ror-rubycas-server 1.0.a

data/spec/alt_config.yml

@@ -0,0 +1,50 @@
+server: webrick
+port: 6543
+#ssl_cert: test.pem
+uri_path: /test
+#bind_address: 0.0.0.0
+
+# database:
+#   adapter: mysql
+#   database: casserver
+#   username: root
+#   password: 
+#   host: localhost
+#   reconnect: true
+database:
+ adapter: sqlite3
+ database: spec/casserver_spec.db
+ 
+disable_auto_migrations: true
+
+quiet: true
+
+authenticator:
+  class: CASServer::Authenticators::Test
+  password: spec_password
+
+theme: simple
+
+organization: "RSPEC-TEST"
+
+infoline: "This is an rspec test."
+
+#custom_views: /path/to/custom/views
+
+default_locale: en
+
+log:
+  file: casserver_spec.log
+  level: DEBUG
+
+#db_log:
+#  file: casserver_spec_db.log
+
+enable_single_sign_out: true
+
+#maximum_unused_login_ticket_lifetime: 300
+#maximum_unused_service_ticket_lifetime: 300
+
+#maximum_session_lifetime: 172800
+
+#downcase_username: true

data/spec/authenticators/ldap_spec.rb

@@ -0,0 +1,53 @@
+# encoding: UTF-8
+require File.dirname(__FILE__) + '/../spec_helper'
+
+require 'casserver/authenticators/ldap'
+
+describe CASServer::Authenticators::LDAP do
+  before do
+    @ldap_entry = mock(Net::LDAP::Entry.new)
+    @ldap_entry.stub!(:[]).and_return("Test")
+    
+    @ldap = mock(Net::LDAP)
+    @ldap.stub!(:host=)
+    @ldap.stub!(:port=)
+    @ldap.stub!(:encryption)
+    @ldap.stub!(:bind_as).and_return(true)
+    @ldap.stub!(:authenticate).and_return(true)
+    @ldap.stub!(:search).and_return([@ldap_entry])
+    
+    Net::LDAP.stub!(:new).and_return(@ldap)
+  end
+  
+  describe '#validate' do
+
+    it 'validate with preauthentication and with extra attributes' do
+      auth = CASServer::Authenticators::LDAP.new
+
+      auth_config = HashWithIndifferentAccess.new(
+        :ldap => {
+          :host => "ad.example.net",
+          :port => 389,
+          :base => "dc=example,dc=net",
+          :filter => "(objectClass=person)",
+          :auth_user => "authenticator",
+          :auth_password => "itsasecret"
+        },
+        :extra_attributes => [:full_name, :address]
+      )
+      
+      auth.configure(auth_config.merge('auth_index' => 0))
+      auth.validate(
+        :username => 'validusername',
+        :password => 'validpassword',
+        :service =>  'test.service',
+        :request => {}
+      ).should == true
+      
+      auth.extra_attributes.should == {:full_name => 'Test', :address => 'Test'}
+    end
+    
+  end
+end
+
+

