rack-radar 0.0.1

data/lib/rack/radar/cookies.rb

@@ -0,0 +1,128 @@
+module Rack
+  module Radar
+    class RackRadarCookies
+      include ::Rack::Utils
+
+      def initialize
+        @jar = {}
+      end
+
+      def jar uri, cookies = nil
+        host = (((uri && uri.host) || RACK_RADAR__DEFAULT_HOST).split('.')[-2..-1]||[]).join('.').downcase
+        @jar[host] = cookies if cookies
+        @jar[host] ||= []
+      end
+
+      def [] name
+        cookies = to_hash
+        cookies[name] && cookies[name].value
+      end
+
+      def []= name, value
+        persist '%s=%s' % [name, ::Rack::Utils.escape(value)]
+      end
+
+      def delete name
+        jar nil, jar(nil).reject { |c| c.name == name }
+      end
+
+      def clear
+        jar nil, []
+      end
+
+      %w[size empty?].each do |m|
+        define_method m do |*args|
+          jar(nil).send __method__, *args
+        end
+      end
+
+      def persist raw_cookies, uri = nil
+        return unless raw_cookies.is_a?(String)
+
+        # before adding new cookies, lets cleanup expired ones
+        jar uri, jar(uri).reject { |c| c.expired? }
+
+        raw_cookies = raw_cookies.strip.split("\n").reject { |c| c.empty? }
+
+        raw_cookies.each do |raw_cookie|
+          cookie = Cookie.new(raw_cookie, uri)
+          cookie.valid?(uri) || next
+          jar(uri, jar(uri).reject { |existing_cookie| cookie.replaces? existing_cookie })
+          jar(uri) << cookie
+        end
+        jar(uri).sort!
+      end
+
+      def to_s uri = nil
+        to_hash(uri).values.map { |c| c.raw }.join(';')
+      end
+
+      def to_hash uri = nil
+        jar(uri).inject({}) do |cookies, cookie|
+          cookies.merge((uri ? cookie.dispose_for?(uri) : true) ? {cookie.name => cookie} : {})
+        end
+      end
+
+      class Cookie
+        include ::Rack::Utils
+
+        attr_reader :raw, :name, :value, :domain, :path, :expires, :default_host
+
+        def initialize raw, uri
+          @default_host = RACK_RADAR__DEFAULT_HOST
+
+          uri ||= default_uri
+          uri.host ||= default_host
+
+          @raw, @options = raw.split(/[;,] */n, 2)
+          @name, @value = parse_query(@raw, ';').to_a.first
+          @options = parse_query(@options, ';')
+
+          @domain = @options['domain'] || uri.host || default_host
+          @domain = '.' << @domain unless @domain =~ /\A\./
+
+          @path = @options['path'] || uri.path.sub(/\/[^\/]*\Z/, '')
+
+          (expires = @options['expires']) && (@expires = ::Time.parse(expires))
+        end
+
+        def replaces? cookie
+          [name.downcase, domain, path] == [cookie.name.downcase, cookie.domain, cookie.path]
+        end
+
+        def empty?
+          value.nil? || value.empty?
+        end
+
+        def secure?
+          @options.has_key?('secure')
+        end
+
+        def expired?
+          expires && expires < ::Time.now.gmtime
+        end
+
+        def dispose_for? uri
+          expired? ? false : valid?(uri)
+        end
+
+        def valid? uri = nil
+          uri ||= default_uri
+          uri.host ||= default_host
+          (secure? ? uri.scheme == 'https' : true) &&
+            (uri.host =~ /#{::Regexp.escape(domain.sub(/\A\./, ''))}\Z/i) &&
+            (uri.path =~ /\A#{::Regexp.escape(path)}/)
+        end
+
+        def <=> cookie
+          [name, path, domain.reverse] <=> [cookie.name, cookie.path, cookie.domain.reverse]
+        end
+
+        private
+        def default_uri
+          ::URI.parse('//' << default_host << '/')
+        end
+      end
+    end
+  end
+end

