rack 0.9.1 → 1.0.0

data/test/spec_rack_auth_digest.rb

@@ -14,7 +14,7 @@ context 'Rack::Auth::Digest::MD5' do
       [ 200, {'Content-Type' => 'text/plain'}, ["Hi #{env['REMOTE_USER']}"] ]
     end
   end
-  
+
   def protected_app
     app = Rack::Auth::Digest::MD5.new(unprotected_app) do |username|
       { 'Alice' => 'correct-password' }[username]
@@ -23,7 +23,7 @@ context 'Rack::Auth::Digest::MD5' do
     app.opaque = 'this-should-be-secret'
     app
   end
-  
+
   def protected_app_with_hashed_passwords
     app = Rack::Auth::Digest::MD5.new(unprotected_app) do |username|
       username == 'Alice' ? Digest::MD5.hexdigest("Alice:#{realm}:correct-password") : nil
@@ -33,17 +33,28 @@ context 'Rack::Auth::Digest::MD5' do
     app.passwords_hashed = true
     app
   end
-  
+
+  def partially_protected_app
+    Rack::URLMap.new({
+      '/' => unprotected_app,
+      '/protected' => protected_app
+    })
+  end
+
+  def protected_app_with_method_override
+    Rack::MethodOverride.new(protected_app)
+  end
+
   setup do
     @request = Rack::MockRequest.new(protected_app)
   end
 
-  def request(path, headers = {}, &block)
-    response = @request.get(path, headers)
+  def request(method, path, headers = {}, &block)
+    response = @request.request(method, path, headers)
     block.call(response) if block
     return response
   end
-  
+
   class MockDigestRequest
     def initialize(params)
       @params = params
@@ -55,22 +66,25 @@ context 'Rack::Auth::Digest::MD5' do
       super
     end
     def method
-      'GET'
+      @params['method']
     end
     def response(password)
       Rack::Auth::Digest::MD5.new(nil).send :digest, self, password
     end
   end
-  
-  def request_with_digest_auth(path, username, password, options = {}, &block)
-    response = request('/')
-    
+
+  def request_with_digest_auth(method, path, username, password, options = {}, &block)
+    request_options = {}
+    request_options[:input] = options.delete(:input) if options.include? :input
+
+    response = request(method, path, request_options)
+
     return response unless response.status == 401
-    
+
     if wait = options.delete(:wait)
       sleep wait
     end
-    
+
     challenge = response['WWW-Authenticate'].split(' ', 2).last
 
     params = Rack::Auth::Digest::Params.parse(challenge)
@@ -79,12 +93,14 @@ context 'Rack::Auth::Digest::MD5' do
     params['nc'] = '00000001'
     params['cnonce'] = 'nonsensenonce'
     params['uri'] = path
-        
+
+    params['method'] = method
+
     params.update options
-    
+
     params['response'] = MockDigestRequest.new(params).response(password)
-    
-    request(path, { 'HTTP_AUTHORIZATION' => "Digest #{params}" }, &block)
+
+    request(method, path, request_options.merge('HTTP_AUTHORIZATION' => "Digest #{params}"), &block)
   end
 
   def assert_digest_auth_challenge(response)
@@ -94,7 +110,7 @@ context 'Rack::Auth::Digest::MD5' do
     response.headers['WWW-Authenticate'].should =~ /^Digest /
     response.body.should.be.empty
   end
-  
+
   def assert_bad_request(response)
     response.should.be.a.client_error
     response.status.should.equal 400
@@ -102,44 +118,44 @@ context 'Rack::Auth::Digest::MD5' do
   end
 
   specify 'should challenge when no credentials are specified' do
-    request '/' do |response|
+    request 'GET', '/' do |response|
       assert_digest_auth_challenge response
     end
   end
-  
+
   specify 'should return application output if correct credentials given' do
-    request_with_digest_auth '/', 'Alice', 'correct-password' do |response|
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
       response.status.should.equal 200
       response.body.to_s.should.equal 'Hi Alice'
     end
-  end  
+  end
 
