savon 2.0.3 → 2.1.0

data/spec/fixtures/ssl/client_encrypted_key.pem

@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIi+Fi+FH7OtACAggA
+MBQGCCqGSIb3DQMHBAivzaRTYRNk4QSCBMhnQ7/NN0ljkAwADHknQi4dgbBU+FV+
+vY+ypRCTLp7UongPMDS+pC6TyOFGeHz4Yri3UvmEIN5DlBlAfjPI6+lBswjOIrpw
+6CaZXrX4oefjh73c2OcQlYKw9w03ppfmfO0v1t6oPLiK6M8sNQ5lgb8d9eG3r6Dp
+LqIp4I6WeGcoXIpVYE35sz6wmLQ2Q626KY/5BPVAgMVG3K1g1haxZIAQBQE63cqz
+JK3IUiG2r6Q6vOyZ+Iz9KolEf3RVvW/RgOrb0dLbbLkDOL8G6dXDgWEeYtqGZpPR
+BktU2Kf7lr0BAgbI3eLubmIufhonoV4VkHVYu1ZSACwSl2HEqDl5aF5hP3wOtfS5
+Ls62Z1ATO/24dG1oI8xL3YCeTzoa1Lmyeh+HFRncoVU5CdQgyzY9d5yr1x70AwN+
+MpVwd0+WGyESiRVd4dN8n99SY/bTaYJxv8P+wOrbjld9Q3mF3vxx6Nkkfboai1wD
+bY9i/B5/TZip5FBnZbJiYakc+yoB6Bf1UuIZA9T9EIY2K7VhTeuEjTTqJVf7dp/C
+ZqVSNCHO3eAUMByrshznw2YCia8Q1VAXgIbnZ8RvUxxIZVUDTxuWPkBJkcrmMgKt
+GvD2YYIOIuFwTLCFBTlcXNl8kNYc9VRAnK7efi9xrzINod0VSV5hj1PYT4e2khnS
+4cngMTbbNwWP8Rg7pSxzwWIwc8Zkytde5gnfkBFv+g8o+JRM2ZB3wkiUhEkf0Vht
+gl3K9LFqdqN+EsRjXR/a16sVK3Uer7zcy/NLzvo/rF0YKRmb+apDIFO/vtCX9qyH
++pBofVO+RNb2T2ZY1iSvyjv/d7nNXRnLArecralQjekh+AKIBsl5R0nsSnQu6ydn
+yDteKDuOPnVl4qQowVbmGg7juHW9j4u98H7cW4RN/txegG1J7gbFFdl2bjYQ/PGZ
+iAG53QvjmvRRaiPCNOB3PYm1yO/1vCPAKlOeBYywF53BSxCDx9OjP0eXROdQGiZV
+XEkDqf742R9/8Fy1ETcriEzRVWv4nSRmB+yfMfHcTZZiJnEF9RUYQVxBVfpwBi8t
+I8N46L2iNeY4itbN8Ke3U3EfntdoZMNI1uN/haDmLFuRuzZIBkSl3YsnsDJXaT5P
+KjPPiZWkxsC3KUYeisefjNHonkM6JXqAy9ElyWrjSPhioMLTy3Qwus8NPGLWkMfI
+bpy7Z63xRf9tifXoANLOqC/VVXOCn4m/eEUAMi0EQZ7QbysopFigiri/MFidXf90
+aIUMiPmCTzLDBJfHozyalMVf3aJFbDJdlAmFtasAP1aPgqReAb9s+6U3wkE8VtGB
+rneBPhejj9FzrWMludgPLDRvfzr6/0nG2GC7XbOnKPd0RbKFtZaJuT18Jhil5Bwb
+S2MBrUnxMmOge9N5ZIyzXk+lPFRMkHmY64h+P/Op9w8tVYCFlj4HjAboVpJAGIq4
+gPgT3Q/0ghRyyBjBrmSDuk+/1s7qc/lWUONFAJaSCRdhpM9I8il5QYHPM6Z9JCg+
+PrfHftP+bU0xht7mVI5ew1OjWTZEym0/ALEyqddLz0qFYejKSemx8EMze8cN2wEE
+OTAqyVBLo+7HJ2FbIXMgRNSc4P77jmeEG0/4WsreMOeI1/6nOiwqvipuLY9ojc9v
+TGQ=
+-----END ENCRYPTED PRIVATE KEY-----

