rhc 1.4.8 → 1.5.13

data/spec/rhc/command_spec.rb

@@ -1,10 +1,17 @@
 require 'spec_helper'
 require 'rhc/commands/base'
 require 'rhc/exceptions'
+require 'rest_spec_helper'
 
 describe RHC::Commands::Base do
 
-  before{ base_config }
+  let!(:config){ base_config }
+
+  before{ c = RHC::Commands.instance_variable_get(:@commands); @saved_commands = c && c.dup || nil }
+  after do 
+    (Kernel.send(:remove_const, subject) if subject.is_a?(Class)) rescue nil
+    RHC::Commands.instance_variable_set(:@commands, @saved_commands)
+  end
 
   describe '#object_name' do
     subject { described_class }
@@ -190,25 +197,110 @@ describe RHC::Commands::Base do
   end
 
   describe "rest_client" do
-    let(:auth){ mock }
-    before{ RHC::Auth::Basic.should_receive(:new).once.with(subject.send(:options)).and_return(auth) }
+    let(:instance){ subject }
+
+    context "when initializing the object" do
+      let(:auth){ mock }
+      let(:basic_auth){ mock }
+      before{ RHC::Auth::Basic.should_receive(:new).once.with{ |arg| arg.should == instance.send(:options) }.and_return(basic_auth) }
+      before{ RHC::Auth::Token.should_receive(:new).once.with{ |arg, arg2, arg3| [arg, arg2, arg3].should == [instance.send(:options), basic_auth, instance.send(:token_store)] }.and_return(auth) }
+
+      it "should create a new auth object" do
+        subject.should_receive(:client_from_options).with(:auth => auth)
+        subject.send(:rest_client)
+      end
+      it { subject.send(:rest_client).should be_a(RHC::Rest::Client) }
+      it { subject.send(:rest_client).should equal subject.send(:rest_client) }
+    end
 
-    it do
-      subject.should_receive(:client_from_options).with(:auth => auth)
-      subject.send(:rest_client)
+    context "from a command line" do
+      subject{ Class.new(RHC::Commands::Base){ object_name :test; def run; 0; end } }
+      let(:instance) { subject.new }
+      let(:rest_client){ command_for(*arguments).send(:rest_client) }
+      let(:basic_auth){ rest_client.send(:auth).send(:auth) }
+      let(:stored_token){ nil }
+      before{ instance.send(:token_store).stub(:get).and_return(nil) unless stored_token }
+
+      context "with credentials" do
+        let(:arguments){ ['test', '-l', 'foo', '-p', 'bar'] }
+        it { expect{ rest_client.user }.to call(:user).on(rest_client) }
+      end
+
+      context "without password" do
+        let(:username){ 'foo' }
+        let(:password){ 'bar' }
+        let(:arguments){ ['test', '-l', username, '--server', mock_uri] }
+        before{ stub_api(:user => username); stub_user(:user => username, :password => password) }
+        before{ basic_auth.should_receive(:ask).and_return(password) }
+        it("asks for password") { rest_client.user }
+      end
+
+      context "without name or password" do
+        let(:username){ 'foo' }
+        let(:password){ 'bar' }
+        let(:arguments){ ['test', '--server', mock_uri] }
+        before{ stub_api; stub_user(:user => username, :password => password) }
+        before{ basic_auth.should_receive(:ask).ordered.and_return(username) }
+        before{ basic_auth.should_receive(:ask).ordered.and_return(password) }
+        it("asks for password") { rest_client.user }
+      end
+
+      context "with token" do
+        let(:username){ 'foo' }
+        let(:token){ 'a_token' }
+        let(:arguments){ ['test', '--token', token, '--server', mock_uri] }
+        before{ stub_api(:token => token); stub_user(:token => token) }
+        it("calls the server") { rest_client.user }
+      end
+
+      context "with username and a stored token" do
+        let(:username){ 'foo' }
+        let(:stored_token){ 'a_token' }
+        let(:arguments){ ['test', '-l', username, '--server', mock_uri] }
+        before{ instance.send(:token_store).should_receive(:get).with{ |user, server| user.should == username; server.should == instance.send(:openshift_server) }.and_return(stored_token) }
+        before{ stub_api; stub_user(:token => stored_token) }
+        it("has token set") { command_for(*arguments).send(:options).token.should == stored_token }
+        it("calls the server") { rest_client.user }
+      end
+
+      context "with username and tokens enabled" do
+        let!(:config){ base_config{ |c, d| d.add('use_authorization_tokens', 'true') } }
+        let(:username){ 'foo' }
+        let(:auth_token){ stub(:token => 'a_token') }
+        let(:arguments){ ['test', '-l', username, '--server', mock_uri] }
+        before{ instance.send(:token_store).should_receive(:get).with{ |user, server| user.should == username; server.should == instance.send(:openshift_server) }.twice.and_return(nil) }
+        before{ stub_api(false, true); stub_api_request(:get, 'broker/rest/user', false).to_return{ |request| request.headers['Authorization'] =~ /Bearer/ ? simple_user(username) : {:status => 401} } }
+        it("should attempt to create a new token") do 
+          rest_client.should_receive(:new_session).ordered.and_return(auth_token)
+          rest_client.user
+        end
+      end
+
+      context "with username and tokens enabled against a server without tokens" do
+        let!(:config){ base_config{ |c, d| d.add('use_authorization_tokens', 'true') } }
+        let(:username){ 'foo' }
+        let(:arguments){ ['test', '-l', username, '--server', mock_uri] }
+        before{ instance.send(:token_store).should_receive(:get).with{ |user, server| user.should == username; server.should == instance.send(:openshift_server) }.twice.and_return(nil) }
+        before{ stub_api(false, false); stub_api_request(:get, 'broker/rest/user', false).to_return{ |request| request.headers['Authorization'] =~ /Basic/ ? simple_user(username) : {:status => 401} } }
+        it("should prompt for password") do 
+          basic_auth.should_receive(:ask).once.and_return('password')
+          rest_client.user
+        end
+      end
     end
-    it { subject.send(:rest_client).should be_a(RHC::Rest::Client) }
-    it { subject.send(:rest_client).should equal subject.send(:rest_client) }
   end
 end
 