data/lib/rack/radar/session.rb

@@ -0,0 +1,190 @@
+module Rack
+  module Radar
+    class RackRadarSession
+      include ::Rack::Radar
+
+      attr_reader :headers, :cookies, :last_request, :last_response
+      alias header headers
+
+      def initialize app
+        @app = assert_valid_app(app)
+        @headers, @cookies = {}, RackRadarCookies.new
+      end
+
+      def basic_authorize user, pass
+        @basic_auth = [user, pass]
+      end
+      alias authorize basic_authorize
+      alias auth basic_authorize
+
+      def digest_authorize user, pass
+        @digest_auth = [user, pass]
+      end
+      alias digest_auth digest_authorize
+
+      def token_authorize token, options = {}
+        @token_auth = [token, options]
+      end
+      alias token_auth token_authorize
+
+      def reset_basic_auth!
+        @basic_auth = nil
+      end
+
+      def reset_digest_auth!
+        @digest_auth = nil
+      end
+
+      def reset_token_auth!
+        @token_auth = nil
+      end
+
+      def reset_auth!
+        reset_basic_auth!
+        reset_digest_auth!
+        reset_token_auth!
+      end
+
+      def invoke_request scheme, request_method, base_url, path, params, env
+        uri = uri(scheme, base_url, path)
+
+        env = RACK_RADAR__DEFAULT_ENV.merge(env)
+        env.update :method => request_method
+        env.update :params => normalize_params(params)
+        env.update 'HTTP_COOKIE' => cookies.to_s(uri)
+        env.update basic_auth_header
+        env.update token_auth_header
+
+        process_request(@app, uri, env)
+
+        if @digest_auth && @last_response.status == 401 && (challenge = @last_response['WWW-Authenticate'])
+          env.update(digest_auth_header(challenge, uri.path, request_method))
+          process_request(@app, uri, env)
+        end
+
+        cookies.persist(@last_response.header['Set-Cookie'], uri)
+
+        @last_response.respond_to?(:finish) && @last_response.finish
+        @last_response
+      end
+
+      def __r__session
+        self
+      end
+
+      private
+
+      def normalize_params params
+        params.inject({}) do |params, (k, v)|
+          k = k.to_s if k.is_a?(Numeric) || k.is_a?(Symbol)
+          v = v.to_s if v.is_a?(Numeric) || v.is_a?(Symbol)
+          params.merge k => v
+        end
+      end
+
+      def assert_valid_app app
+        return app if app.respond_to?(:call)
+        raise(ArgumentError, 'app should be a valid Rack app')
+      end
+
+      def uri scheme, base_url, path
+        path = path*'/'
+
+        # base_url ignored if given path starting with a protocol or a slash
+        path = [base_url, path].compact.map(&:to_s)*'/' unless path =~ %r[\A/|\A(\w+)?://]
+
+        # removing leading slash(es)
+        path.sub!(/\A\/+/, '')
+
+        uri = ::URI.parse(path)
+        # adding leading slash unless path starts with a protocol
+        uri.path = '/' << uri.path unless path =~ %r[\A(\w+)?://]
+
+        uri.host   ||= RACK_RADAR__DEFAULT_HOST
+        uri.scheme ||= scheme.to_s
+
+        # now that we have a full URI, eg. with scheme, port etc.
+        # lets build a new one based on it
+        ::URI.parse(uri.to_s)
+      end
+
+      def process_request app, path, env
+        env = ::Rack::MockRequest.env_for(path.to_s, Hash[env])
+        explicit_env = headers_to_env
+        explicit_env['rack.input'] && env['REQUEST_METHOD'] == 'POST' && env.delete('CONTENT_TYPE')
+        env.update explicit_env
+
+        @last_request = ::Rack::Request.new(env)
+
+        # initializing params. do not remove! needed for nested params to work
+        @last_request.params
+
+        status, headers, body = app.call(@last_request.env)
+
+        @last_response = ::Rack::MockResponse.new(status, headers, body, env['rack.errors'].flush)
+        body.respond_to?(:close) && body.close
+      end
+
+      def headers_to_env
+        headers.keys.inject({}) do |headers, key|
+          value = self.headers[key]
+          if (key =~ /\A[[:upper:]].*\-?[[:upper:]]?.*?/) && (key !~ /\AHTTP_|\ACONTENT_TYPE\Z/)
+            key = (key == 'Content-Type' ? '' : 'HTTP_') << key.upcase.gsub('-', '_')
+          end
+          headers.merge key => value
+        end
+      end
+
+      def basic_auth_header
+        return {} unless auth = @basic_auth
+        {'HTTP_AUTHORIZATION' => 'Basic %s' % ["#{auth.first}:#{auth.last}"].pack("m*")}
+      end
+
+      def digest_auth_header challenge, uri, request_method
+        params = ::Rack::Auth::Digest::Params.parse(challenge.split(" ", 2).last)
+        params.update({
+            "username" => @digest_auth.first,
+                  "nc" => "00000001",
+              "cnonce" => "nonsensenonce",
+                 "uri" => uri,
+              "method" => request_method,
+        })
+        params["response"] = MockDigestRequest.new(params).response(@digest_auth.last)
+        {'HTTP_AUTHORIZATION' => 'Digest ' << params.map {|p| '%s="%s"' % p}.join(', ')}
+      end
+
+      def token_auth_header
+        return {} unless auth = @token_auth
+        chunks = auth[1].each_with_object(['token=%s' % auth[0].to_s.inspect]) do |(k,v),o|
+          o << [key, value.to_s.inspect]*'='
+        end
+        {'HTTP_AUTHORIZATION' => 'Token %s' % chunks.join(', ')}
+      end
+
+      class MockDigestRequest # stolen from rack-test
+
+        def initialize(params)
+          @params = params
+        end
+
+        def method_missing(sym)
+          if @params.has_key? k = sym.to_s
+            return @params[k]
+          end
+
+          super
+        end
+
+        def method
+          @params['method']
+        end
+
+        def response(password)
+          Rack::Auth::Digest::MD5.new(nil).send :digest, self, password
+        end
+
+      end
+
+    end
+  end
+end