data/spec/casserver_spec.rb

@@ -0,0 +1,141 @@
+# encoding: UTF-8
+require File.dirname(__FILE__) + '/spec_helper'
+
+$LOG = Logger.new(File.basename(__FILE__).gsub('.rb','.log'))
+
+RSpec.configure do |config|
+  config.include Capybara
+end
+
+VALID_USERNAME = 'spec_user'
+VALID_PASSWORD = 'spec_password'
+
+INVALID_PASSWORD = 'invalid_password'
+
+describe 'CASServer' do
+  
+  before do
+    @target_service = 'http://my.app.test'
+  end
+
+  describe "/login" do
+    before do
+      load_server(File.dirname(__FILE__) + "/default_config.yml")
+      reset_spec_database
+    end
+
+    it "logs in successfully with valid username and password without a target service" do
+      visit "/login"
+      
+      fill_in 'username', :with => VALID_USERNAME
+      fill_in 'password', :with => VALID_PASSWORD
+      click_button 'login-submit'
+      
+      page.should have_content("You have successfully logged in")
+    end
+
+    it "fails to log in with invalid password" do
+      visit "/login"
+      fill_in 'username', :with => VALID_USERNAME
+      fill_in 'password', :with => INVALID_PASSWORD
+      click_button 'login-submit'
+
+      page.should have_content("Incorrect username or password")
+    end
+
+    it "logs in successfully with valid username and password and redirects to target service" do
+      visit "/login?service="+CGI.escape(@target_service)
+
+      fill_in 'username', :with => VALID_USERNAME
+      fill_in 'password', :with => VALID_PASSWORD
+      
+      click_button 'login-submit'
+
+      page.current_url.should =~ /^#{Regexp.escape(@target_service)}\/?\?ticket=ST\-[1-9rA-Z]+/
+    end
+
+    it "preserves target service after invalid login" do
+      visit "/login?service="+CGI.escape(@target_service)
+
+      fill_in 'username', :with => VALID_USERNAME
+      fill_in 'password', :with => INVALID_PASSWORD
+      click_button 'login-submit'
+
+      page.should have_content("Incorrect username or password")
+      page.should have_xpath('//input[@id="service"]', :value => @target_service)
+    end
+
+    it "uses appropriate localization when 'lang' prameter is given (make sure you've run `rake localization:mo` first!!)" do
+      visit "/login?lang=pl"
+      page.should have_content("Użytkownik")
+
+      visit "/login?lang=pt_BR"
+      page.should have_content("Usuário")
+
+      visit "/login?lang=en"
+      page.should have_content("Username")
+    end
+
+  end # describe '/login'
+
+
+  describe '/logout' do
+
+    before do
+      load_server(File.dirname(__FILE__) + "/default_config.yml")
+      reset_spec_database
+    end
+
+    it "logs out successfully" do
+      visit "/logout"
+      
+      page.should have_content("You have successfully logged out")
+    end
+
+    it "logs out successfully and redirects to target service" do
+      visit "/logout?gateway=true&service="+CGI.escape(@target_service)
+      
+      page.current_url.should =~ /^#{Regexp.escape(@target_service)}\/?/
+    end
+
+  end # describe '/logout'
+  
+  describe 'Configuration' do
+    it "uri_path value changes prefix of routes" do
+      load_server(File.dirname(__FILE__) + "/alt_config.yml")
+      @target_service = 'http://my.app.test'
+      
+      visit "/test/login"
+      page.status_code.should_not == 404
+      
+      visit "/test/logout"
+      page.status_code.should_not == 404
+    end
+  end
+
+  describe "proxyValidate" do
+    before do
+      load_server(File.dirname(__FILE__) + "/default_config.yml")
+      reset_spec_database
+
+      visit "/login?service="+CGI.escape(@target_service)
+
+      fill_in 'username', :with => VALID_USERNAME
+      fill_in 'password', :with => VALID_PASSWORD
+      
+      click_button 'login-submit'
+
+      page.current_url.should =~ /^#{Regexp.escape(@target_service)}\/?\?ticket=ST\-[1-9rA-Z]+/
+      @ticket = page.current_url.match(/ticket=(.*)$/)[1]
+    end
+
+    it "should have extra attributes in proper format" do
+      visit "/serviceValidate?service=#{CGI.escape(@target_service)}&ticket=#{@ticket}"
+
+      encoded_utf_string = "Ютф" # actual string is "Ютф"
+      page.body.should match("<test_utf_string>#{encoded_utf_string}</test_utf_string>")
+      page.body.should match("<test_numeric>123.45</test_numeric>")
+      page.body.should match("<test_utf_string>&#1070;&#1090;&#1092;</test_utf_string>")
+    end
+  end
+end

data/spec/database.yml

@@ -0,0 +1,5 @@
+development:
+  adapter: sqlite3
+  
+production:
+  adapter: postgresql