 describe Commander::Command::Options do
   it{ subject.foo = 'bar'; subject.foo.should == 'bar' }
+  it{ subject.foo = 'bar'; subject.respond_to?(:foo).should be_true }
   it{ subject.foo = lambda{ 'bar' }; subject.foo.should == 'bar' }
   it{ subject.foo = lambda{ 'bar' }; subject[:foo].should == 'bar' }
   it{ subject.foo = lambda{ 'bar' }; subject['foo'].should == 'bar' }
   it{ subject.foo = lambda{ 'bar' }; subject.__hash__[:foo].should be_a Proc }
   it{ subject[:foo] = lambda{ 'bar' }; subject.foo.should == 'bar' }
   it{ subject['foo'] = lambda{ 'bar' }; subject.foo.should == 'bar' }
+  it{ subject.is_a?(Commander::Command::Options).should be_true }
+  it{ expect{ subject.barf? }.to raise_error(NoMethodError) }
   it{ Commander::Command::Options.new(:foo => 1).foo.should == 1 }
 end

data/spec/rhc/commands/account_spec.rb

@@ -5,7 +5,7 @@ require 'rhc/commands/account'
 
 describe RHC::Commands::Account do
 
-  describe 'run' do
+  describe '#run' do
     let(:arguments) { ['account'] }
     let(:username) { 'foo' }
     let(:password) { 'pass' }
@@ -38,4 +38,78 @@ describe RHC::Commands::Account do
       it('should show') { run_output.should =~ /Plan:\s*Other/ }
     end
   end
+
+  describe '#logout' do
+    let(:arguments) { ['account', 'logout'] }
+    let(:username) { 'foo' }
+    let(:password) { 'pass' }
+    let(:supports_auth) { false }
+    let(:server) { mock_uri }
+    let!(:token_store) { RHC::Auth::TokenStore.new(Dir.mktmpdir) }
+    before{ user_config }
+    before do
+      stub_api(mock_user_auth, supports_auth)
+      stub_user
+      RHC::Auth::TokenStore.should_receive(:new).at_least(1).and_return(token_store)
+    end
+
+    it("should clear the token cache"){ expect{ run }.should call(:clear).on(token_store) }
+    it("should exit with success"){ expect{ run }.should exit_with_code(0) }
+    it("should display a message"){ run_output.should match("All local sessions removed.") }
+
+    context "when --all is requested" do
+      let(:arguments) { ['account', 'logout', '--all'] }
+
+      context "if the server does not implement authorizations" do
+        it("should display a message"){ run_output.should match(/Deleting all authorizations associated with your account.*not supported/) }
+        it("should exit with success"){ expect{ run }.should exit_with_code(0) }
+      end
+
+      context "if the server implements authorizations" do
+        let(:supports_auth) { true }
+        before{ stub_delete_authorizations }
+
+        it("should display a message"){ run_output.should match(/Deleting all authorizations associated with your account.*done/) }
+        it("should exit with success"){ expect{ run }.should exit_with_code(0) }
+      end
+    end
+
+    context "when --token is provided" do
+      let(:arguments) { ['account', 'logout', '--token', 'foo'] }
+      def user_auth; { :token => 'foo' }; end
+
+      context "if the server does not implement authorizations" do
+        it("should display a message"){ run_output.should match(/Ending session on server.*not supported/) }
+        it("should exit with success"){ expect{ run }.should exit_with_code(0) }
+      end
+
+      context "if the server implements authorizations" do
+        let(:supports_auth) { true }
+
+        context "if the server returns successfully" do
+          before{ stub_delete_authorization('foo') }
+
+          it("should display a message"){ run_output.should match(/Ending session on server.*deleted/) }
