+  # in your test, do 
+  # @screen = STDOUTScreen.new
   def assert_valid(data=@data, &blk)
     check = create_check(data, &blk)
+    check.screen = @screen if @screen
     assert check.call
   end
 
   def assert_invalid(data=@data, &blk)
     check = create_check(data, &blk)
+    check.screen = @screen if @screen
     assert !check.call
   end
 
@@ -37,13 +43,12 @@ class Test::Unit::TestCase
     o
   end
 
-  def stub(meth, o, returns)
+  def kensa_stub(meth, o, returns)
     o.instance_eval { @returns = Array(returns) }
     eval <<-EVAL
     def o.#{meth}(*args)
-      @returns.shift || fail("Nothing else to return from stub'ed method")
+      @returns.shift or fail("Nothing else to return from stub'ed method")
     end
     EVAL
   end
-
 end

data/test/resources/server.rb

@@ -85,8 +85,7 @@ delete '/working/heroku/resources/:id' do
   "Ok"
 end
 
-
-get '/working/heroku/resources/:id' do
+def sso
   unauthorized! unless params[:id] && params[:token]
   unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
   unauthorized! unless params[:token] == make_token
@@ -94,21 +93,45 @@ get '/working/heroku/resources/:id' do
   login
 end
 
-get '/notoken/heroku/resources/:id' do
+get '/working/heroku/resources/:id' do
+  sso
+end
+
+post '/working/heroku/resources/:id/sso' do
+  sso
+end
+
+def notoken
   unauthorized! unless params[:id] && params[:token]
   unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
   response.set_cookie('heroku-nav-data', params['nav-data'])
   login
 end
 
-get '/notimestamp/heroku/resources/:id' do
+get '/notoken/heroku/resources/:id' do
+  notoken
+end
+
+post '/notoken/heroku/resources/:id/sso' do
+  notoken
+end
+
+def notimestamp
   unauthorized! unless params[:id] && params[:token]
   unauthorized! unless params[:token] == make_token
   response.set_cookie('heroku-nav-data', params['nav-data'])
   login
 end
 
-get '/nolayout/heroku/resources/:id' do
+get '/notimestamp/heroku/resources/:id' do
+  notimestamp
+end
+
+post '/notimestamp/heroku/resources/:id/sso' do
+  notimestamp
+end
+
+def nolayout
   unauthorized! unless params[:id] && params[:token]
   unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
   unauthorized! unless params[:token] == make_token
@@ -116,14 +139,30 @@ get '/nolayout/heroku/resources/:id' do
   login(false)
 end
 
-get '/nocookie/heroku/resources/:id' do
+get '/nolayout/heroku/resources/:id' do
+  nolayout
+end
+
+post '/nolayout/heroku/resources/:id/sso' do
+  nolayout
+end
+
+def nocookie
   unauthorized! unless params[:id] && params[:token]
   unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
   unauthorized! unless params[:token] == make_token
   login
 end
 
-get '/badcookie/heroku/resources/:id' do
+get '/nocookie/heroku/resources/:id' do
+  nocookie
+end
+
+post '/nocookie/heroku/resources/:id/sso' do
+  nocookie
+end
+
+def badcookie
   unauthorized! unless params[:id] && params[:token]
   unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
   unauthorized! unless params[:token] == make_token
@@ -131,6 +170,27 @@ get '/badcookie/heroku/resources/:id' do
   login
 end
 
+get '/badcookie/heroku/resources/:id' do
+  badcookie
+end
+
+post '/badcookie/heroku/resources/:id/sso' do
+  badcookie
+end
+
+def sso_user
+  head 404 unless params[:user] == 'username@example.com'
+  sso
+end
+
+get '/user/heroku/resources/:id' do
+  sso_user
+end
+
+post '/user/heroku/resources/:id/sso' do
+  sso_user
+end
+
 get '/' do
   unauthorized! unless session[:logged_in]
   haml :index
@@ -144,4 +204,4 @@ __END__
     - if session[:heroku]
       #heroku-header
         %h1 Heroku
-    %h1 Sample Addon
+    %h1 Sample Addon

