pelle-ruby-openid 2.1.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (197) hide show
  1. data/CHANGELOG +215 -0
  2. data/CHANGES-2.1.0 +36 -0
  3. data/INSTALL +47 -0
  4. data/LICENSE +210 -0
  5. data/NOTICE +2 -0
  6. data/README +82 -0
  7. data/UPGRADE +127 -0
  8. data/VERSION +1 -0
  9. data/examples/README +32 -0
  10. data/examples/active_record_openid_store/README +58 -0
  11. data/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb +24 -0
  12. data/examples/active_record_openid_store/XXX_upgrade_open_id_store.rb +26 -0
  13. data/examples/active_record_openid_store/init.rb +8 -0
  14. data/examples/active_record_openid_store/lib/association.rb +10 -0
  15. data/examples/active_record_openid_store/lib/nonce.rb +3 -0
  16. data/examples/active_record_openid_store/lib/open_id_setting.rb +4 -0
  17. data/examples/active_record_openid_store/lib/openid_ar_store.rb +57 -0
  18. data/examples/active_record_openid_store/test/store_test.rb +212 -0
  19. data/examples/discover +49 -0
  20. data/examples/rails_openid/README +153 -0
  21. data/examples/rails_openid/Rakefile +10 -0
  22. data/examples/rails_openid/app/controllers/application.rb +4 -0
  23. data/examples/rails_openid/app/controllers/consumer_controller.rb +122 -0
  24. data/examples/rails_openid/app/controllers/login_controller.rb +45 -0
  25. data/examples/rails_openid/app/controllers/server_controller.rb +265 -0
  26. data/examples/rails_openid/app/helpers/application_helper.rb +3 -0
  27. data/examples/rails_openid/app/helpers/login_helper.rb +2 -0
  28. data/examples/rails_openid/app/helpers/server_helper.rb +9 -0
  29. data/examples/rails_openid/app/views/consumer/index.rhtml +81 -0
  30. data/examples/rails_openid/app/views/layouts/server.rhtml +68 -0
  31. data/examples/rails_openid/app/views/login/index.rhtml +56 -0
  32. data/examples/rails_openid/app/views/server/decide.rhtml +26 -0
  33. data/examples/rails_openid/config/boot.rb +19 -0
  34. data/examples/rails_openid/config/database.yml +74 -0
  35. data/examples/rails_openid/config/environment.rb +54 -0
  36. data/examples/rails_openid/config/environments/development.rb +19 -0
  37. data/examples/rails_openid/config/environments/production.rb +19 -0
  38. data/examples/rails_openid/config/environments/test.rb +19 -0
  39. data/examples/rails_openid/config/routes.rb +24 -0
  40. data/examples/rails_openid/doc/README_FOR_APP +2 -0
  41. data/examples/rails_openid/public/.htaccess +40 -0
  42. data/examples/rails_openid/public/404.html +8 -0
  43. data/examples/rails_openid/public/500.html +8 -0
  44. data/examples/rails_openid/public/dispatch.cgi +12 -0
  45. data/examples/rails_openid/public/dispatch.fcgi +26 -0
  46. data/examples/rails_openid/public/dispatch.rb +12 -0
  47. data/examples/rails_openid/public/favicon.ico +0 -0
  48. data/examples/rails_openid/public/images/openid_login_bg.gif +0 -0
  49. data/examples/rails_openid/public/javascripts/controls.js +750 -0
  50. data/examples/rails_openid/public/javascripts/dragdrop.js +584 -0
  51. data/examples/rails_openid/public/javascripts/effects.js +854 -0
  52. data/examples/rails_openid/public/javascripts/prototype.js +1785 -0
  53. data/examples/rails_openid/public/robots.txt +1 -0
  54. data/examples/rails_openid/script/about +3 -0
  55. data/examples/rails_openid/script/breakpointer +3 -0
  56. data/examples/rails_openid/script/console +3 -0
  57. data/examples/rails_openid/script/destroy +3 -0
  58. data/examples/rails_openid/script/generate +3 -0
  59. data/examples/rails_openid/script/performance/benchmarker +3 -0
  60. data/examples/rails_openid/script/performance/profiler +3 -0
  61. data/examples/rails_openid/script/plugin +3 -0
  62. data/examples/rails_openid/script/process/reaper +3 -0
  63. data/examples/rails_openid/script/process/spawner +3 -0