data/spec/default_config.yml

@@ -0,0 +1,73 @@
+all: &all
+  server: webrick
+  port: 6543
+  #ssl_cert: test.pem
+  #uri_path: /cas
+  #bind_address: 0.0.0.0
+
+  # database:
+  #   adapter: mysql
+  #   database: casserver
+  #   username: root
+  #   password: 
+  #   host: localhost
+  #   reconnect: true
+  database:
+   adapter: sqlite3
+   database: spec/casserver_spec.db
+   
+  disable_auto_migrations: true
+
+  quiet: true
+
+  authenticator:
+    class: CASServer::Authenticators::Test
+    password: spec_password
+    database:
+      adapter: mysql
+
+  theme: simple
+
+  organization: "RSPEC-TEST"
+
+  infoline: "This is an rspec test."
+
+  #custom_views: /path/to/custom/views
+
+  default_locale: en
+
+  log:
+    file: casserver_spec.log
+    level: DEBUG
+
+  #db_log:
+  #  file: casserver_spec_db.log
+
+  enable_single_sign_out: true
+
+  #maximum_unused_login_ticket_lifetime: 300
+  #maximum_unused_service_ticket_lifetime: 300
+
+  #maximum_session_lifetime: 172800
+
+  #downcase_username: true
+  
+  
+production: 
+  <<: *all
+  server: thin
+  authenticator:
+    class: CASServer::Authenticators::SQL
+    database: inherit
+    user_table: users
+    username_column: email
+    password_column: password
+    
+  
+test:
+  <<: *all
+  server: mongrel
+  
+development:
+  <<: *all
+  server: apache

data/spec/model_spec.rb

@@ -0,0 +1,42 @@
+# encoding: UTF-8
+require File.dirname(__FILE__) + '/spec_helper'
+
+module CASServer
+end
+require 'casserver/model'
+
+describe CASServer::Model::LoginTicket, '.cleanup(max_lifetime, max_unconsumed_lifetime)' do
+  let(:max_lifetime) { -1 }
+  let(:max_unconsumed_lifetime) { -2 }
+
+  before do
+    load_server(File.dirname(__FILE__) + "/default_config.yml")
+    reset_spec_database
+    
+    CASServer::Model::LoginTicket.create :ticket => 'test', :client_hostname => 'test.local'
+  end
+
+  it 'should destroy all tickets created before the max lifetime' do
+    expect {
+      CASServer::Model::LoginTicket.cleanup(max_lifetime, max_unconsumed_lifetime)
+    }.to change(CASServer::Model::LoginTicket, :count).by(-1)
+  end
+
+  it 'should destroy all unconsumed tickets not exceeding the max lifetime' do
+    expect {
+      CASServer::Model::LoginTicket.cleanup(max_lifetime, max_unconsumed_lifetime)
+    }.to change(CASServer::Model::LoginTicket, :count).by(-1)
+  end
+end
+
+describe CASServer::Model::LoginTicket, '#to_s' do
+  let(:ticket) { 'test' }
+
+  before do
+    @login_ticket = CASServer::Model::LoginTicket.new :ticket => ticket
+  end
+
+  it 'should delegate #to_s to #ticket' do
+    @login_ticket.to_s.should == ticket
+  end
+end