data/spec/fixtures/ssl/client_encrypted_key_cert.pem

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEBTCCAu2gAwIBAgIJAKoJLHwFIyVbMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD
+VQQGEwJVUzERMA8GA1UECAwIVmlyZ2luaWExEzARBgNVBAcMCkFsZXhhbmRyaWEx
+GDAWBgNVBAoMD1Rlc3RpbmcgQ28sIExMQzEQMA4GA1UECwwHVGVzdGluZzEUMBIG
+A1UEAwwLZXhhbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBsZS5j
+b20wHhcNMTMwMTI1MTUwNDEwWhcNNDMwMTE4MTUwNDEwWjCBmDELMAkGA1UEBhMC
+VVMxETAPBgNVBAgMCFZpcmdpbmlhMRMwEQYDVQQHDApBbGV4YW5kcmlhMRgwFgYD
+VQQKDA9UZXN0aW5nIENvLCBMTEMxEDAOBgNVBAsMB1Rlc3RpbmcxFDASBgNVBAMM
+C2V4YW1wbGUuY29tMR8wHQYJKoZIhvcNAQkBFhB0ZXN0QGV4YW1wbGUuY29tMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gYiV5ufeedy/paVEJ9eJAZo
+t3zFO+9UJzrIFWGhDdTB8AwX6ZE3koKV105i3nRKN+I6dS6+7APB607CqTqdzuqa
+/5qLnV2d73BuTAZabeClE4/8HXsDoQH42KcPQfVQ/nCuTPjuGUEUqIWVFpwKcZmV
+UP82Ezf31fOqtzVI6cSgOwWSflgFFdKRyCk0R1eNznRj2rvfYtypIplV715d1Qqk
+k+XXmMIWIobNT/utgf6n39e89VPzu9EZ5vSpCflWvCkeAnjavWLD/MJktRJqQqlx
+dFTWvzIxYAhJR6M+zB4a6UGDzj6NG1ujrtIdBaK1Jq6iXO4WDryRMs8RPF0UmwID
+AQABo1AwTjAdBgNVHQ4EFgQUjEykvRbAg/ju1UIvMuozlXzKRpYwHwYDVR0jBBgw
+FoAUjEykvRbAg/ju1UIvMuozlXzKRpYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOCAQEAhvgvCfZcQlEJwRZMYd1AUOS39fs90Nc5hezaIN1I6bqzW0+ka45Y
+MAxcq7BTOZfVO+DTEAB/IW7yR4Np8mzWSp7gDnyP3wyOX4Lce2lUZQ2fQI71pupf
+tXwpp0bGGgzeUeJK8MFBUiFMUBiJuUMsY2hYIqJ2gYlazMEQp67jV0fdgcgj3nak
+3cnC9GbHZj/QXwRAlj3dp1CDrMHqvbrCZ6jW7YS/+dVUn24oMadyIX0E88EBgP+l
+Wu4gvzn2nkV8L4Ukcspt7Mqvr/YGlWu/8GPVACUp1AdZH7YJ7ARZE7SVgxR/iNGd
+HJclQ/939s63ZNrnsOR+6qrhcC3c83UARw==
+-----END CERTIFICATE-----

data/spec/integration/support/application.rb

@@ -1,4 +1,5 @@
 require "rack/builder"
+require "json"
 
 class IntegrationServer
 
@@ -38,15 +39,16 @@ class IntegrationServer
       }
     end
 
-    map "/repeat_header" do
+    map "/inspect_request" do
       run lambda { |env|
-        IntegrationServer.respond_with :body => env["HTTP_REPEAT_HEADER"]
-      }
-    end
-
-    map "/inspect_header" do
-      run lambda { |env|
-        IntegrationServer.respond_with :body => env[env["HTTP_INSPECT"]]
+        body = {
+          :soap_action  => env["HTTP_SOAPACTION"],
+          :cookie       => env["HTTP_COOKIE"],
+          :x_token      => env["HTTP_X_TOKEN"],
+          :content_type => env["CONTENT_TYPE"]
+        }
+
+        IntegrationServer.respond_with :body => JSON.dump(body)
       }
     end
 

data/spec/savon/client_spec.rb

@@ -28,6 +28,20 @@ describe Savon::Client do
       expect(client.globals[:wsdl]).to eq(Fixture.wsdl(:authentication))
     end
 