  64. data/examples/rails_openid/script/process/spinner +3 -0
  65. data/examples/rails_openid/script/runner +3 -0
  66. data/examples/rails_openid/script/server +3 -0
  67. data/examples/rails_openid/test/functional/login_controller_test.rb +18 -0
  68. data/examples/rails_openid/test/functional/server_controller_test.rb +18 -0
  69. data/examples/rails_openid/test/test_helper.rb +28 -0
  70. data/lib/hmac/hmac.rb +112 -0
  71. data/lib/hmac/sha1.rb +11 -0
  72. data/lib/hmac/sha2.rb +25 -0
  73. data/lib/openid/association.rb +249 -0
  74. data/lib/openid/consumer/associationmanager.rb +344 -0
  75. data/lib/openid/consumer/checkid_request.rb +186 -0
  76. data/lib/openid/consumer/discovery.rb +498 -0
  77. data/lib/openid/consumer/discovery_manager.rb +123 -0
  78. data/lib/openid/consumer/html_parse.rb +134 -0
  79. data/lib/openid/consumer/idres.rb +523 -0
  80. data/lib/openid/consumer/responses.rb +148 -0
  81. data/lib/openid/consumer.rb +395 -0
  82. data/lib/openid/cryptutil.rb +97 -0
  83. data/lib/openid/dh.rb +89 -0
  84. data/lib/openid/extension.rb +39 -0
  85. data/lib/openid/extensions/ax.rb +516 -0
  86. data/lib/openid/extensions/oauth.rb +91 -0
  87. data/lib/openid/extensions/pape.rb +179 -0
  88. data/lib/openid/extensions/sreg.rb +277 -0
  89. data/lib/openid/extras.rb +11 -0
  90. data/lib/openid/fetchers.rb +238 -0
  91. data/lib/openid/kvform.rb +136 -0
  92. data/lib/openid/kvpost.rb +58 -0
  93. data/lib/openid/message.rb +553 -0
  94. data/lib/openid/protocolerror.rb +8 -0
  95. data/lib/openid/server.rb +1544 -0
  96. data/lib/openid/store/filesystem.rb +271 -0
  97. data/lib/openid/store/interface.rb +75 -0
  98. data/lib/openid/store/memcache.rb +107 -0
  99. data/lib/openid/store/memory.rb +84 -0
  100. data/lib/openid/store/nonce.rb +68 -0
  101. data/lib/openid/trustroot.rb +349 -0
  102. data/lib/openid/urinorm.rb +75 -0
  103. data/lib/openid/util.rb +110 -0
  104. data/lib/openid/yadis/accept.rb +148 -0
  105. data/lib/openid/yadis/constants.rb +21 -0
  106. data/lib/openid/yadis/discovery.rb +153 -0
  107. data/lib/openid/yadis/filters.rb +205 -0
  108. data/lib/openid/yadis/htmltokenizer.rb +305 -0
  109. data/lib/openid/yadis/parsehtml.rb +45 -0
  110. data/lib/openid/yadis/services.rb +42 -0
  111. data/lib/openid/yadis/xrds.rb +155 -0
  112. data/lib/openid/yadis/xri.rb +90 -0
  113. data/lib/openid/yadis/xrires.rb +106 -0
  114. data/lib/openid.rb +20 -0
  115. data/setup.rb +1551 -0
  116. data/test/data/accept.txt +124 -0
  117. data/test/data/dh.txt +29 -0
  118. data/test/data/example-xrds.xml +14 -0
  119. data/test/data/linkparse.txt +587 -0
  120. data/test/data/n2b64 +650 -0
  121. data/test/data/test1-discover.txt +137 -0
  122. data/test/data/test1-parsehtml.txt +152 -0
  123. data/test/data/test_discover/malformed_meta_tag.html +19 -0
  124. data/test/data/test_discover/openid.html +11 -0
  125. data/test/data/test_discover/openid2.html +11 -0
  126. data/test/data/test_discover/openid2_xrds.xml +12 -0
  127. data/test/data/test_discover/openid2_xrds_no_local_id.xml +11 -0
  128. data/test/data/test_discover/openid_1_and_2.html +11 -0
  129. data/test/data/test_discover/openid_1_and_2_xrds.xml +16 -0
  130. data/test/data/test_discover/openid_1_and_2_xrds_bad_delegate.xml +17 -0
  131. data/test/data/test_discover/openid_and_yadis.html +12 -0
  132. data/test/data/test_discover/openid_no_delegate.html +10 -0
  133. data/test/data/test_discover/yadis_0entries.xml +12 -0
  134. data/test/data/test_discover/yadis_2_bad_local_id.xml +15 -0
  135. data/test/data/test_discover/yadis_2entries_delegate.xml +22 -0
  136. data/test/data/test_discover/yadis_2entries_idp.xml +21 -0
  137. data/test/data/test_discover/yadis_another_delegate.xml +14 -0
  138. data/test/data/test_discover/yadis_idp.xml +12 -0
