RubyGems - rack - Versions diffs - 0.1.0 → 0.2.0 - Mend

rack 0.1.0 → 0.2.0

Potentially problematic release.

This version of rack might be problematic. Click here for more details.

Files changed (48) hide show

data/AUTHORS +2 -0
data/RDOX +46 -1
data/README +19 -4
data/Rakefile +9 -8
data/bin/rackup +2 -0
data/example/protectedlobster.rb +14 -0
data/lib/rack.rb +19 -0
data/lib/rack/adapter/camping.rb +6 -0
data/lib/rack/auth/abstract/handler.rb +28 -0
data/lib/rack/auth/abstract/request.rb +39 -0
data/lib/rack/auth/basic.rb +58 -0
data/lib/rack/auth/digest/md5.rb +124 -0
data/lib/rack/auth/digest/nonce.rb +52 -0
data/lib/rack/auth/digest/params.rb +55 -0
data/lib/rack/auth/digest/request.rb +40 -0
data/lib/rack/commonlogger.rb +1 -1
data/lib/rack/file.rb +1 -1
data/lib/rack/handler/cgi.rb +7 -7
data/lib/rack/handler/fastcgi.rb +1 -1
data/lib/rack/handler/mongrel.rb +8 -7
data/lib/rack/handler/webrick.rb +7 -6
data/lib/rack/lint.rb +3 -3
data/lib/rack/lobster.rb +4 -4
data/lib/rack/mock.rb +9 -33
data/lib/rack/recursive.rb +1 -1
data/lib/rack/reloader.rb +1 -1
data/lib/rack/request.rb +32 -9
data/lib/rack/response.rb +54 -8
data/lib/rack/session/cookie.rb +73 -0
data/lib/rack/showexceptions.rb +2 -2
data/lib/rack/showstatus.rb +103 -0
data/lib/rack/static.rb +38 -0
data/lib/rack/urlmap.rb +1 -1
data/lib/rack/utils.rb +45 -3
data/test/spec_rack_auth_basic.rb +68 -0
data/test/spec_rack_auth_digest.rb +167 -0
data/test/spec_rack_camping.rb +3 -0
data/test/spec_rack_mock.rb +2 -0
data/test/spec_rack_mongrel.rb +12 -0
data/test/spec_rack_request.rb +60 -0
data/test/spec_rack_response.rb +50 -1
data/test/spec_rack_session_cookie.rb +49 -0
data/test/spec_rack_showstatus.rb +71 -0
data/test/spec_rack_static.rb +37 -0
data/test/spec_rack_urlmap.rb +1 -7
data/test/spec_rack_webrick.rb +17 -0
metadata +23 -3
data/lib/rack/adapter/rails.rb +0 -65

@@ -0,0 +1,68 @@
+require 'test/spec'
+require 'base64'
+require 'rack'
+context 'Rack::Auth::Basic' do
+  def realm
+    'WallysWorld'
+  end
+  def unprotected_app
+    lambda { |env| [ 200, {'Content-Type' => 'text/plain'}, ["Hi #{env['REMOTE_USER']}"] ] }
+  end
+  def protected_app
+    app = Rack::Auth::Basic.new(unprotected_app) { |username, password| 'Boss' == username }
+    app.realm = realm
+    app
+  end
+  setup do
+    @request = Rack::MockRequest.new(protected_app)
+  end
+  def request_with_basic_auth(username, password, &block)
+    request 'HTTP_AUTHORIZATION' => 'Basic ' + Base64.encode64("#{username}:#{password}"), &block
+  end
+  def request(headers = {})
+    yield @request.get('/', headers)
+  end
+  def assert_basic_auth_challenge(response)
+    response.should.be.a.client_error
+    response.status.should.equal 401
+    response.should.include 'WWW-Authenticate'
+    response.headers['WWW-Authenticate'].should =~ /Basic realm="/
+    response.body.should.be.empty
+  end
+  specify 'should challenge correctly when no credentials are specified' do
+    request do |response|
+      assert_basic_auth_challenge response
+    end
+  end
+  specify 'should rechallenge if incorrect credentials are specified' do
+    request_with_basic_auth 'joe', 'password' do |response|
+      assert_basic_auth_challenge response
+    end
+  end
+  specify 'should return application output if correct credentials are specified' do
+    request_with_basic_auth 'Boss', 'password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Boss'
+    end
+  end
+  specify 'should return 400 Bad Request if different auth scheme used' do
+    request 'HTTP_AUTHORIZATION' => 'Digest params' do |response|
+      response.should.be.a.client_error
+      response.status.should.equal 400
+      response.should.not.include 'WWW-Authenticate'
+    end
+  end
+end