+    it "builds an HTTPI request for Wasabi" do
+      http_request = mock
+      wsdl_request = mock(:build => http_request)
+      Savon::WSDLRequest.expects(:new).with(instance_of(Savon::GlobalOptions)).returns(wsdl_request)
+
+      Wasabi::Document.any_instance.expects(:request=).with(http_request)
+      Savon.client(:wsdl => "http://example.com")
+    end
+
+    it "raises if initialized with anything other than a Hash" do
+      expect { Savon.client("http://example.com") }.
+        to raise_error(Savon::InitializationError, /Some code tries to initialize Savon with the "http:\/\/example\.com" \(String\)/)
+    end
+
     it "raises if not initialized with either a :wsdl or both :endpoint and :namespace options" do
       expect { Savon.client(:endpoint => "http://example.com") }.
         to raise_error(Savon::InitializationError, /Expected either a WSDL document or the SOAP endpoint and target namespace options/)
@@ -75,29 +89,17 @@ describe Savon::Client do
       wsdl = Wasabi::Document.new('http://example.com')
       operation = Savon::Operation.new(:authenticate, wsdl, Savon::GlobalOptions.new)
       operation.expects(:call).with(locals).returns(soap_response)
-      Savon::Operation.expects(:create).returns(operation)
+
+      Savon::Operation.expects(:create).with(
+        :authenticate,
+        instance_of(Wasabi::Document),
+        instance_of(Savon::GlobalOptions)
+      ).returns(operation)
 
       response = new_client.call(:authenticate, locals)
       expect(response).to eq(soap_response)
     end
 
-    it "sets the cookies for the next request" do
-      last_response = new_http_response(:headers => { "Set-Cookie" => "some-cookie=choc-chip; Path=/; HttpOnly" })
-      client = new_client
-
-      HTTPI.stubs(:post).returns(last_response)
-
-      # does not try to set cookies for the first request
-      HTTPI::Request.any_instance.expects(:set_cookies).never
-      client.call(:authenticate)
-
-      HTTPI.stubs(:post).returns(new_http_response)
-
-      # sets cookies from the last response
-      HTTPI::Request.any_instance.expects(:set_cookies).with(last_response)
-      client.call(:authenticate)
-    end
-
     it "supports a block without arguments to call an operation with local options" do
       client = new_client(:endpoint => @server.url(:repeat))
 
@@ -121,6 +123,13 @@ describe Savon::Client do
       expect(response.http.body).to include("<symbol>AAPL</symbol>")
     end
 
+    it "accepts arguments for the message tag" do
+      client   = new_client(:endpoint => @server.url(:repeat))
+      response = client.call(:authenticate, :attributes => { "ID" => "ABC321"})
+
+      expect(response.http.body).to include('<tns:authenticate ID="ABC321">')
+    end
+
     it "raises when the operation name is not a symbol" do
       expect { new_client.call("not a symbol") }.to raise_error(
         ArgumentError,

data/spec/savon/operation_spec.rb

@@ -1,11 +1,25 @@
 require "spec_helper"
 require "integration/support/server"
+require "json"
+require "ostruct"
 
 describe Savon::Operation do
 
   let(:globals) { Savon::GlobalOptions.new(:endpoint => @server.url(:repeat), :log => false) }
-  let(:wsdl)    { Wasabi::Document.new Fixture.wsdl(:authentication) }
-  let(:no_wsdl) { Wasabi::Document.new }
+  let(:wsdl)    { Wasabi::Document.new Fixture.wsdl(:taxcloud) }
+
+  let(:no_wsdl) {
+    wsdl = Wasabi::Document.new
+
+    wsdl.endpoint  = "http://example.com"
+    wsdl.namespace = "http://v1.example.com"
+
+    wsdl
+  }
+
+  def new_operation(operation_name, wsdl, globals)
+    Savon::Operation.create(operation_name, wsdl, globals)
+  end
 