  139. data/test/data/test_discover/yadis_idp_delegate.xml +13 -0
  140. data/test/data/test_discover/yadis_no_delegate.xml +11 -0
  141. data/test/data/test_xrds/=j3h.2007.11.14.xrds +25 -0
  142. data/test/data/test_xrds/README +12 -0
  143. data/test/data/test_xrds/delegated-20060809-r1.xrds +34 -0
  144. data/test/data/test_xrds/delegated-20060809-r2.xrds +34 -0
  145. data/test/data/test_xrds/delegated-20060809.xrds +34 -0
  146. data/test/data/test_xrds/no-xrd.xml +7 -0
  147. data/test/data/test_xrds/not-xrds.xml +2 -0
  148. data/test/data/test_xrds/prefixsometimes.xrds +34 -0
  149. data/test/data/test_xrds/ref.xrds +109 -0
  150. data/test/data/test_xrds/sometimesprefix.xrds +34 -0
  151. data/test/data/test_xrds/spoof1.xrds +25 -0
  152. data/test/data/test_xrds/spoof2.xrds +25 -0
  153. data/test/data/test_xrds/spoof3.xrds +37 -0
  154. data/test/data/test_xrds/status222.xrds +9 -0
  155. data/test/data/test_xrds/subsegments.xrds +58 -0
  156. data/test/data/test_xrds/valid-populated-xrds.xml +39 -0
  157. data/test/data/trustroot.txt +153 -0
  158. data/test/data/urinorm.txt +79 -0
  159. data/test/discoverdata.rb +131 -0
  160. data/test/test_accept.rb +170 -0
  161. data/test/test_association.rb +266 -0
  162. data/test/test_associationmanager.rb +917 -0
  163. data/test/test_ax.rb +648 -0
  164. data/test/test_checkid_request.rb +294 -0
  165. data/test/test_consumer.rb +257 -0
  166. data/test/test_cryptutil.rb +119 -0
  167. data/test/test_dh.rb +86 -0
  168. data/test/test_discover.rb +838 -0
  169. data/test/test_discovery_manager.rb +262 -0
  170. data/test/test_extension.rb +46 -0
  171. data/test/test_extras.rb +35 -0
  172. data/test/test_fetchers.rb +538 -0
  173. data/test/test_filters.rb +270 -0
  174. data/test/test_idres.rb +963 -0
  175. data/test/test_kvform.rb +165 -0
  176. data/test/test_kvpost.rb +65 -0
  177. data/test/test_linkparse.rb +101 -0
  178. data/test/test_message.rb +1116 -0
  179. data/test/test_nonce.rb +89 -0
  180. data/test/test_oauth.rb +175 -0
  181. data/test/test_openid_yadis.rb +178 -0
  182. data/test/test_pape.rb +247 -0
  183. data/test/test_parsehtml.rb +80 -0
  184. data/test/test_responses.rb +63 -0
  185. data/test/test_server.rb +2457 -0
  186. data/test/test_sreg.rb +479 -0
  187. data/test/test_stores.rb +298 -0
  188. data/test/test_trustroot.rb +113 -0
  189. data/test/test_urinorm.rb +35 -0
  190. data/test/test_util.rb +145 -0
  191. data/test/test_xrds.rb +169 -0
  192. data/test/test_xri.rb +48 -0
  193. data/test/test_xrires.rb +63 -0
  194. data/test/test_yadis_discovery.rb +220 -0
  195. data/test/testutil.rb +127 -0
  196. data/test/util.rb +53 -0
  197. metadata +316 -0
@@ -0,0 +1,298 @@
1
+ require 'test/unit'
2
+ require 'openid/store/interface'
3
+ require 'openid/store/filesystem'
4
+ require 'openid/store/memcache'
5
+ require 'openid/store/memory'
6
+ require 'openid/util'
7
+ require 'openid/store/nonce'
8
+ require 'openid/association'
9
+
10
+ module OpenID
11
+ module Store
12
+ module StoreTestCase
13
+ @@allowed_handle = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~'
14
+ @@allowed_nonce = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
15
+
16
+ def _gen_nonce
17
+ OpenID::CryptUtil.random_string(8, @@allowed_nonce)
18
+ end
19
+
20
+ def _gen_handle(n)
21
+ OpenID::CryptUtil.random_string(n, @@allowed_handle)
22
+ end
23
+
24
+ def _gen_secret(n, chars=nil)
25
+ OpenID::CryptUtil.random_string(n, chars)
26
+ end
27
+
28
+ def _gen_assoc(issued, lifetime=600)
29
+ secret = _gen_secret(20)
30
+ handle = _gen_handle(128)
31
+ OpenID::Association.new(handle, secret, Time.now + issued, lifetime,
32
+ 'HMAC-SHA1')
33
+ end
34
+
35
+ def _check_retrieve(url, handle=nil, expected=nil)
36
+ ret_assoc = @store.get_association(url, handle)
37
+
38
+ if expected.nil?