   specify 'should return application output if correct credentials given (hashed passwords)' do
     @request = Rack::MockRequest.new(protected_app_with_hashed_passwords)
-    
-    request_with_digest_auth '/', 'Alice', 'correct-password' do |response|
+
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password' do |response|
       response.status.should.equal 200
       response.body.to_s.should.equal 'Hi Alice'
     end
-  end  
-  
+  end
+
   specify 'should rechallenge if incorrect username given' do
-    request_with_digest_auth '/', 'Bob', 'correct-password' do |response|
+    request_with_digest_auth 'GET', '/', 'Bob', 'correct-password' do |response|
       assert_digest_auth_challenge response
     end
   end
-  
+
   specify 'should rechallenge if incorrect password given' do
-    request_with_digest_auth '/', 'Alice', 'wrong-password' do |response|
+    request_with_digest_auth 'GET', '/', 'Alice', 'wrong-password' do |response|
       assert_digest_auth_challenge response
     end
   end
-  
+
   specify 'should rechallenge with stale parameter if nonce is stale' do
     begin
       Rack::Auth::Digest::Nonce.time_limit = 1
-    
-      request_with_digest_auth '/', 'Alice', 'correct-password', :wait => 2 do |response|
+
+      request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', :wait => 2 do |response|
         assert_digest_auth_challenge response
         response.headers['WWW-Authenticate'].should =~ /\bstale=true\b/
       end
@@ -149,21 +165,62 @@ context 'Rack::Auth::Digest::MD5' do
   end
 
   specify 'should return 400 Bad Request if incorrect qop given' do
-    request_with_digest_auth '/', 'Alice', 'correct-password', 'qop' => 'auth-int' do |response|
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'qop' => 'auth-int' do |response|
       assert_bad_request response
     end
   end
 
   specify 'should return 400 Bad Request if incorrect uri given' do
-    request_with_digest_auth '/', 'Alice', 'correct-password', 'uri' => '/foo' do |response|
+    request_with_digest_auth 'GET', '/', 'Alice', 'correct-password', 'uri' => '/foo' do |response|
       assert_bad_request response
     end
   end
 
   specify 'should return 400 Bad Request if different auth scheme used' do
-    request '/', 'HTTP_AUTHORIZATION' => 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==' do |response|
+    request 'GET', '/', 'HTTP_AUTHORIZATION' => 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==' do |response|
       assert_bad_request response
     end
   end
-  
+
+  specify 'should not require credentials for unprotected path' do
+    @request = Rack::MockRequest.new(partially_protected_app)
+    request 'GET', '/' do |response|
+      response.should.be.ok
+    end
+  end
+
+  specify 'should challenge when no credentials are specified for protected path' do
+    @request = Rack::MockRequest.new(partially_protected_app)
+    request 'GET', '/protected' do |response|
+      assert_digest_auth_challenge response
+    end
+  end
+
+  specify 'should return application output if correct credentials given for protected path' do
+    @request = Rack::MockRequest.new(partially_protected_app)
+    request_with_digest_auth 'GET', '/protected', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'should return application output if correct credentials given for POST' do
+    request_with_digest_auth 'POST', '/', 'Alice', 'correct-password' do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'should return application output if correct credentials given for PUT (using method override of POST)' do
+    @request = Rack::MockRequest.new(protected_app_with_method_override)
+    request_with_digest_auth 'POST', '/', 'Alice', 'correct-password', :input => "_method=put" do |response|
+      response.status.should.equal 200
+      response.body.to_s.should.equal 'Hi Alice'
+    end
+  end
+
+  specify 'realm as optional constructor arg' do
+    app = Rack::Auth::Digest::MD5.new(unprotected_app, realm) { true }
+    assert_equal realm, app.realm
+  end
 end

data/test/spec_rack_auth_openid.rb

@@ -6,129 +6,76 @@ require 'rack/auth/openid'
 
 context "Rack::Auth::OpenID" do
   OID = Rack::Auth::OpenID
-  realm = 'http://path/arf'
-  ruri = %w{arf arf/blargh}
-  auri = ruri.map{|u|'/'+u}
-  furi = auri.map{|u|'http://path'+u}
+  host = 'host'
+  subd = 'sub.host'
+  wild = '*.host'
+  path = 'path'
+  long = 'path/long'
+  scheme = 'http://'
+  realm = scheme+host+'/'+path
 