data/spec/options_hash_spec.rb

@@ -0,0 +1,146 @@
+# encoding: UTF-8
+require File.dirname(__FILE__) + '/spec_helper'
+# Hmmm.. Should I need to do this?
+require 'casserver/options_hash'
+
+describe OptionsHash do
+
+	describe "creation" do
+		it "should not raise" do
+			lambda {OptionsHash.new}.should_not raise_error
+		end
+	end
+	
+	describe "environment method" do
+		before :each do
+			@options = OptionsHash.new
+		end
+		it "should store an environment attribute" do
+			@options.environment = :development
+			@options.environment.should == :development
+		end
+	end
+	
+	describe "load_config method," do
+		before :each do
+			@options = OptionsHash.new
+		end
+		it "should raise when it doesn't know the environment" do
+			lambda {@options.load_config "spec/default_config.yml"}.should raise_error(OptionsHash::EnvironmentMissing)
+		end
+		describe "given a set environment," do
+			before :each do
+				@options.environment = :development
+			end
+			it "should raise an argument error when you pass something silly in" do
+				lambda {@options.load_config :silly}.should raise_error(ArgumentError)
+				lambda {@options.load_config 51117}.should raise_error(ArgumentError)
+			end
+			it "should load a config file string without error" do
+				lambda {@options.load_config "spec/default_config.yml"}.should_not raise_error
+			end
+			it "should load a config file without error" do
+				file = File.new "spec/default_config.yml"
+				lambda {@options.load_config file}.should_not raise_error
+			end
+
+			describe "data loading" do
+				before :each do
+					@options.environment = :development
+					@options.load_config "spec/default_config.yml"
+				end
+				it "should assign things correctly from all" do
+					@options[:port].should == 6543
+				end
+				it "should assign environment specific options" do
+					@options[:server].should == "apache"
+					production_options = OptionsHash.new
+					production_options.environment = :production
+					production_options.load_config "spec/default_config.yml"
+					production_options[:server].should == "thin"
+				end
+			end
+			
+		end
+	end
+	
+	describe "load_database_config method" do
+		before :each do
+			@development_options = OptionsHash.new
+			@production_options = OptionsHash.new
+		end
+		it "should not work without assignment of environment" do
+			lambda {@development_options.load_database_config "spec/database.yml"}.should raise_error(OptionsHash::EnvironmentMissing)
+		end
+		describe "when environment attribute is assigned" do
+		
+			before :each do
+				@development_options.environment = :development
+				@production_options.environment = :production
+			end	
+			
+			it "should not raise when a filename string is passed in" do
+				lambda {@development_options.load_database_config "spec/database.yml"}.should_not raise_error
+			end
+			
+			it "should not raise when a file is passed in" do
+				file = File.new "spec/database.yml"
+				lambda {@development_options.load_database_config file}.should_not raise_error
+			end
+			
+			describe "post data loading should have the appropriate data loaded" do
+				before :each do
+					@development_options.load_database_config "spec/database.yml"
+					@production_options.load_database_config "spec/database.yml"
+				end
+				it "for development" do
+					@development_options[:database][:adapter].should == "sqlite3"
+				end
+				it "for production" do
+					@production_options[:database][:adapter].should == "postgresql"
+				end
+			end
+			
+			describe "primary configuration overriding" do
+				before :each do
+					@production_options.load_config "spec/default_config.yml"
+				end
+				it "should work" do
+					@production_options[:database][:adapter].should == "sqlite3"
+					@production_options.load_database_config "spec/database.yml"
+					@production_options[:database][:adapter].should == "postgresql"
+				end
+			end
+			
+		end
+	end
+	
+	describe "inherit_authenticator_database! method" do
+		before :each do
+			@options = OptionsHash.new
+			@options.environment = :production
+			@options.load_config "spec/default_config.yml"
+		end
+		it "should work" do
+			@options[:authenticator][:database].should == "inherit"
+			@options.inherit_authenticator_database!
+			@options[:authenticator][:database].should_not == "inherit"
+			@options[:authenticator][:database][:adapter].should == "sqlite3"
+		end
+		it "should work after loading database.yml" do
+			@options.load_database_config "spec/database.yml"
+			@options[:authenticator][:database].should == "inherit"
+			@options.inherit_authenticator_database!
+			@options[:authenticator][:database].should_not == "inherit"
+			@options[:authenticator][:database][:adapter].should == "postgresql"
+		end
+		it "should do nothing when it should do nothing" do
+			options = OptionsHash.new
+			options.environment = :development
+			options.load_config "spec/default_config.yml"
+			options[:authenticator][:database][:adapter].should == "mysql"
+			options.inherit_authenticator_database!
+			options[:authenticator][:database][:adapter].should == "mysql"
+		end
+	end
+end