+          it("should exit with success"){ expect{ run }.should exit_with_code(0) }
+          it("should clear the token cache"){ expect{ run }.should call(:clear).on(token_store) }
+        end
+
+        context "if the server rejects the token" do
+          before{ stub_request(:delete, mock_href('broker/rest/user/authorizations/foo', false)).to_return(:status => 401, :body => {}.to_json) }
+
+          it("should display a message"){ run_output.should match(/Ending session on server.*already closed/) }
+          it("should exit with success"){ expect{ run }.should exit_with_code(0) }
+          it("should clear the token cache"){ expect{ run }.should call(:clear).on(token_store) }
+        end
+
+        context "if the server returns an unexpected error" do
+          before{ stub_request(:delete, mock_href('broker/rest/user/authorizations/foo', false)).to_return(:status => 500, :body => {}.to_json) }
+
+          it("should display a message"){ run_output.should match(/Ending session on server.*The server did not respond/) }
+          it("should exit with success"){ expect{ run }.should exit_with_code(0) }
+          it("should clear the token cache"){ expect{ run }.should call(:clear).on(token_store) }
+        end
+      end
+    end
+  end
 end

data/spec/rhc/commands/app_spec.rb

@@ -43,6 +43,12 @@ describe RHC::Commands::App do
     end
   end
 
+  describe '#gear_group_state' do
+    it("shows single state"){ subject.send(:gear_group_state, ['started']).should == 'started' }
+    it("shows unique states"){ subject.send(:gear_group_state, ['idle', 'idle']).should == 'idle' }
+    it("shows number of started"){ subject.send(:gear_group_state, ['started', 'idle']).should == '1/2 started' }
+  end
+
   describe 'app create' do
     before(:each) do
       domain = rest_client.add_domain("mockdomain")
@@ -150,9 +156,9 @@ describe RHC::Commands::App do
       it "should create a jenkins app and a regular app with an embedded jenkins client" do
         #puts run_output
         expect { run }.should exit_with_code(0)
-        jenkins_app = @domain.find_application("jenkins")
+        jenkins_app = rest_client.find_application(@domain.id,"jenkins")
         jenkins_app.cartridges[0].name.should == "jenkins-1.4"
-        app = @domain.find_application("app1")
+        app = rest_client.find_application(@domain.id,"app1")
         app.find_cartridge("jenkins-client-1.4")
       end
     end
@@ -190,8 +196,8 @@ describe RHC::Commands::App do
       end
       it "should use existing jenkins" do
         expect { run }.should exit_with_code(0)
-        expect { @domain.find_application("jenkins") }.should_not raise_error
-        expect { @domain.find_application("jenkins2") }.should raise_error(RHC::ApplicationNotFoundException)
+        expect { rest_client.find_application(@domain.id,"jenkins") }.should_not raise_error
+        expect { rest_client.find_application(@domain.id,"jenkins2") }.should raise_error(RHC::Rest::ApplicationNotFoundException)
       end
     end
   end
@@ -328,7 +334,7 @@ describe RHC::Commands::App do
       before{ @domain = rest_client.add_domain("mockdomain") }
 
       it "should raise cartridge not found exception when no apps exist" do
-        expect { run }.should raise_error RHC::ApplicationNotFoundException
+        expect { run }.should raise_error RHC::Rest::ApplicationNotFoundException
       end
 
       context "with an app" do
@@ -416,6 +422,18 @@ describe RHC::Commands::App do
     end
   end
 