   before :all do
     @server = IntegrationServer.run
@@ -17,33 +31,124 @@ describe Savon::Operation do
 
   describe ".create with a WSDL" do
     it "returns a new operation" do
-      operation = Savon::Operation.create(:authenticate, wsdl, globals)
+      operation = new_operation(:verify_address, wsdl, globals)
       expect(operation).to be_a(Savon::Operation)
     end
 
     it "raises if the operation name is not a Symbol" do
-      expect { Savon::Operation.create("not a symbol", wsdl, globals) }.
+      expect { new_operation("not a symbol", wsdl, globals) }.
         to raise_error(ArgumentError, /Expected the first parameter \(the name of the operation to call\) to be a symbol/)
     end
 
     it "raises if the operation is not available for the service" do
-      expect { Savon::Operation.create(:no_such_operation, wsdl, globals) }.
+      expect { new_operation(:no_such_operation, wsdl, globals) }.
         to raise_error(ArgumentError, /Unable to find SOAP operation: :no_such_operation/)
     end
   end
 
   describe ".create without a WSDL" do
     it "returns a new operation" do
-      operation = Savon::Operation.create(:authenticate, no_wsdl, globals)
+      operation = new_operation(:verify_address, no_wsdl, globals)
       expect(operation).to be_a(Savon::Operation)
     end
   end
 
   describe "#call" do
     it "returns a response object" do
-      operation = Savon::Operation.create(:authenticate, wsdl, globals)
+      operation = new_operation(:verify_address, wsdl, globals)
       expect(operation.call).to be_a(Savon::Response)
     end
+
+    it "uses the global :endpoint option for the request" do
+      globals.endpoint("http://v1.example.com")
+      HTTPI::Request.any_instance.expects(:url=).with("http://v1.example.com")
+
+      operation = new_operation(:verify_address, wsdl, globals)
+
+      # stub the actual request
+      http_response = HTTPI::Response.new(200, {}, "")
+      operation.expects(:call!).returns(http_response)
+
+      operation.call
+    end
+
+    it "falls back to use the WSDL's endpoint if the :endpoint option was not set" do
+      globals_without_endpoint = Savon::GlobalOptions.new(:log => false)
+      HTTPI::Request.any_instance.expects(:url=).with(wsdl.endpoint)
+
+      operation = new_operation(:verify_address, wsdl, globals_without_endpoint)
+
+      # stub the actual request
+      http_response = HTTPI::Response.new(200, {}, "")
+      operation.expects(:call!).returns(http_response)
+
+      operation.call
+    end
+
+    it "sets the Content-Length header" do
+      # XXX: probably the worst spec ever written. refactor! [dh, 2013-01-05]
+      http_request = HTTPI::Request.new
+      http_request.headers.expects(:[]=).with("Content-Length", "312")
+      Savon::SOAPRequest.any_instance.expects(:build).returns(http_request)
+
+      new_operation(:verify_address, wsdl, globals).call
+    end
+
+    it "passes the local :soap_action option to the request builder" do
+      globals.endpoint @server.url(:inspect_request)
+      soap_action = "http://v1.example.com/VerifyAddress"
+
+      operation = new_operation(:verify_address, wsdl, globals)
+      response  = operation.call(:soap_action => soap_action)
+
+      actual_soap_action = inspect_request(response).soap_action
+      expect(actual_soap_action).to eq(%("#{soap_action}"))
+    end
+
+    it "uses the local :cookies option" do
+      globals.endpoint @server.url(:inspect_request)
+      cookies = [HTTPI::Cookie.new("some-cookie=choc-chip")]
+
+      HTTPI::Request.any_instance.expects(:set_cookies).with(cookies)
+
+      operation = new_operation(:verify_address, wsdl, globals)
+      operation.call(:cookies => cookies)
+    end
+
+    it "passes nil to the request builder if the :soap_action was set to nil" do
+      globals.endpoint @server.url(:inspect_request)
+
+      operation = new_operation(:verify_address, wsdl, globals)
+      response  = operation.call(:soap_action => nil)
+
+      actual_soap_action = inspect_request(response).soap_action
+      expect(actual_soap_action).to be_nil
+    end
+
+    it "gets the SOAP action from the WSDL if available" do
+      globals.endpoint @server.url(:inspect_request)
+
+      operation = new_operation(:verify_address, wsdl, globals)
+      response  = operation.call
+
+      actual_soap_action = inspect_request(response).soap_action
+      expect(actual_soap_action).to eq('"http://taxcloud.net/VerifyAddress"')
+    end
+
+    it "falls back to Gyoku if both option and WSDL are not available" do
+      globals.endpoint @server.url(:inspect_request)
+
+      operation = new_operation(:authenticate, no_wsdl, globals)
+      response  = operation.call
+
+      actual_soap_action = inspect_request(response).soap_action
+      expect(actual_soap_action).to eq(%("authenticate"))
+    end
+  end
+
+  def inspect_request(response)
+    hash = JSON.parse(response.http.body)
+    OpenStruct.new(hash)
   end
 