data/test/spec_rack_auth_digest.rb ADDED

@@ -0,0 +1,167 @@
+require 'test/spec'
+require 'rack'
+context 'Rack::Auth::Digest::MD5' do
+  def realm
+    'WallysWorld'
+  end
+  def unprotected_app
+    lambda do |env|
+      [ 200, {'Content-Type' => 'text/plain'}, ["Hi #{env['REMOTE_USER']}"] ]
+    end
+  end
+  def protected_app
+    app = Rack::Auth::Digest::MD5.new(unprotected_app) do |username|
+      { 'Alice' => 'correct-password' }[username]
+    end
+    app.realm = realm
+    app.opaque = 'this-should-be-secret'
+    app
+  end
+  def protected_app_with_hashed_passwords
+    app = Rack::Auth::Digest::MD5.new(unprotected_app) do |username|
+      username == 'Alice' ? Digest::MD5.hexdigest("Alice:#{realm}:correct-password") : nil
+    end
+    app.realm = realm
+    app.opaque = 'this-should-be-secret'
+    app.passwords_hashed = true
+    app
+  end
+  setup do
+    @request = Rack::MockRequest.new(protected_app)
+  end
+  def request(path, headers = {}, &block)
+    response = @request.get(path, headers)
+    block.call(response) if block
+    return response
+  end
+  class MockDigestRequest
+    def initialize(params)
+      @params = params
+    end
+    def method_missing(sym)
+      if @params.has_key? k = sym.to_s
+        return @params[k]
+      end
+      super
+    end
+    def method
+      'GET'
+    end
+    def response(password)
+      Rack::Auth::Digest::MD5.new(nil).send :digest, self, password
+    end
+  end
+  def request_with_digest_auth(path, username, password, options = {}, &block)
+    response = request('/')
+    return response unless response.status == 401
+    if wait = options.delete(:wait)
+      sleep wait
+    end
+    challenge = response['WWW-Authenticate'].split(' ', 2).last
+    params = Rack::Auth::Digest::Params.parse(challenge)
+    params['username'] = username
+    params['nc'] = '00000001'
+    params['cnonce'] = 'nonsensenonce'
+    params['uri'] = path
+    params.update options
+    params['response'] = MockDigestRequest.new(params).response(password)
+    request(path, { 'HTTP_AUTHORIZATION' => "Digest #{params}" }, &block)
+  end
+  def assert_digest_auth_challenge(response)
+    response.should.be.a.client_error
+    response.status.should.equal 401
+    response.should.include 'WWW-Authenticate'
+    response.headers['WWW-Authenticate'].should =~ /^Digest /
+    response.body.should.be.empty
+  end
+  def assert_bad_request(response)
+    response.should.be.a.client_error
+    response.status.should.equal 400
+    response.should.not.include 'WWW-Authenticate'
+  end
+  specify 'should challenge when no credentials are specified' do
+    request '/' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+  specify 'should return application output if correct credentials given' do
+    request_with_digest_auth '/', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+  specify 'should return application output if correct credentials given (hashed passwords)' do
+    @request = Rack::MockRequest.new(protected_app_with_hashed_passwords)
+    request_with_digest_auth '/', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+  specify 'should rechallenge if incorrect username given' do
+    request_with_digest_auth '/', 'Bob', 'correct-password' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+  specify 'should rechallenge if incorrect password given' do
+    request_with_digest_auth '/', 'Alice', 'wrong-password' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+  specify 'should rechallenge with stale parameter if nonce is stale' do
+    begin
+      Rack::Auth::Digest::Nonce.time_limit = 1
+      request_with_digest_auth '/', 'Alice', 'correct-password', :wait => 2 do |response|
+        assert_digest_auth_challenge response
+        response.headers['WWW-Authenticate'].should =~ /\bstale=true\b/
+      end
+    ensure
+      Rack::Auth::Digest::Nonce.time_limit = nil
+    end
+  end
+  specify 'should return 400 Bad Request if incorrect qop given' do
+    request_with_digest_auth '/', 'Alice', 'correct-password', 'qop' => 'auth-int' do |response|
+      assert_bad_request response
+    end
+  end
+  specify 'should return 400 Bad Request if incorrect uri given' do
+    request_with_digest_auth '/', 'Alice', 'correct-password', 'uri' => '/foo' do |response|
+      assert_bad_request response
+    end
+  end
+  specify 'should return 400 Bad Request if different auth scheme used' do
+    request '/', 'HTTP_AUTHORIZATION' => 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==' do |response|
+      assert_bad_request response
+    end
+  end
+end