+  describe 'app show --gears' do
+    let(:arguments) { ['app', 'show', 'app1', '--gears', '--noprompt'] }
+
+    context 'when run' do
+      before(:each) do
+        @domain = rest_client.add_domain("mockdomain")
+        @domain.add_application("app1", "mock_type")
+      end
+      it { run_output.should match("fakegearid started fake_geargroup_cart-0.1") }
+    end
+  end
+
   describe 'app ssh' do
     let(:arguments) { ['app', 'ssh', 'app1'] }
 

data/spec/rhc/commands/authorization_spec.rb

@@ -0,0 +1,120 @@
+require 'spec_helper'
+require 'rest_spec_helper'
+require 'rhc'
+require 'rhc/commands/authorization'
+
+describe RHC::Commands::Authorization do
+
+  def self.with_authorization
+    let(:username) { 'foo' }
+    let(:password) { 'pass' }
+    let(:server) { mock_uri }
+    before{ user_config }
+    before{ stub_api(true, true) }
+  end
+  def self.without_authorization
+    let(:username) { 'foo' }
+    let(:password) { 'pass' }
+    let(:server) { mock_uri }
+    before{ user_config }
+    before{ stub_api(true, false) }
+  end
+  def self.expect_an_unsupported_message
+    context "without authorizations" do
+      without_authorization
+      it('should warn that the server doesn\'t support auth'){ run_output.should =~ /The server does not support setting, retrieving, or authenticating with authorization tokens/ }
+      it{ expect{ run }.should exit_with_code(1) }
+    end
+  end
+
+  describe '#run' do
+    let(:arguments) { ['authorization'] }
+    context "with authorizations" do
+      with_authorization
+      before{ stub_authorizations }
+      it('should display the note')           { run_output.should =~ /an_authorization/ }
+      it('should display the token')          { run_output.should =~ /Token:\s+a_token_value/ }
+      it('should display the expiration')     { run_output.should =~ /Expires In:\s+1 minute/ }
+      it('should display the creation date')  { run_output.should =~ /Created:\s+#{RHC::Helpers.date('2013-02-21T01:00:01Z')}/ }
+      it('should display the scopes')         { run_output.should =~ /Scopes:\s+session read/ }
+      it{ expect{ run }.should exit_with_code(0) }
+    end
+
+    expect_an_unsupported_message
+  end
+
+  describe "#delete" do
+    let(:arguments) { ['authorization', 'delete', 'foo', 'bar'] }
+
+    context "with authorizations" do
+      with_authorization
+      before{ stub_delete_authorization('foo') }
+      before{ stub_delete_authorization('bar') }
+      it('should display success') { run_output.should =~ /Deleting auth.*done/ }
+      it{ expect{ run }.should exit_with_code(0) }
+      after{ a_request(:delete, mock_href('broker/rest/user/authorizations/foo', true)).should have_been_made }
+      after{ a_request(:delete, mock_href('broker/rest/user/authorizations/bar', true)).should have_been_made }
+    end
+
+    context "without a token in the command line" do
+      let(:arguments) { ['authorization', 'delete'] }
+      it('should display success') { run_output.should =~ /You must specify one or more tokens to delete/ }
+      it{ expect{ run }.should exit_with_code(1) }
+    end
+
+    expect_an_unsupported_message
+  end
+
+  describe "#delete_all" do
+    let(:arguments) { ['authorization', 'delete-all'] }
+
+    context "with authorizations" do
+      with_authorization
+      before{ stub_delete_authorizations }
+      it('should display success') { run_output.should =~ /Deleting all auth.*done/ }
+      it{ expect{ run }.should exit_with_code(0) }
+      after{ a_request(:delete, mock_href('broker/rest/user/authorizations', true)).should have_been_made }
+    end
+
+    expect_an_unsupported_message
+  end
+
+  describe "#scope_help" do
+    let(:rest_client){ stub(:authorization_scope_list => [['scope_1', 'A description'], ['scope_2', 'Another description']]) }
+    before{ subject.should_receive(:rest_client).and_return(rest_client) }
+    it{ capture{ subject.send(:scope_help) }.should =~ /scope_1.*A description/ }
+    it{ capture{ subject.send(:scope_help) }.should =~ /scope_2.*Another description/ }
+    it{ capture{ subject.send(:scope_help) }.should =~ /You may pass multiple scopes/ }
+  end
+
+  describe "#add" do
+    let(:arguments) { ['authorization', 'add'] }
+
+    context "with authorizations" do
+      using_command_instance
+      with_authorization
+      before{ instance.should_receive(:scope_help) }
+
+      it('should display the scope help') { command_output.should =~ /When adding an authorization.*to see more options/m }
+      it{ expect{ run_command }.should exit_with_code(0) }
+    end
+
+    expect_an_unsupported_message
+
+    context "with options" do
+      let(:arguments) { ['authorization', 'add', '--scope', 'foo,bar', '--note', 'a_note', '--expires-in', '300'] }
+      with_authorization
+      before{ stub_add_authorization(:note => 'a_note', :scope => 'foo,bar', :expires_in => '300') }
+
+      it('should display success') { run_output.should =~ /Adding authorization.*done/ }
+      it('should display the note')           { run_output.should =~ /a_note/ }
+      it('should display the token')          { run_output.should =~ /Token:\s+a_token_value/ }
+      it('should display the expiration')     { run_output.should =~ /Expires In:\s+5 minutes/ }
+      it('should display the creation date')  { run_output.should =~ /Created:\s+#{RHC::Helpers.date(mock_date_1)}/ }
+      it('should display the scopes')         { run_output.should =~ /Scopes:\s+foo bar/ }
+      it{ expect{ run }.should exit_with_code(0) }
+
+      expect_an_unsupported_message
+    end
+  end
+end