-  specify 'realm uri should be absolute and have a path' do
-    lambda{OID.new('/path')}.
-      should.raise ArgumentError
-    lambda{OID.new('http://path')}.
-      should.raise ArgumentError
-    lambda{OID.new('http://path/')}.
-      should.not.raise
-    lambda{OID.new('http://path/arf')}.
-      should.not.raise
+  specify 'realm uri should be valid' do
+    lambda{OID.new('/'+path)}.should.raise ArgumentError
+    lambda{OID.new('/'+long)}.should.raise ArgumentError
+    lambda{OID.new(scheme+host)}.should.not.raise
+    lambda{OID.new(scheme+host+'/')}.should.not.raise
+    lambda{OID.new(scheme+host+'/'+path)}.should.not.raise
+    lambda{OID.new(scheme+subd)}.should.not.raise
+    lambda{OID.new(scheme+subd+'/')}.should.not.raise
+    lambda{OID.new(scheme+subd+'/'+path)}.should.not.raise
   end
 
-  specify 'uri options should be absolute' do
-    [:login_good, :login_fail, :login_quit, :return_to].each do |param|
-      ruri.each do |uri|
-        lambda{OID.new(realm, {param=>uri})}.
-          should.raise ArgumentError
-      end
-      auri.each do |uri|
-        lambda{OID.new(realm, {param=>uri})}.
-          should.raise ArgumentError
-      end
-      furi.each do |uri|
-        lambda{OID.new(realm, {param=>uri})}.
-          should.not.raise
-      end
-    end
+  specify 'should be able to check if a uri is within the realm' do
   end
 
-  specify 'return_to should be absolute and be under the realm' do
-    lambda{OID.new(realm, {:return_to => 'http://path'})}.
-      should.raise ArgumentError
-    lambda{OID.new(realm, {:return_to => 'http://path/'})}.
-      should.raise ArgumentError
-    lambda{OID.new(realm, {:return_to => 'http://path/arf'})}.
-      should.not.raise
-    lambda{OID.new(realm, {:return_to => 'http://path/arf/'})}.
-      should.not.raise
-    lambda{OID.new(realm, {:return_to => 'http://path/arf/blargh'})}.
-      should.not.raise
-  end
-
-  specify 'extensions should be a module' do
-    ext = Object.new
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(TypeError).
-      message.should.match(/not a module/)
-    ext2 = Module.new
-    lambda{OID.new(realm).add_extension(ext2)}.
-      should.raise(ArgumentError).
-      message.should.not.match(/not a module/)
+  specify 'return_to should be valid' do
+    uri = '/'+path
+    lambda{OID.new(realm, :return_to=>uri)}.should.raise ArgumentError
+    uri = '/'+long
+    lambda{OID.new(realm, :return_to=>uri)}.should.raise ArgumentError
+    uri = scheme+host
+    lambda{OID.new(realm, :return_to=>uri)}.should.raise ArgumentError
+    uri = scheme+host+'/'+path
+    lambda{OID.new(realm, :return_to=>uri)}.should.not.raise
+    uri = scheme+subd+'/'+path
+    lambda{OID.new(realm, :return_to=>uri)}.should.raise ArgumentError
+    uri = scheme+host+'/'+long
+    lambda{OID.new(realm, :return_to=>uri)}.should.not.raise
+    uri = scheme+subd+'/'+long
+    lambda{OID.new(realm, :return_to=>uri)}.should.raise ArgumentError
   end
 
   specify 'extensions should have required constants defined' do
+    badext = Rack::Auth::OpenID::BadExtension
+    ext = Object.new
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext = Module.new
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(ArgumentError).
-      message.should.match(/missing/)
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext::Request = nil
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(ArgumentError).
-      message.should.match(/missing/).
-        should.not.match(/Request/)
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext::Response = nil
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(ArgumentError).
-      message.should.match(/missing/).
-        should.not.match(/Response/)
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext::NS_URI = nil
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(TypeError).
-      message.should.not.match(/missing/)
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
   end
 
   specify 'extensions should have Request and Response defined and inherit from OpenID::Extension' do
-$-w, w = nil, $-w               # yuck
+    $-w, w = nil, $-w               # yuck
+    badext = Rack::Auth::OpenID::BadExtension
     ext = Module.new
     ext::Request = nil
     ext::Response = nil
     ext::NS_URI = nil
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(TypeError).
-      message.should.match(/not a class/)
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext::Request = Class.new()
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(TypeError).
-      message.should.match(/not a class/)
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext::Response = Class.new()
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(ArgumentError).
-      message.should.match(/not a decendant/)
-    ext::Request = Class.new(::OpenID::Extension)
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(ArgumentError).
-      message.should.match(/not a decendant/)
-    ext::Response = Class.new(::OpenID::Extension)
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(TypeError).
-      message.should.match(/NS_URI/)
-$-w = w
-  end
-
-  specify 'extensions should have NS_URI defined and be a string of an absolute http uri' do
-$-w, w = nil, $-w               # yuck
-    ext = Module.new
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext::Request = Class.new(::OpenID::Extension)
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
     ext::Response = Class.new(::OpenID::Extension)
-    ext::NS_URI = nil
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(TypeError).
-      message.should.match(/not a string/)
-    ext::NS_URI = 'openid.net'
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.raise(ArgumentError).
-      message.should.match(/not an http uri/)
-    ext::NS_URI = 'http://openid.net'
-    lambda{OID.new(realm).add_extension(ext)}.
-      should.not.raise
-$-w = w
+    lambda{OID.new(realm).add_extension(ext)}.should.raise(badext)
+    $-w = w
   end
 end
 