data/rack-radar.gemspec

@@ -0,0 +1,21 @@
+# coding: utf-8
+
+name, version = 'rack-radar 0.0.1'.split
+Gem::Specification.new do |spec|
+  spec.name          = name
+  spec.version       = version
+  spec.authors       = ['Slee Woo']
+  spec.email         = ['mail@sleewoo.com']
+  spec.description   = 'A simple API for testing Rack applications via Rack::MockRequest'
+  spec.summary       = [name, version]*'-'
+  spec.homepage      = 'https://github.com/sleewoo/' + name
+  spec.license       = 'MIT'
+
+  spec.files = Dir['**/{*,.[a-z]*}'].reject {|e| e =~ /\.(gem|lock)\Z/}
+  spec.require_paths = ['lib']
+
+  spec.required_ruby_version = '>= 1.9.2'
+  spec.add_development_dependency 'minispec'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake'
+end

data/test/app_test.rb

@@ -0,0 +1,52 @@
+require 'test_setup'
+
+class AppTest
+  include Minispec
+
+  class App < Air
+    def index
+      __method__
+    end
+  end
+
+  class JustAnotherApp < Air
+    def another
+      __method__
+    end
+  end
+
+  before_all { app(App) }
+
+  testing :response do
+    get
+    is(last_response).ok?
+    assert(last_response.body) == 'index'
+  end
+
+  testing :cookies do
+    cookies['foo'] = 'bar'
+    get
+    assert(cookies['foo']) == 'bar'
+  end
+
+  testing :headers do
+    header['User-Agent'] = 'Rack::Radar'
+    get
+    assert(headers['User-Agent']) == 'Rack::Radar'
+  end
+
+  testing 'another app' do
+
+    app(JustAnotherApp)
+
+    are(cookies['foo']).nil?
+    are(headers['User-Agent']).nil?
+
+    get
+    is(last_response).not_found?
+
+    get :another
+    is(last_response).ok?
+  end
+
+end

data/test/auth_test.rb

@@ -0,0 +1,150 @@
+require 'test_setup'
+
+class AuthTest
+  include Minispec
+
+  class BasicAuth < Air
+
+    use Rack::Auth::Basic do |u, p|
+      [u, p] == ['user', 'pass']
+    end
+
+    def index
+      __method__
+    end
+
+    def post_index
+      __method__
+    end
+  end
+
+  class DigestAuth < Air
+
+    use Rack::Auth::Digest::MD5, 'AccessRestricted', rand.to_s do |u|
+      {'digest-user' => 'digest-pass'}[u]
+    end
+
+    def index
+      __method__
+    end
+
+    def post_index
+      __method__
+    end
+  end
+
+  helper :authenticated? do |_,body|
+    is(last_response).ok?
+    assert(last_response.body) == (body || 'index')
+  end
+
+  helper :restricted? do
+    assert(last_response.status) == 401
+  end
+
+  context :Basic do
+    before_all { app BasicAuth }
+
+    it 'returns 401 when unauthorized' do
+      get
+      is.restricted?
+    end
+
+    should 'authenticate and return 200' do
+      auth 'user', 'pass'
+      get
+      is.authenticated?
+    end
+
+    testing 'reset_auth!' do
+      reset_auth!
+      get
+      is.restricted?
+    end
+
+    should 'relogin after reset_auth! used' do
+      auth 'user', 'pass'
+      get
+      is.authenticated?
+    end
+
+    testing 'reset_basic_auth!' do
+      reset_basic_auth!
+      get
+      is.restricted?
+    end
+
+    should 'relogin after reset_basic_auth! used' do
+      auth 'user', 'pass'
+      get
+      is.authenticated?
+    end
+
+    should 'fail with wrong credentials' do
+      reset_basic_auth!
+      auth 'bad', 'guy'
+      get
+      is.restricted?
+    end
+
+    should 'auth via POST' do
+      reset_basic_auth!
+      auth 'user', 'pass'
+      post
+      is.authenticated? 'post_index'
+    end
+  end
+
+  context :Digest do
+    before_all { app DigestAuth }
+
+    it 'is restricted by default' do
+      get
+      is.restricted?
+    end
+
+    should 'authenticate and return 200' do
+      digest_auth 'digest-user', 'digest-pass'
+      get
+      is.authenticated?
+    end
+
+    should 'reset auth using reset_auth!' do
+      reset_auth!
+      get
+      is.restricted?
+    end
+
+    should 'relogin after reset_auth! used' do
+      digest_auth 'digest-user', 'digest-pass'
+      get
+      is.authenticated?
+    end
+
+    should 'reset auth using reset_digest_auth!' do
+      reset_digest_auth!
+       get
+      is.restricted?
+    end
+
+    should 'relogin after reset_digest_auth! used' do
+      digest_auth 'digest-user', 'digest-pass'
+      get
+      is.authenticated?
+    end
+
+    should 'fail with wrong credentials' do
+      reset_digest_auth!
+      digest_auth 'bad', 'guy'
+      get
+      is.restricted?
+    end
+
+    should 'auth via POST' do
+      reset_digest_auth!
+      digest_auth 'digest-user', 'digest-pass'
+      post
+      is.authenticated? 'post_index'
+    end
+  end
+end