data/spec/rhc/commands/domain_spec.rb

@@ -118,7 +118,7 @@ describe RHC::Commands::Domain do
         expect { run }.should exit_with_code(127)
         rest_client.domains.empty?.should be_true
       end
-      it { run_output.should match("does not exist") }
+      it { run_output.should match("not found") }
     end
   end
 
@@ -155,7 +155,7 @@ describe RHC::Commands::Domain do
         expect { run }.should exit_with_code(127)
         rest_client.domains[0].id.should == 'dontdelete'
       end
-      it { run_output.should match("Domain deleteme does not exist") }
+      it { run_output.should match("Domain deleteme not found") }
     end
 
     context 'when there are applications on the domain' do

data/spec/rhc/commands/git_clone_spec.rb

@@ -1,6 +1,7 @@
 require 'spec_helper'
 require 'rest_spec_helper'
 require 'rhc/commands/git_clone'
+require 'fileutils'
 
 describe RHC::Commands::GitClone do
   before(:each) do
@@ -45,6 +46,29 @@ describe RHC::Commands::GitClone do
         it { run_output.should match("Cloned") }
       end
 
+      context "testing git_clone_deploy_hooks" do
+        before do
+          @instance.stub(:git_clone_repo) do |git_url, repo_dir|
+            FileUtils.mkdir_p "#{repo_dir}/.git/hooks"
+            FileUtils.mkdir_p "#{repo_dir}/.openshift/git_hooks"
+            FileUtils.touch "#{repo_dir}/.openshift/git_hooks/pre_commit"
+            @instance.git_clone_deploy_hooks(repo_dir)
+            say "Copied" if File.exists?("#{repo_dir}/.git/hooks/pre_commit")
+            true
+          end
+
+          # Get around the FakeFS bug (defunkt/fakefs#177) by
+          # stubbing the #cp call to inject a expected fs entry
+          FileUtils.stub(:cp) do |hook, dir|
+            FakeFS::FileSystem.add(
+              File.join(dir, File.basename(hook)),
+              FakeFS::FileSystem.find(hook))
+          end
+        end
+        it { expect { run }.should exit_with_code(0) }
+        it { run_output.should match("Copied") }
+      end
+
       context "reports failure" do
         before{ @instance.stub(:git_clone_repo).and_raise(RHC::GitException) }
 