 end

data/spec/savon/options_spec.rb

@@ -1,5 +1,8 @@
 require "spec_helper"
 require "integration/support/server"
+require "json"
+require "ostruct"
+require "logger"
 
 describe "Options" do
 
@@ -34,6 +37,16 @@ describe "Options" do
     end
   end
 
+  context "global :namespaces" do
+    it "adds additional namespaces to the SOAP envelope" do
+      namespaces = { "xmlns:whatever" => "http://whatever.example.com" }
+      client = new_client(:endpoint => @server.url(:repeat), :namespaces => namespaces)
+      response = client.call(:authenticate)
+
+      expect(response.http.body).to include('xmlns:whatever="http://whatever.example.com"')
+    end
+  end
+
   context "global :proxy" do
     it "sets the proxy server to use" do
       proxy_url = "http://example.com"
@@ -48,10 +61,12 @@ describe "Options" do
 
   context "global :headers" do
     it "sets the HTTP headers for the next request" do
-      client = new_client(:endpoint => @server.url(:repeat_header), :headers => { "Repeat-Header" => "savon" })
+      client = new_client(:endpoint => @server.url(:inspect_request), :headers => { "X-Token" => "secret" })
 
       response = client.call(:authenticate)
-      expect(response.http.body).to eq("savon")
+      x_token  = inspect_request(response).x_token
+
+      expect(x_token).to eq("secret")
     end
   end
 
@@ -60,8 +75,16 @@ describe "Options" do
       non_routable_ip = "http://10.255.255.1"
       client = new_client(:endpoint => non_routable_ip, :open_timeout => 1)
 
-      # TODO: make HTTPI tag timeout errors, then depend on HTTPI::TimeoutError instead of a specific client error [dh, 2012-12-08]
-      expect { client.call(:authenticate) }.to raise_error(HTTPClient::ConnectTimeoutError)
+      expect { client.call(:authenticate) }.to raise_error { |error|
+        if error.kind_of? Errno::EHOSTUNREACH
+          warn "Warning: looks like your network may be down?!\n" +
+               "-> skipping spec at #{__FILE__}:#{__LINE__}"
+        else
+          # TODO: make HTTPI tag timeout errors, then depend on HTTPI::TimeoutError
+          #       instead of a specific client error [dh, 2012-12-08]
+          expect(error).to be_an(HTTPClient::ConnectTimeoutError)
+        end
+      }
     end
   end
 
@@ -69,7 +92,8 @@ describe "Options" do
     it "makes the client timeout after n seconds" do
       client = new_client(:endpoint => @server.url(:timeout), :open_timeout => 1, :read_timeout => 1)
 
-      expect { client.call(:authenticate) }.to raise_error(HTTPClient::ReceiveTimeoutError)
+      expect { client.call(:authenticate) }.
+        to raise_error(HTTPClient::ReceiveTimeoutError)
     end
   end
 
@@ -82,11 +106,11 @@ describe "Options" do
     end
 
     it "changes the Content-Type header" do
-      client = new_client(:endpoint => @server.url(:inspect_header), :encoding => "ISO-8859-1",
-                          :headers => { "Inspect" => "CONTENT_TYPE" })
+      client = new_client(:endpoint => @server.url(:inspect_request), :encoding => "ISO-8859-1")
 
       response = client.call(:authenticate)
-      expect(response.http.body).to eq("text/xml;charset=ISO-8859-1")
+      content_type = inspect_request(response).content_type
+      expect(content_type).to eq("text/xml;charset=ISO-8859-1")
     end
   end
 