data/test/sso_check_test.rb

@@ -10,40 +10,50 @@ class SsoCheckTest < Test::Unit::TestCase
 
   def check ; SsoCheck ; end
 
-  test "working sso request" do
-    @data['api']['test'] += "working"
-    assert_valid
+  ['POST', 'GET'].each do |method|
+    context "via #{method}" do
+      setup { @data['api']['sso'] = method }
+
+      test "working sso request" do
+        @data['api']['test'] += "working"
+        assert_valid
+      end
+
+      test "rejects bad token" do
+        @data['api']['test'] += "notoken"
+        assert_invalid
+      end
+
+      test "rejects old timestamp" do
+        @data['api']['test'] += "notimestamp"
+        assert_invalid
+      end
+
+      test "reject omitted sso salt" do
+        @data['api'].delete 'sso_salt'
+        @data['api']['test'] += "working"
+        assert_invalid
+      end
+
+      test "reject missing heroku layout" do
+        @data['api']['test'] += "nolayout"
+        assert_invalid
+      end
+
+      test "reject missing cookie" do
+        @data['api']['test'] += "nocookie"
+        assert_invalid
+      end
+
+      test "reject invalid cookie value" do
+        @data['api']['test'] += "badcookie"
+        assert_invalid
+      end
+
+      test "sends user param" do
+        @data['api']['test'] += "user"
+        assert_valid
+      end
+    end
   end
-
-  test "rejects bad token" do
-    @data['api']['test'] += "notoken"
-    assert_invalid
-  end
-
-  test "rejects old timestamp" do
-    @data['api']['test'] += "notimestamp"
-    assert_invalid
-  end
-
-  test "reject omitted sso salt" do
-    @data['api'].delete 'sso_salt'
-    @data['api']['test'] += "working"
-    assert_invalid
-  end
-
-  test "reject missing heroku layout" do
-    @data['api']['test'] += "nolayout"
-    assert_invalid
-  end
-
-  test "reject missing cookie" do
-    @data['api']['test'] += "nocookie"
-    assert_invalid
-  end
-
-  test "reject invalid cookie value" do
-    @data['api']['test'] += "badcookie"
-    assert_invalid
-  end
-
 end

data/test/sso_test.rb

@@ -1,4 +1,5 @@
 require 'test/helper'
+require 'cgi'
 
 class SsoTest < Test::Unit::TestCase
   include Heroku::Kensa
@@ -11,18 +12,87 @@ class SsoTest < Test::Unit::TestCase
 
   teardown { Timecop.return }
 
+  def builds_full_url(env)
+    url, query = @sso.full_url.split('?')
+    data = CGI.parse(query)
+
+
+    assert_equal "#{@data['api'][env]}heroku/resources/1", url 
+    assert_equal 'b6010f6fbb850887a396c2bc0ab23974003008f6', data['token'].first
+    assert_equal '1262304000', data['timestamp'].first
+    assert_equal 'username@example.com', data['user'].first
+  end
+
   context 'sso' do
-    setup { @sso = Sso.new @data }
+    setup do
+      Timecop.freeze Time.utc(2010, 1)
+      @sso = Sso.new @data 
+    end
 
     test 'builds path' do
       assert_equal '/heroku/resources/1', @sso.path
     end
 
     test 'builds full url' do
-      Timecop.freeze Time.utc(2010, 1)
-      expected = 'http://localhost:4567/heroku/resources/1?token=b6010f6fbb850887a396c2bc0ab23974003008f6&timestamp=1262304000'
+      builds_full_url('test')
+    end
 
-      assert @sso.full_url.include?(expected)
+    context 'with no "sso" field specified' do
+      test "defaults to GET" do
+        assert_equal @sso.full_url, @sso.sso_url
+      end
+    end
+
+    context 'when sso method is GET' do
+      setup do
+        @data['api']['sso'] = 'GET'
+        @sso = Sso.new(@data).start
+      end
+
+      test "#sso_url should be the #full_url" do
+        assert_equal @sso.full_url, @sso.sso_url
+      end
+
+      test "#message is Opening <full_url>" do
+        assert_equal "Opening #{@sso.full_url}", @sso.message
+      end
+    end
+
+    context 'when sso method is POST' do
+      setup do
+        Timecop.freeze Time.utc(2010, 1)
+        @data['api']['sso'] = 'post'
+      end
+
+      test "it starts the proxy server" do
+        @sso = Sso.new(@data).start
+        body = RestClient.get(@sso.sso_url)
+
+        assert body.include? @sso.path
+        assert body.include? 'b6010f6fbb850887a396c2bc0ab23974003008f6'
+        assert body.include? '1262304000'
+        assert body.include? @sso.url
+        assert body.include? @sso.sample_nav_data
+      end
+
+      context "with the proxy working" do
+        setup do 
+          any_instance_of(Sso, :run_proxy => false)
+          @sso = Sso.new(@data).start
+        end
+
+        test "#sso_url should point to the proxy" do
+          assert_equal "http://localhost:#{@sso.proxy_port}/", @sso.sso_url
+        end
+
+        test "#post_url contains url and path" do
+          assert_equal "http://localhost:4567/heroku/resources/1/sso", @sso.post_url
+        end
+
+        test "#message is Posting <data> to <post_url> via proxy on port <proxy_port>" do
+          assert_equal "POSTing #{@sso.query_data} to http://localhost:4567/heroku/resources/1/sso via proxy on port #{@sso.proxy_port}", @sso.message
+        end
+      end
     end
   end
 