39
+ assert_nil(ret_assoc)
40
+ else
41
+ assert_equal(expected, ret_assoc)
42
+ assert_equal(expected.handle, ret_assoc.handle)
43
+ assert_equal(expected.secret, ret_assoc.secret)
44
+ end
45
+ end
46
+
47
+ def _check_remove(url, handle, expected)
48
+ present = @store.remove_association(url, handle)
49
+ assert_equal(expected, present)
50
+ end
51
+
52
+ def test_store
53
+ assoc = _gen_assoc(issued=0)
54
+
55
+ # Make sure that a missing association returns no result
56
+ _check_retrieve(server_url)
57
+
58
+ # Check that after storage, getting returns the same result
59
+ @store.store_association(server_url, assoc)
60
+ _check_retrieve(server_url, nil, assoc)
61
+
62
+ # more than once
63
+ _check_retrieve(server_url, nil, assoc)
64
+
65
+ # Storing more than once has no ill effect
66
+ @store.store_association(server_url, assoc)
67
+ _check_retrieve(server_url, nil, assoc)
68
+
69
+ # Removing an association that does not exist returns not present
70
+ _check_remove(server_url, assoc.handle + 'x', false)
71
+
72
+ # Removing an association that does not exist returns not present
73
+ _check_remove(server_url + 'x', assoc.handle, false)
74
+
75
+ # Removing an association that is present returns present
76
+ _check_remove(server_url, assoc.handle, true)
77
+
78
+ # but not present on subsequent calls
79
+ _check_remove(server_url, assoc.handle, false)
80
+
81
+ # Put assoc back in the store
82
+ @store.store_association(server_url, assoc)
83
+
84
+ # More recent and expires after assoc
85
+ assoc2 = _gen_assoc(issued=1)
86
+ @store.store_association(server_url, assoc2)
87
+
88
+ # After storing an association with a different handle, but the
89
+ # same server_url, the handle with the later expiration is returned.
90
+ _check_retrieve(server_url, nil, assoc2)
91
+
92
+ # We can still retrieve the older association
93
+ _check_retrieve(server_url, assoc.handle, assoc)
94
+
95
+ # Plus we can retrieve the association with the later expiration
96
+ # explicitly
97
+ _check_retrieve(server_url, assoc2.handle, assoc2)
98
+
99
+ # More recent, and expires earlier than assoc2 or assoc. Make sure
100
+ # that we're picking the one with the latest issued date and not
101
+ # taking into account the expiration.
102
+ assoc3 = _gen_assoc(issued=2, lifetime=100)
103
+ @store.store_association(server_url, assoc3)
104
+
105
+ _check_retrieve(server_url, nil, assoc3)
106
+ _check_retrieve(server_url, assoc.handle, assoc)
107
+ _check_retrieve(server_url, assoc2.handle, assoc2)
108
+ _check_retrieve(server_url, assoc3.handle, assoc3)
109
+
110
+ _check_remove(server_url, assoc2.handle, true)
111
+
112
+ _check_retrieve(server_url, nil, assoc3)
113
+ _check_retrieve(server_url, assoc.handle, assoc)
114
+ _check_retrieve(server_url, assoc2.handle, nil)
115
+ _check_retrieve(server_url, assoc3.handle, assoc3)
116
+
117
+ _check_remove(server_url, assoc2.handle, false)
118
+ _check_remove(server_url, assoc3.handle, true)
119
+
120
+ ret_assoc = @store.get_association(server_url, nil)
121
+ unexpected = [assoc2.handle, assoc3.handle]
122
+ assert(ret_assoc.nil? || !unexpected.member?(ret_assoc.handle),
123
+ ret_assoc)
124
+
125
+ _check_retrieve(server_url, assoc.handle, assoc)
126
+ _check_retrieve(server_url, assoc2.handle, nil)
127
+ _check_retrieve(server_url, assoc3.handle, nil)