@@ -115,14 +139,6 @@ describe "Options" do
       expect(response.http.body).to include("<user>lea</user>")
       expect(response.http.body).to include("<password>top-secret</password>")
     end
-
-    it "allows overwriting the SOAPAction HTTP header" do
-      client = new_client(:endpoint => @server.url(:inspect_header),
-                          :headers => { "Inspect" => "HTTP_SOAPACTION" })
-
-      response = client.call(:authenticate)
-      expect(response.http.body).to eq('"authenticate"')
-    end
   end
 
   context "global :env_namespace" do
@@ -195,15 +211,43 @@ describe "Options" do
   end
 
   context "global :log" do
-    it "silences HTTPI" do
+    it "instructs Savon not to log SOAP requests and responses" do
+      stdout = mock_stdout {
+        client = new_client(:endpoint => @server.url, :log => false)
+        client.call(:authenticate)
+      }
+
+      expect(stdout.string).to be_empty
+    end
+
+    it "silences HTTPI as well" do
       HTTPI.expects(:log=).with(false)
       new_client(:log => false)
     end
 
+    it "instructs Savon to log SOAP requests and responses" do
+      stdout = mock_stdout {
+        client = new_client(:endpoint => @server.url, :log => true)
+        client.call(:authenticate)
+      }
+
+      expect(stdout.string).to include("INFO -- : SOAP request")
+    end
+
     it "turns HTTPI logging back on as well" do
       HTTPI.expects(:log=).with(true)
       new_client(:log => true)
     end
+
+    def mock_stdout
+      stdout = StringIO.new
+      $stdout = stdout
+
+      yield
+
+      $stdout = STDOUT
+      stdout
+    end
   end
 
   context "global :logger" do
@@ -211,6 +255,15 @@ describe "Options" do
       logger = new_client.globals[:logger]
       expect(logger).to be_a(Logger)
     end
+
+    it "allows a custom logger to be set" do
+      custom_logger = Logger.new($stdout)
+
+      client = new_client(:logger => custom_logger, :log => true)
+      logger = client.globals[:logger]
+
+      expect(logger).to eq(custom_logger)
+    end
   end
 
   context "global :log_level" do
@@ -257,7 +310,7 @@ describe "Options" do
 
   context "global :ssl_version" do
     it "sets the SSL version to use" do
-      HTTPI::Auth::SSL.any_instance.expects(:ssl_version=).with(:SSLv3)
+      HTTPI::Auth::SSL.any_instance.expects(:ssl_version=).with(:SSLv3).twice
 
       client = new_client(:endpoint => @server.url, :ssl_version => :SSLv3)
       client.call(:authenticate)
@@ -266,7 +319,7 @@ describe "Options" do
 
   context "global :ssl_verify_mode" do
     it "sets the verify mode to use" do
-      HTTPI::Auth::SSL.any_instance.expects(:verify_mode=).with(:none)
+      HTTPI::Auth::SSL.any_instance.expects(:verify_mode=).with(:none).twice
 
       client = new_client(:endpoint => @server.url, :ssl_verify_mode => :none)
       client.call(:authenticate)
@@ -276,17 +329,30 @@ describe "Options" do
   context "global :ssl_cert_key_file" do
     it "sets the cert key file to use" do
       cert_key = File.expand_path("../../fixtures/ssl/client_key.pem", __FILE__)
-      HTTPI::Auth::SSL.any_instance.expects(:cert_key_file=).with(cert_key)
+      HTTPI::Auth::SSL.any_instance.expects(:cert_key_file=).with(cert_key).twice
 
       client = new_client(:endpoint => @server.url, :ssl_cert_key_file => cert_key)
       client.call(:authenticate)
     end
   end
 