data/test/spec_rack_builder.rb

@@ -35,7 +35,7 @@ context "Rack::Builder" do
         'secret' == password
       end
 
-      run lambda { |env| [200, {}, 'Hi Boss'] }
+      run lambda { |env| [200, {}, ['Hi Boss']] }
     end
 
     response = Rack::MockRequest.new(app).get("/")
@@ -69,7 +69,7 @@ context "Rack::Builder" do
         def call(env)
           raise "bzzzt"  if @called > 0
         @called += 1
-          [200, {'Content-Type' => 'text/plain'}, 'OK']
+          [200, {'Content-Type' => 'text/plain'}, ['OK']]
         end
       end
 

data/test/spec_rack_chunked.rb

@@ -0,0 +1,62 @@
+require 'rack/mock'
+require 'rack/chunked'
+require 'rack/utils'
+
+context "Rack::Chunked" do
+
+  before do
+    @env = Rack::MockRequest.
+      env_for('/', 'HTTP_VERSION' => '1.1', 'REQUEST_METHOD' => 'GET')
+  end
+
+  specify 'chunks responses with no Content-Length' do
+    app = lambda { |env| [200, {}, ['Hello', ' ', 'World!']] }
+    response = Rack::MockResponse.new(*Rack::Chunked.new(app).call(@env))
+    response.headers.should.not.include 'Content-Length'
+    response.headers['Transfer-Encoding'].should.equal 'chunked'
+    response.body.should.equal "5\r\nHello\r\n1\r\n \r\n6\r\nWorld!\r\n0\r\n\r\n"
+  end
+
+  specify 'chunks empty bodies properly' do
+    app = lambda { |env| [200, {}, []] }
+    response = Rack::MockResponse.new(*Rack::Chunked.new(app).call(@env))
+    response.headers.should.not.include 'Content-Length'
+    response.headers['Transfer-Encoding'].should.equal 'chunked'
+    response.body.should.equal "0\r\n\r\n"
+  end
+
+  specify 'does not modify response when Content-Length header present' do
+    app = lambda { |env| [200, {'Content-Length'=>'12'}, ['Hello', ' ', 'World!']] }
+    status, headers, body = Rack::Chunked.new(app).call(@env)
+    status.should.equal 200
+    headers.should.not.include 'Transfer-Encoding'
+    headers.should.include 'Content-Length'
+    body.join.should.equal 'Hello World!'
+  end
+
+  specify 'does not modify response when client is HTTP/1.0' do
+    app = lambda { |env| [200, {}, ['Hello', ' ', 'World!']] }
+    @env['HTTP_VERSION'] = 'HTTP/1.0'
+    status, headers, body = Rack::Chunked.new(app).call(@env)
+    status.should.equal 200
+    headers.should.not.include 'Transfer-Encoding'
+    body.join.should.equal 'Hello World!'
+  end
+
+  specify 'does not modify response when Transfer-Encoding header already present' do
+    app = lambda { |env| [200, {'Transfer-Encoding' => 'identity'}, ['Hello', ' ', 'World!']] }
+    status, headers, body = Rack::Chunked.new(app).call(@env)
+    status.should.equal 200
+    headers['Transfer-Encoding'].should.equal 'identity'
+    body.join.should.equal 'Hello World!'
+  end
+
+  [100, 204, 304].each do |status_code|
+    specify "does not modify response when status code is #{status_code}" do
+      app = lambda { |env| [status_code, {}, []] }
+      status, headers, body = Rack::Chunked.new(app).call(@env)
+      status.should.equal status_code
+      headers.should.not.include 'Transfer-Encoding'
+    end
+  end
+end