128
+
129
+ _check_remove(server_url, assoc2.handle, false)
130
+ _check_remove(server_url, assoc.handle, true)
131
+ _check_remove(server_url, assoc3.handle, false)
132
+
133
+ _check_retrieve(server_url, nil, nil)
134
+ _check_retrieve(server_url, assoc.handle, nil)
135
+ _check_retrieve(server_url, assoc2.handle, nil)
136
+ _check_retrieve(server_url, assoc3.handle, nil)
137
+
138
+ _check_remove(server_url, assoc2.handle, false)
139
+ _check_remove(server_url, assoc.handle, false)
140
+ _check_remove(server_url, assoc3.handle, false)
141
+ end
142
+
143
+ def test_assoc_cleanup
144
+ assocValid1 = _gen_assoc(-3600, 7200)
145
+ assocValid2 = _gen_assoc(-5)
146
+ assocExpired1 = _gen_assoc(-7200, 3600)
147
+ assocExpired2 = _gen_assoc(-7200, 3600)
148
+
149
+ @store.cleanup_associations
150
+ @store.store_association(server_url + '1', assocValid1)
151
+ @store.store_association(server_url + '1', assocExpired1)
152
+ @store.store_association(server_url + '2', assocExpired2)
153
+ @store.store_association(server_url + '3', assocValid2)
154
+
155
+ cleaned = @store.cleanup_associations()
156
+ assert_equal(2, cleaned, "cleaned up associations")
157
+ end
158
+
159
+ def _check_use_nonce(nonce, expected, server_url, msg='')
160
+ stamp, salt = Nonce::split_nonce(nonce)
161
+ actual = @store.use_nonce(server_url, stamp, salt)
162
+ assert_equal(expected, actual, msg)
163
+ end
164
+
165
+ def server_url
166
+ "http://www.myopenid.com/openid"
167
+ end
168
+
169
+ def test_nonce
170
+ [server_url, ''].each{|url|
171
+ nonce1 = Nonce::mk_nonce
172
+
173
+ _check_use_nonce(nonce1, true, url, "#{url}: nonce allowed by default")
174
+ _check_use_nonce(nonce1, false, url, "#{url}: nonce not allowed twice")
175
+ _check_use_nonce(nonce1, false, url, "#{url}: nonce not allowed third time")
176
+
177
+ # old nonces shouldn't pass
178
+ old_nonce = Nonce::mk_nonce(3600)
179
+ _check_use_nonce(old_nonce, false, url, "Old nonce #{old_nonce.inspect} passed")
180
+
181
+ }
182
+ end
183
+
184
+ def test_nonce_cleanup
185
+ now = Time.now.to_i
186
+ old_nonce1 = Nonce::mk_nonce(now - 20000)
187
+ old_nonce2 = Nonce::mk_nonce(now - 10000)
188
+ recent_nonce = Nonce::mk_nonce(now - 600)
189
+
190
+ orig_skew = Nonce.skew
191
+ Nonce.skew = 0
192
+ count = @store.cleanup_nonces
193
+ Nonce.skew = 1000000
194
+ ts, salt = Nonce::split_nonce(old_nonce1)
195
+ assert(@store.use_nonce(server_url, ts, salt), "oldnonce1")
196
+ ts, salt = Nonce::split_nonce(old_nonce2)
197
+ assert(@store.use_nonce(server_url, ts, salt), "oldnonce2")
198
+ ts, salt = Nonce::split_nonce(recent_nonce)
199
+ assert(@store.use_nonce(server_url, ts, salt), "recent_nonce")
200
+
201
+ Nonce.skew = 1000
202
+ cleaned = @store.cleanup_nonces
203
+ assert_equal(2, cleaned, "Cleaned #{cleaned} nonces")
204
+
205
+ Nonce.skew = 100000
206
+ ts, salt = Nonce::split_nonce(old_nonce1)
207
+ assert(@store.use_nonce(server_url, ts, salt), "oldnonce1 after cleanup")
208
+ ts, salt = Nonce::split_nonce(old_nonce2)
209
+ assert(@store.use_nonce(server_url, ts, salt), "oldnonce2 after cleanup")
210
+ ts, salt = Nonce::split_nonce(recent_nonce)
211
+ assert(!@store.use_nonce(server_url, ts, salt), "recent_nonce after cleanup")
212
+
213
+ Nonce.skew = orig_skew
214
+
215
+ end
216
+ end
217
+
218