data/spec/rhc/commands/port_forward_spec.rb

@@ -65,11 +65,7 @@ describe RHC::Commands::PortForward do
         @ssh.should_receive(:exec!).with("rhc-list-ports").and_yield(nil, :stderr, 'mysql -> 127.0.0.1:3306')
         forward = mock(Net::SSH::Service::Forward)
         @ssh.should_receive(:forward).and_return(forward)
-        if mac?
-          forward.should_receive(:local).with(3306, '127.0.0.1', 3306)
-        else
-          forward.should_receive(:local).with('127.0.0.1', 3306, '127.0.0.1', 3306)
-        end
+        forward.should_receive(:local).with(3306, '127.0.0.1', 3306)
         @ssh.should_receive(:loop)
       end
       it "should run successfully" do
@@ -108,11 +104,7 @@ describe RHC::Commands::PortForward do
         @ssh.should_receive(:exec!).with("rhc-list-ports").and_yield(nil, :stderr, 'mysql -> 127.0.0.1:3306')
         forward = mock(Net::SSH::Service::Forward)
         @ssh.should_receive(:forward).and_return(forward)
-        if mac?
-          forward.should_receive(:local).with(3306, '127.0.0.1', 3306)
-        else
-          forward.should_receive(:local).with('127.0.0.1', 3306, '127.0.0.1', 3306)
-        end
+        forward.should_receive(:local).with(3306, '127.0.0.1', 3306)
         @ssh.should_receive(:loop).and_raise(Interrupt.new)
       end
       it "should exit when user interrupts" do
@@ -124,6 +116,21 @@ describe RHC::Commands::PortForward do
       it { run_output.should include("Ending port forward") }
     end
 
+    context 'when local port is already bound' do
+      before(:each) do
+        Net::SSH.should_receive(:start).with(@uri.host, @uri.user).and_yield(@ssh).twice
+        @ssh.should_receive(:exec!).with("rhc-list-ports").and_yield(nil, :stderr, 'mysql -> 127.0.0.1:3306')
+        forward = mock(Net::SSH::Service::Forward)
+        @ssh.should_receive(:forward).at_least(2).and_return(forward)
+        forward.should_receive(:local).with(3306, '127.0.0.1', 3306).and_raise(Errno::EACCES)
+        forward.should_receive(:local).with(3307, '127.0.0.1', 3306)
+        @ssh.should_receive(:loop).and_raise(Interrupt.new)
+      end
+      it 'should bind to a higher port' do
+        run_output.should include("3307")
+      end
+    end
+
     context 'when host refuses connection' do
       before(:each) do
         Net::SSH.should_receive(:start).with(@uri.host, @uri.user).and_yield(@ssh).twice
@@ -149,19 +156,11 @@ describe RHC::Commands::PortForward do
           and_yield(nil, :stderr, "httpd -> #{haproxy_host_1}:8080\nhttpd -> #{haproxy_host_2}:8080\nmongodb -> #{mongo_host}:35541\nmysqld -> #{ipv6_host}:3306")
         forward = mock(Net::SSH::Service::Forward)
         @ssh.should_receive(:forward).at_least(3).times.and_return(forward)
-        if mac?
-          forward.should_receive(:local).with(8080, haproxy_host_1, 8080)
-          forward.should_receive(:local).with(8080, haproxy_host_2, 8080).and_raise(Errno::EADDRINUSE)
-          forward.should_receive(:local).with(8081, haproxy_host_2, 8080)
-          forward.should_receive(:local).with(35541, mongo_host, 35541)
-          forward.should_receive(:local).with(3306, ipv6_host, 3306)
-        else
-          forward.should_receive(:local).with(haproxy_host_1, 8080, haproxy_host_1, 8080)
-          forward.should_receive(:local).with(haproxy_host_2, 8080, haproxy_host_2, 8080).and_raise(Errno::EADDRINUSE)
-          forward.should_receive(:local).with(haproxy_host_2, 8081, haproxy_host_2, 8080)
-          forward.should_receive(:local).with(mongo_host, 35541, mongo_host, 35541)
-          forward.should_receive(:local).with(ipv6_host, 3306, ipv6_host, 3306)
-        end
+        forward.should_receive(:local).with(8080, haproxy_host_1, 8080)
+        forward.should_receive(:local).with(8080, haproxy_host_2, 8080).and_raise(Errno::EADDRINUSE)
+        forward.should_receive(:local).with(8081, haproxy_host_2, 8080)
+        forward.should_receive(:local).with(35541, mongo_host, 35541)
+        forward.should_receive(:local).with(3306, ipv6_host, 3306)
         @ssh.should_receive(:loop).and_raise(Interrupt.new)
       end
       it "should exit when user interrupts" do