+  context "global :ssl_cert_key_password" do
+    it "sets the encrypted cert key file password to use" do
+      cert_key = File.expand_path("../../fixtures/ssl/client_encrypted_key.pem", __FILE__)
+      cert_key_pass = "secure-password!42"
+      HTTPI::Auth::SSL.any_instance.expects(:cert_key_file=).with(cert_key).twice
+      HTTPI::Auth::SSL.any_instance.expects(:cert_key_password=).with(cert_key_pass).twice
+
+      client = new_client(:endpoint => @server.url, :ssl_cert_key_file => cert_key, :ssl_cert_key_password => cert_key_pass)
+      client.call(:authenticate)
+    end
+
+  end
+
   context "global :ssl_cert_file" do
     it "sets the cert file to use" do
       cert = File.expand_path("../../fixtures/ssl/client_cert.pem", __FILE__)
-      HTTPI::Auth::SSL.any_instance.expects(:cert_file=).with(cert)
+      HTTPI::Auth::SSL.any_instance.expects(:cert_file=).with(cert).twice
 
       client = new_client(:endpoint => @server.url, :ssl_cert_file => cert)
       client.call(:authenticate)
@@ -296,7 +362,7 @@ describe "Options" do
   context "global :ssl_ca_cert_file" do
     it "sets the ca cert file to use" do
       ca_cert = File.expand_path("../../fixtures/ssl/client_cert.pem", __FILE__)
-      HTTPI::Auth::SSL.any_instance.expects(:ca_cert_file=).with(ca_cert)
+      HTTPI::Auth::SSL.any_instance.expects(:ca_cert_file=).with(ca_cert).twice
 
       client = new_client(:endpoint => @server.url, :ssl_ca_cert_file => ca_cert)
       client.call(:authenticate)
@@ -513,21 +579,30 @@ describe "Options" do
     end
   end
 
+  context "request: attributes" do
+    it "when set, adds the attributes to the message tag" do
+      client   = new_client(:endpoint => @server.url(:repeat))
+      response = client.call(:authenticate, :attributes => { "Token" => "secret"})
+
+      expect(response.http.body).to include('<tns:authenticate Token="secret">')
+    end
+  end
+
   context "request: soap_action" do
     it "without it, Savon tries to get the SOAPAction from the WSDL document and falls back to Gyoku" do
-      client = new_client(:endpoint => @server.url(:inspect_header),
-                          :headers => { "Inspect" => "HTTP_SOAPACTION" })
+      client = new_client(:endpoint => @server.url(:inspect_request))
 
       response = client.call(:authenticate)
-      expect(response.http.body).to eq('"authenticate"')
+      soap_action = inspect_request(response).soap_action
+      expect(soap_action).to eq('"authenticate"')
     end
 
     it "when set, changes the SOAPAction HTTP header" do
-      client = new_client(:endpoint => @server.url(:inspect_header),
-                          :headers => { "Inspect" => "HTTP_SOAPACTION" })
+      client = new_client(:endpoint => @server.url(:inspect_request))
 
       response = client.call(:authenticate, :soap_action => "doAuthenticate")
-      expect(response.http.body).to eq('"doAuthenticate"')
+      soap_action = inspect_request(response).soap_action
+      expect(soap_action).to eq('"doAuthenticate"')
     end
   end
 
@@ -553,6 +628,24 @@ describe "Options" do
     end
   end
 
+  context "request :cookies" do
+    it "accepts an Array of HTTPI::Cookie objects for the next request" do
+      cookies  = [
+        HTTPI::Cookie.new("some-cookie=choc-chip"),
+        HTTPI::Cookie.new("another-cookie=ny-cheesecake")
+      ]
+
+      client   = new_client(:endpoint => @server.url(:inspect_request))
+      response = client.call(:authenticate, :cookies => cookies)
+
+      cookie = inspect_request(response).cookie
+      expect(cookie.split(";")).to include(
+        "some-cookie=choc-chip",
+        "another-cookie=ny-cheesecake"
+      )
+    end
+  end
+
   context "request :advanced_typecasting" do
     it "can be changed to false to disable Nori's advanced typecasting" do
       client = new_client(:endpoint => @server.url(:repeat))
@@ -584,4 +677,9 @@ describe "Options" do
     Savon.client(globals, &block)
   end
 
+  def inspect_request(response)
+    hash = JSON.parse(response.http.body)
+    OpenStruct.new(hash)
+  end
+
 end