+ class FileStoreTestCase < Test::Unit::TestCase
219
+ include StoreTestCase
220
+
221
+ def setup
222
+ raise "filestoretest directory exists" if File.exists?('filestoretest')
223
+ @store = Filesystem.new('filestoretest')
224
+ end
225
+
226
+ def teardown
227
+ Kernel.system('rm -r filestoretest')
228
+ end
229
+ end
230
+
231
+ class MemoryStoreTestCase < Test::Unit::TestCase
232
+ include StoreTestCase
233
+
234
+ def setup
235
+ @store = Memory.new
236
+ end
237
+ end
238
+
239
+ begin
240
+ ::TESTING_MEMCACHE
241
+ rescue NameError
242
+ else
243
+ class MemcacheStoreTestCase < Test::Unit::TestCase
244
+ include StoreTestCase
245
+ def setup
246
+ store_uniq = OpenID::CryptUtil.random_string(6, "0123456789")
247
+ store_namespace = "openid-store-#{store_uniq}:"
248
+ @store = Memcache.new(::TESTING_MEMCACHE, store_namespace)
249
+ end
250
+
251
+ def test_nonce_cleanup
252
+ end
253
+
254
+ def test_assoc_cleanup
255
+ end
256
+ end
257
+ end
258
+
259
+ class AbstractStoreTestCase < Test::Unit::TestCase
260
+ def test_abstract_class
261
+ # the abstract made concrete
262
+ abc = Interface.new()
263
+ server_url = "http://server.com/"
264
+ association = OpenID::Association.new("foo", "bar", Time.now, Time.now + 10, "dummy")
265
+
266
+ assert_raise(NotImplementedError) {
267
+ abc.store_association(server_url, association)
268
+ }
269
+
270
+ assert_raise(NotImplementedError) {
271
+ abc.get_association(server_url)
272
+ }
273
+
274
+ assert_raise(NotImplementedError) {
275
+ abc.remove_association(server_url, association.handle)
276
+ }
277
+
278
+ assert_raise(NotImplementedError) {
279
+ abc.use_nonce(server_url, Time.now.to_i, "foo")
280
+ }
281
+
282
+ assert_raise(NotImplementedError) {
283
+ abc.cleanup_nonces()
284
+ }
285
+
286
+ assert_raise(NotImplementedError) {
287
+ abc.cleanup_associations()
288
+ }
289
+
290
+ assert_raise(NotImplementedError) {
291
+ abc.cleanup()
292
+ }
293
+
294
+ end
295
+
296
+ end
297
+ end
298
+ end
@@ -0,0 +1,113 @@
1
+ require 'test/unit'
2
+ require 'openid/trustroot'
3
+
4
+ require "testutil"
5
+
6
+ class TrustRootTest < Test::Unit::TestCase
7
+ include OpenID::TestDataMixin
8
+
9
+ def _test_sanity(case_, sanity, desc)
10
+ tr = OpenID::TrustRoot::TrustRoot.parse(case_)
11
+ if sanity == 'sane'
12
+ assert(! tr.nil?)
13
+ assert(tr.sane?, [case_, desc])
14
+ assert(OpenID::TrustRoot::TrustRoot.check_sanity(case_), [case_, desc])
15
+ elsif sanity == 'insane'
16
+ assert(!tr.sane?, [case_, desc])
17
+ assert(!OpenID::TrustRoot::TrustRoot.check_sanity(case_), [case_, desc])
18
+ else
19
+ assert(tr.nil?, case_)
20
+ end
21
+ end
22
+
23
+ def _test_match(trust_root, url, expected_match)
24
+ tr = OpenID::TrustRoot::TrustRoot.parse(trust_root)
25
+ actual_match = tr.validate_url(url)
26
+ if expected_match
27
+ assert(actual_match, [trust_root, url])
28
+ assert(OpenID::TrustRoot::TrustRoot.check_url(trust_root, url))
29
+ else
30
+ assert(!actual_match, [expected_match, actual_match, trust_root, url])
31
+ assert(!OpenID::TrustRoot::TrustRoot.check_url(trust_root, url))
32
+ end
33
+ end
34
+
35
+ def test_trustroots
36
+ data = read_data_file('trustroot.txt', false)
37
+
38
+ parts = data.split('=' * 40 + "\n").collect { |i| i.strip() }
39
+ assert(parts[0] == '')
40
+ _, ph, pdat, mh, mdat = parts
41
+
42