data/spec/rhc/commands/server_spec.rb

@@ -11,13 +11,13 @@ describe RHC::Commands::Server do
     let(:arguments) { ['server', '--server', 'foo.com', '-l', 'person', '-p', ''] }
 
     context 'when server refuses connection' do
-      before { stub_request(:get, 'https://person:@foo.com/broker/rest/api').with(&user_agent_header).to_raise(SocketError) }
+      before { stub_request(:get, 'https://foo.com/broker/rest/api').with(&user_agent_header).with(&expect_authorization(:user => 'person')).to_raise(SocketError) }
       it('should output an error') { run_output.should =~ /Connected to foo.com.*Unable to connect to the server/m }
       it { expect { run }.should exit_with_code(1) }
     end
 
     context 'when API is missing' do
-      before { stub_request(:get, 'https://person:@foo.com/broker/rest/api').with(&user_agent_header).to_return(:status => 404) }
+      before { stub_request(:get, 'https://foo.com/broker/rest/api').with(&user_agent_header).with(&expect_authorization(:user => 'person')).to_return(:status => 404) }
       it('should output an error') { run_output.should =~ /Connected to foo.com.*server is not responding correctly/m }
       it { expect { run }.should exit_with_code(1) }
     end

data/spec/rhc/commands/setup_spec.rb

@@ -39,6 +39,18 @@ describe RHC::Commands::Setup do
 
   it{ command_for('setup').options.server.should == 'openshift.redhat.com' }
   it{ command_for('setup', '--server', 'foo.com').options.server.should == 'foo.com' }
+  it{ command_for('setup', '--no-create-token').options.create_token.should == false }
+  it{ command_for('setup', '--create-token').options.create_token.should == true }
+
+  context "when config has use_authorization_tokens=false" do
+    let!(:config){ base_config{ |c, d| d.add('use_authorization_tokens', 'false') } }
+    it{ command_for('setup').options.use_authorization_tokens.should == false }
+  end
+  context "when config has use_authorization_tokens=true" do
+    let!(:config){ base_config{ |c, d| d.add('use_authorization_tokens', 'true') } }
+    it{ command_for('setup').options.use_authorization_tokens.should == true }
+  end
+
 =begin  context 'when libra_server is set' do
     before{ ENV.should_receive(:[]).any_number_of_times.with('LIBRA_SERVER').and_return('bar.com') }
     it{ command_for('setup').config['libra_server'].should == 'bar.com' }

data/spec/rhc/config_spec.rb

@@ -6,6 +6,7 @@ describe RHC::Config do
   subject{ RHC::Config }
   before(:all) do
     ENV['LIBRA_SERVER'] = nil
+    ENV['HTTP_PROXY'] = nil
     ENV['http_proxy'] = nil
     mock_terminal
     RHC::Config.stub(:home_dir).and_return('/home/mock_user')
@@ -15,6 +16,8 @@ describe RHC::Config do
 
   after(:all) do
     FakeFS.deactivate!
+    ENV['HTTP_PROXY'] = nil
+    ENV['http_proxy'] = nil
   end
 
   describe "class" do
@@ -45,12 +48,12 @@ describe RHC::Config do
 
     context "with an non true value for insecure" do
       let(:values){ {'insecure' => 'untruth'} }
-      its(:to_options){ should == {:insecure => 'untruth'} }
+      its(:to_options){ should == {:insecure => false} }
     end
 
     context "with an invalid timeout" do
       let(:values){ {'timeout' => 'a'} }
-      its(:to_options){ should == {:timeout => 'a'} }
+      it{ expect{ subject.to_options }.to raise_error(ArgumentError) }
     end
 
     context "with standard values" do
@@ -63,9 +66,10 @@ describe RHC::Config do
           'ssl_client_cert_file' => 'file1',
           'ssl_ca_file' => 'file2',
           'timeout' => '1',
+          'use_authorization_tokens' => 'true',
         }
       end
-      its(:to_options){ should == {:insecure => 'true', :timeout => '1', :ssl_ca_file => 'file2', :ssl_client_cert_file => 'file1', :rhlogin => 'user', :password => 'pass', :server => 'test.com'} }
+      its(:to_options){ should == {:insecure => true, :timeout => 1, :ssl_ca_file => 'file2', :ssl_client_cert_file => 'file1', :rhlogin => 'user', :password => 'pass', :server => 'test.com', :use_authorization_tokens => true} }
     end
   end