data/test/spec_rack_camping.rb CHANGED

@@ -1,5 +1,6 @@
 require 'test/spec'
 require 'stringio'
+require 'uri'
 require 'rack/mock'
@@ -12,6 +13,7 @@ module CampApp
   module Controllers
     class HW < R('/')
       def get
+        @headers["X-Served-By"] = URI("http://rack.rubyforge.org")
         "Camping works!"
       end
@@ -30,6 +32,7 @@ context "Rack::Adapter::Camping" do
     res.should.be.ok
     res["Content-Type"].should.equal "text/html"
+    res["X-Served-By"].should.equal "http://rack.rubyforge.org"
     res.body.should.equal "Camping works!"
   end

data/test/spec_rack_mock.rb CHANGED

@@ -126,6 +126,7 @@ context "Rack::MockResponse" do
     res["Content-Type"].should.equal "text/yaml"
     res.content_type.should.equal "text/yaml"
     res.content_length.should.be.nil
+    res.location.should.be.nil
   end
   specify "should provide access to the HTTP body" do
@@ -133,6 +134,7 @@ context "Rack::MockResponse" do
     res.body.should =~ /rack/
     res.should =~ /rack/
     res.should.match(/rack/)
+    res.should.satisfy { |r| r.match(/rack/) }
   end
   specify "should provide access to the Rack errors" do

data/test/spec_rack_mongrel.rb CHANGED

@@ -81,6 +81,18 @@ context "Rack::Handler::Mongrel" do
     response["rack.url_scheme"].should.equal "http"
   end
+  specify "should provide a .run" do
+    block_ran = false
+    Thread.new {
+      Rack::Handler::Mongrel.run(lambda {}, {:Port => 9211}) { |server|
+        server.should.be.kind_of Mongrel::HttpServer
+        block_ran = true
+      }
+    }
+    sleep 1
+    block_ran.should.be true
+  end
   teardown do
     @acc.raise Mongrel::StopServer
   end

data/test/spec_rack_request.rb CHANGED

@@ -52,6 +52,48 @@ context "Rack::Request" do
     req.params.should.equal "foo" => "bar", "quux" => "bla"
   end
+  specify "can get value by key from params with #[]" do
+    req = Rack::Request.new \
+      Rack::MockRequest.env_for("?foo=quux")
+    req['foo'].should.equal 'quux'
+    req[:foo].should.equal 'quux'
+  end
+  specify "can set value to key on params with #[]=" do
+    req = Rack::Request.new \
+      Rack::MockRequest.env_for("?foo=duh")
+    req['foo'].should.equal 'duh'
+    req[:foo].should.equal 'duh'
+    req.params.should.equal 'foo' => 'duh'
+    req['foo'] = 'bar'
+    req.params.should.equal 'foo' => 'bar'
+    req['foo'].should.equal 'bar'
+    req[:foo].should.equal 'bar'
+    req[:foo] = 'jaz'
+    req.params.should.equal 'foo' => 'jaz'
+    req['foo'].should.equal 'jaz'
+    req[:foo].should.equal 'jaz'
+  end
+  specify "values_at answers values by keys in order given" do
+    req = Rack::Request.new \
+      Rack::MockRequest.env_for("?foo=baz&wun=der&bar=ful")
+    req.values_at('foo').should.equal ['baz']
+    req.values_at('foo', 'wun').should.equal ['baz', 'der']
+    req.values_at('bar', 'foo', 'wun').should.equal ['ful', 'baz', 'der']
+  end
+  specify "referrer should be extracted correct" do
+    req = Rack::Request.new \
+      Rack::MockRequest.env_for("/", "HTTP_REFERER" => "/some/path")
+    req.referer.should.equal "/some/path"
+    req = Rack::Request.new \
+      Rack::MockRequest.env_for("/")
+    req.referer.should.equal "/"
+  end
   specify "can cache, but invalidates the cache" do
     req = Rack::Request.new \
@@ -123,6 +165,24 @@ context "Rack::Request" do
       should.equal "https://example.com:8080/foo?foo"
   end
+  specify "can restore the full path" do
+    Rack::Request.new(Rack::MockRequest.env_for("")).fullpath.
+      should.equal "/"
+    Rack::Request.new(Rack::MockRequest.env_for("", "SCRIPT_NAME" => "/foo")).fullpath.
+      should.equal "/foo/"
+    Rack::Request.new(Rack::MockRequest.env_for("/foo")).fullpath.
+      should.equal "/foo"
+    Rack::Request.new(Rack::MockRequest.env_for("?foo")).fullpath.
+      should.equal "/?foo"
+    Rack::Request.new(Rack::MockRequest.env_for("http://example.org:8080/")).fullpath.
+      should.equal "/"
+    Rack::Request.new(Rack::MockRequest.env_for("https://example.org/")).fullpath.
+      should.equal "/"
+    Rack::Request.new(Rack::MockRequest.env_for("https://example.com:8080/foo?foo")).fullpath.
+      should.equal "/foo?foo"
+  end
   specify "can parse multipart form data" do
     # Adapted from RFC 1867.
     input = <<EOF