+ getTests(['bad', 'insane', 'sane'], ph, pdat).each { |tc|
43
+ sanity, desc, case_ = tc
44
+ _test_sanity(case_, sanity, desc)
45
+ }
46
+
47
+ getTests([true, false], mh, mdat).each { |tc|
48
+ match, desc, case_ = tc
49
+ trust_root, url = case_.split()
50
+ _test_match(trust_root, url, match)
51
+ }
52
+ end
53
+
54
+ def getTests(grps, head, dat)
55
+ tests = []
56
+ top = head.strip()
57
+ gdat = dat.split('-' * 40 + "\n").collect { |i| i.strip() }
58
+ assert(gdat[0] == '')
59
+ assert(gdat.length == (grps.length * 2 + 1), [gdat, grps])
60
+ i = 1
61
+ grps.each { |x|
62
+ n, desc = gdat[i].split(': ')
63
+ cases = gdat[i + 1].split("\n")
64
+ assert(cases.length == n.to_i, "Number of cases differs from header count")
65
+ cases.each { |case_|
66
+ tests += [[x, top + ' - ' + desc, case_]]
67
+ }
68
+ i += 2
69
+ }
70
+
71
+ return tests
72
+ end
73
+
74
+ def test_return_to_matches
75
+ data = [
76
+ [[], nil, false],
77
+ [[], "", false],
78
+ [[], "http://bogus/return_to", false],
79
+ [["http://bogus/"], nil, false],
80
+ [["://broken/"], nil, false],
81
+ [["://broken/"], "http://broken/", false],
82
+ [["http://*.broken/"], "http://foo.broken/", false],
83
+ [["http://x.broken/"], "http://foo.broken/", false],
84
+ [["http://first/", "http://second/path/"], "http://second/?query=x", false],
85
+
86
+ [["http://broken/"], "http://broken/", true],
87
+ [["http://first/", "http://second/"], "http://second/?query=x", true],
88
+ ]
89
+
90
+ data.each { |case_|
91
+ allowed_return_urls, return_to, expected_result = case_
92
+ actual_result = OpenID::TrustRoot::return_to_matches(allowed_return_urls,
93
+ return_to)
94
+ assert(expected_result == actual_result)
95
+ }
96
+ end
97
+
98
+ def test_build_discovery_url
99
+ data = [
100
+ ["http://foo.com/path", "http://foo.com/path"],
101
+ ["http://foo.com/path?foo=bar", "http://foo.com/path?foo=bar"],
102
+ ["http://*.bogus.com/path", "http://www.bogus.com/path"],
103
+ ["http://*.bogus.com:122/path", "http://www.bogus.com:122/path"],
104
+ ]
105
+
106
+ data.each { |case_|
107
+ trust_root, expected_disco_url = case_
108
+ tr = OpenID::TrustRoot::TrustRoot.parse(trust_root)
109
+ actual_disco_url = tr.build_discovery_url()
110
+ assert(actual_disco_url == expected_disco_url, case_ + [actual_disco_url])
111
+ }
112
+ end
113
+ end
@@ -0,0 +1,35 @@
1
+ require 'test/unit'
2
+
3
+ require "openid/urinorm"
4
+ require "testutil"
5
+
6
+ class URINormTestCase < Test::Unit::TestCase
7
+ include OpenID::TestDataMixin
8
+
9
+ def test_normalize
10
+ lines = read_data_file('urinorm.txt')
11
+
12
+ while lines.length > 0
13
+
14
+ case_name = lines.shift.strip
15
+ actual = lines.shift.strip
16
+ expected = lines.shift.strip
17
+ _newline = lines.shift
18
+
19
+ if expected == 'fail'
20
+ begin
21
+ OpenID::URINorm.urinorm(actual)
22
+ rescue URI::InvalidURIError
23
+ assert true
24
+ else
25
+ raise 'Should have gotten URI error'
26
+ end
27
+ else
28
+ normalized = OpenID::URINorm.urinorm(actual)
29
+ assert_equal(expected, normalized, case_name)
30
+ end
31
+ end
32
+ end
33
+
34
+ end
35
+
data/test/test_util.rb ADDED
@@ -0,0 +1,145 @@
1
+ # coding: ASCII-8BIT
2
+ require 'test/unit'
3
+
4
+ require "openid/util"
5
+
6
+ module OpenID
7
+ class UtilTestCase < Test::Unit::TestCase
8
+
9
+ def test_base64
10