@@ -41,6 +111,7 @@ class SsoTest < Test::Unit::TestCase
 
   context 'sso in a specific environment' do
     setup do
+      Timecop.freeze Time.utc(2010, 1)
       env = 'production'
       @data[:env] = env
       @data['api'][env] = 'http://localhost:7654/'
@@ -49,10 +120,7 @@ class SsoTest < Test::Unit::TestCase
     end
 
     test 'builds full url' do
-      Timecop.freeze Time.utc(2010, 1)
-      expected = 'http://localhost:7654/heroku/resources/1?token=b6010f6fbb850887a396c2bc0ab23974003008f6&timestamp=1262304000'
-
-      assert @sso.full_url.include?(expected)
+      builds_full_url('production')
     end
   end
 end

metadata

@@ -5,18 +5,19 @@ version: !ruby/object:Gem::Version
   segments: 
   - 1
   - 1
-  - 3
-  version: 1.1.3
+  - 4
+  version: 1.1.4
 platform: ruby
 authors: 
 - Blake Mizerany
 - Pedro Belo
 - Adam Wiggins
+- Chris Continanza
 autorequire: 
 bindir: bin
 cert_chain: []
 
-date: 2011-02-21 00:00:00 -08:00
+date: 2011-08-22 00:00:00 -07:00
 default_executable: kensa
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -71,17 +72,70 @@ dependencies:
   type: :development
   version_requirements: *id004
 - !ruby/object:Gem::Dependency 
-  name: rest-client
+  name: json
   prerelease: false
   requirement: &id005 !ruby/object:Gem::Requirement 
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
         segments: 
-        - 1
-        - 4
         - 0
-        version: 1.4.0
+        version: "0"
+  type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: contest
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: haml
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: jeweler
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency 
+  name: rr
+  prerelease: false
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id009
+- !ruby/object:Gem::Dependency 
+  name: rest-client
+  prerelease: false
+  requirement: &id010 !ruby/object:Gem::Requirement 
+    requirements: 
     - - <
       - !ruby/object:Gem::Version 
         segments: 
@@ -89,12 +143,19 @@ dependencies:
         - 7
         - 0
         version: 1.7.0
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 4
+        - 0
+        version: 1.4.0
   type: :runtime
-  version_requirements: *id005
+  version_requirements: *id010
 - !ruby/object:Gem::Dependency 
   name: yajl-ruby
   prerelease: false
-  requirement: &id006 !ruby/object:Gem::Requirement 
+  requirement: &id011 !ruby/object:Gem::Requirement 
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
@@ -103,11 +164,11 @@ dependencies:
         - 6
         version: "0.6"
   type: :runtime
-  version_requirements: *id006
+  version_requirements: *id011
 - !ruby/object:Gem::Dependency 
   name: term-ansicolor
   prerelease: false
-  requirement: &id007 !ruby/object:Gem::Requirement 
+  requirement: &id012 !ruby/object:Gem::Requirement 
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
@@ -116,11 +177,11 @@ dependencies:
         - 0
         version: "1.0"
   type: :runtime
-  version_requirements: *id007
+  version_requirements: *id012
 - !ruby/object:Gem::Dependency 
   name: launchy
   prerelease: false
-  requirement: &id008 !ruby/object:Gem::Requirement 
+  requirement: &id013 !ruby/object:Gem::Requirement 
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
@@ -130,11 +191,11 @@ dependencies:
         - 2
         version: 0.3.2
   type: :runtime
-  version_requirements: *id008
+  version_requirements: *id013
 - !ruby/object:Gem::Dependency 
   name: mechanize
   prerelease: false
-  requirement: &id009 !ruby/object:Gem::Requirement 
+  requirement: &id014 !ruby/object:Gem::Requirement 
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
@@ -144,7 +205,7 @@ dependencies:
         - 0
         version: 1.0.0
   type: :runtime
-  version_requirements: *id009
+  version_requirements: *id014
 description: Kensa is a command-line tool to help add-on providers integrating their services with Heroku. It manages manifest files, and provides a TDD-like approach for programmers to test and develop their APIs.
 email: pedro@heroku.com
 executables: 
@@ -154,6 +215,8 @@ extensions: []
 extra_rdoc_files: 
 - README.md
 files: 
+- Gemfile
+- Gemfile.lock
 - README.md
 - Rakefile
 - bin/kensa
@@ -163,6 +226,7 @@ files:
 - lib/heroku/kensa/client.rb
 - lib/heroku/kensa/http.rb
 - lib/heroku/kensa/manifest.rb
+- lib/heroku/kensa/post_proxy.rb
 - lib/heroku/kensa/sso.rb
 - set-env.sh
 - test/all_check_test.rb
@@ -207,16 +271,5 @@ rubygems_version: 1.3.6
 signing_key: 
 specification_version: 3
 summary: Tool to help Heroku add-on providers integrating their services
-test_files: 
-- test/all_check_test.rb
-- test/deprovision_check_test.rb
-- test/helper.rb
-- test/manifest_check_test.rb
-- test/manifest_test.rb
-- test/plan_change_check_test.rb
-- test/provision_check_test.rb
-- test/provision_response_check_test.rb
-- test/resources/runner.rb
-- test/resources/server.rb
-- test/sso_check_test.rb
-- test/sso_test.rb
+test_files: []
+