data/test/spec_rack_response.rb CHANGED

@@ -105,6 +105,55 @@ context "Rack::Response" do
     lambda {
       Rack::Response.new(Object.new)
     }.should.raise(TypeError).
-      message.should =~ /String or iterable required/
+      message.should =~ /stringable or iterable required/
   end
+  specify "knows if it's empty" do
+    r = Rack::Response.new
+    r.should.be.empty
+    r.write "foo"
+    r.should.not.be.empty
+    r = Rack::Response.new
+    r.should.be.empty
+    r.finish
+    r.should.be.empty
+    r = Rack::Response.new
+    r.should.be.empty
+    r.finish { }
+    r.should.not.be.empty
+  end
+  specify "should provide access to the HTTP status" do
+    res = Rack::Response.new
+    res.status = 200
+    res.should.be.successful
+    res.should.be.ok
+    res.status = 404
+    res.should.not.be.successful
+    res.should.be.client_error
+    res.should.be.not_found
+    res.status = 501
+    res.should.not.be.successful
+    res.should.be.server_error
+    res.status = 307
+    res.should.be.redirect
+  end
+  specify "should provide access to the HTTP headers" do
+    res = Rack::Response.new
+    res["Content-Type"] = "text/yaml"
+    res.should.include "Content-Type"
+    res.headers["Content-Type"].should.equal "text/yaml"
+    res["Content-Type"].should.equal "text/yaml"
+    res.content_type.should.equal "text/yaml"
+    res.content_length.should.be.nil
+    res.location.should.be.nil
+  end
 end

data/test/spec_rack_session_cookie.rb ADDED

@@ -0,0 +1,49 @@
+require 'test/spec'
+require 'rack/session/cookie'
+require 'rack/mock'
+require 'rack/response'
+context "Rack::Session::Cookie" do
+  incrementor = lambda { |env|
+    env["rack.session"]["counter"] ||= 0
+    env["rack.session"]["counter"] += 1
+    Rack::Response.new(env["rack.session"].inspect).to_a
+  }
+  specify "creates a new cookie" do
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).get("/")
+    res["Set-Cookie"].should.match("rack.session=")
+    res.body.should.equal '{"counter"=>1}'
+  end
+  specify "loads from a cookie" do
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).get("/")
+    cookie = res["Set-Cookie"]
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).
+      get("/", "HTTP_COOKIE" => cookie)
+    res.body.should.equal '{"counter"=>2}'
+    cookie = res["Set-Cookie"]
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).
+      get("/", "HTTP_COOKIE" => cookie)
+    res.body.should.equal '{"counter"=>3}'
+  end
+  specify "survives broken cookies" do
+    res = Rack::MockRequest.new(Rack::Session::Cookie.new(incrementor)).
+      get("/", "HTTP_COOKIE" => "rack.session=blarghfasel")
+    res.body.should.equal '{"counter"=>1}'
+  end
+  bigcookie = lambda { |env|
+    env["rack.session"]["cookie"] = "big" * 3000
+    Rack::Response.new(env["rack.session"].inspect).to_a
+  }
+  specify "barks on too big cookies" do
+    lambda {
+      Rack::MockRequest.new(Rack::Session::Cookie.new(bigcookie)).
+        get("/", :fatal => true)
+    }.should.raise(Rack::MockRequest::FatalWarning)
+  end
+end