+ cases = [
11
+ "",
12
+ "\000",
13
+ "\001",
14
+ "\000" * 100,
15
+ (0...256).collect{ |i| i.chr }.join('')
16
+ ]
17
+
18
+ cases.each do |c|
19
+ encoded = Util.to_base64(c)
20
+ decoded = Util.from_base64(encoded)
21
+ assert(c == decoded)
22
+ end
23
+
24
+ end
25
+
26
+ def test_base64_valid
27
+ [["foos", "~\212,"],
28
+ ["++++", "\373\357\276"],
29
+ ["/+==", "\377"],
30
+ ["", ""],
31
+ ["FOOSBALL", "\024\343\222\004\002\313"],
32
+ ["FoosBL==", "\026\212,\004"],
33
+ ["Foos\nBall", "\026\212,\005\251e"],
34
+ ["Foo\r\ns\nBall", "\026\212,\005\251e"]
35
+ ].each do | input, expected |
36
+ assert_equal(expected, Util.from_base64(input))
37
+ end
38
+ end
39
+
40
+ def test_base64_invalid
41
+ ['!',
42
+ 'Foos!',
43
+ 'Balls',
44
+ 'B===',
45
+ 'Foos Ball',
46
+ '=foo',
47
+ ].each do |invalid_input|
48
+ assert_raises(ArgumentError) do
49
+ Util.from_base64(invalid_input)
50
+ end
51
+ end
52
+ end
53
+
54
+ def test_append_args()
55
+ simple = 'http://www.example.com/'
56
+
57
+ cases = [
58
+ ['empty list',
59
+ [simple, []],
60
+ simple],
61
+
62
+ ['empty dict',
63
+ [simple, {}],
64
+ simple],
65
+
66
+ ['one list',
67
+ [simple, [['a', 'b']]],
68
+ simple + '?a=b'],
69
+
70
+ ['one dict',
71
+ [simple, {'a' => 'b'}],
72
+ simple + '?a=b'],
73
+
74
+ ['two list (same)',
75
+ [simple, [['a', 'b'], ['a', 'c']]],
76
+ simple + '?a=b&a=c'],
77
+
78
+ ['two list',
79
+ [simple, [['a', 'b'], ['b', 'c']]],
80
+ simple + '?a=b&b=c'],
81
+
82
+ ['two list (order)',
83
+ [simple, [['b', 'c'], ['a', 'b']]],
84
+ simple + '?b=c&a=b'],
85
+
86
+ ['two dict [order]',
87
+ [simple, {'b' => 'c', 'a' => 'b'}],
88
+ simple + '?a=b&b=c'],
89
+
90
+ ['args exist [empty]',
91
+ [simple + '?stuff=bother', []],
92
+ simple + '?stuff=bother'],
93
+
94
+ ['escape',
95
+ [simple, [['=', '=']]],
96
+ simple + '?%3D=%3D'],
97
+
98
+ ['escape [URL]',
99
+ [simple, [['this_url', simple]]],
100
+ simple + '?this_url=http%3A%2F%2Fwww.example.com%2F'],
101
+
102
+ ['use dots',
103
+ [simple, [['openid.stuff', 'bother']]],
104
+ simple + '?openid.stuff=bother'],
105
+
106
+ ['args exist',
107
+ [simple + '?stuff=bother', [['ack', 'ack']]],
108
+ simple + '?stuff=bother&ack=ack'],
109
+
110
+ ['args exist',
111
+ [simple + '?stuff=bother', [['ack', 'ack']]],
112
+ simple + '?stuff=bother&ack=ack'],
113
+
114
+ ['args exist [dict]',
115
+ [simple + '?stuff=bother', {'ack' => 'ack'}],
116
+ simple + '?stuff=bother&ack=ack'],
117
+
118
+ ['args exist [dict 2]',
119
+ [simple + '?stuff=bother', {'ack' => 'ack', 'zebra' => 'lion'}],
120
+ simple + '?stuff=bother&ack=ack&zebra=lion'],
121
+
122
+ ['three args [dict]',
123
+ [simple, {'stuff' => 'bother', 'ack' => 'ack', 'zebra' => 'lion'}],
124
+ simple + '?ack=ack&stuff=bother&zebra=lion'],
125
+
126
+ ['three args [list]',
127
+ [simple, [['stuff', 'bother'], ['ack', 'ack'], ['zebra', 'lion']]],
128
+ simple + '?stuff=bother&ack=ack&zebra=lion'],
129
+ ]
130
+
131
+ cases.each { |name, args, expected|
132
+ url, pairs = args
133
+ actual = Util.append_args(url, pairs)
134
+ msg = "[#{name}] Expected: #{expected}, actual: #{actual}"
135
+ assert_equal(expected, actual, msg)
136
+ }
137
+
138
+ end
139
+
140
+ def test_parse_query
141
+ assert_equal({'foo'=>'bar'}, Util.parse_query('foo=bar'))
142
+ end
143
+
144
+ end
145
+ end