RubyGems - sorcery - Versions diffs - 0.8.4 → 0.8.5 - Mend

sorcery 0.8.4 → 0.8.5

Potentially problematic release.

This version of sorcery might be problematic. Click here for more details.

Files changed (281) hide show

data/spec/shared_examples/user_shared_examples.rb CHANGED

@@ -3,88 +3,102 @@ shared_examples_for "rails_3_core_model" do
     after(:each) do
       User.sorcery_config.reset!
     end
     it "should enable configuration option 'username_attribute_names'" do
       sorcery_model_property_set(:username_attribute_names, :email)
       User.sorcery_config.username_attribute_names.should == [:email]
     end
     it "should enable configuration option 'password_attribute_name'" do
       sorcery_model_property_set(:password_attribute_name, :mypassword)
       User.sorcery_config.password_attribute_name.should equal(:mypassword)
     end
     it "should enable configuration option 'email_attribute_name'" do
       sorcery_model_property_set(:email_attribute_name, :my_email)
       User.sorcery_config.email_attribute_name.should equal(:my_email)
     end
     it "should enable configuration option 'crypted_password_attribute_name'" do
       sorcery_model_property_set(:crypted_password_attribute_name, :password)
       User.sorcery_config.crypted_password_attribute_name.should equal(:password)
     end
     it "should enable configuration option 'salt_attribute_name'" do
       sorcery_model_property_set(:salt_attribute_name, :my_salt)
       User.sorcery_config.salt_attribute_name.should equal(:my_salt)
     end
     it "should enable configuration option 'encryption_algorithm'" do
       sorcery_model_property_set(:encryption_algorithm, :none)
       User.sorcery_config.encryption_algorithm.should equal(:none)
     end
     it "should enable configuration option 'encryption_key'" do
       sorcery_model_property_set(:encryption_key, 'asdadas424234242')
       User.sorcery_config.encryption_key.should == 'asdadas424234242'
     end
     it "should enable configuration option 'custom_encryption_provider'" do
       sorcery_model_property_set(:encryption_algorithm, :custom)
       sorcery_model_property_set(:custom_encryption_provider, Array)
       User.sorcery_config.custom_encryption_provider.should equal(Array)
     end
     it "should enable configuration option 'salt_join_token'" do
       salt_join_token = "--%%*&-"
       sorcery_model_property_set(:salt_join_token, salt_join_token)
       User.sorcery_config.salt_join_token.should equal(salt_join_token)
     end
     it "should enable configuration option 'stretches'" do
       stretches = 15
       sorcery_model_property_set(:stretches, stretches)
       User.sorcery_config.stretches.should equal(stretches)
     end
   end
   # ----------------- PLUGIN ACTIVATED -----------------------
   describe User, "when activated with sorcery" do
     before(:all) do
-      sorcery_reload!()
+      sorcery_reload!
     end
     before(:each) do
       User.delete_all
     end
     it "should respond to class method authenticate" do
       ActiveRecord::Base.should_not respond_to(:authenticate) if defined?(ActiveRecord)
       User.should respond_to(:authenticate)
     end
     it "authenticate should return true if credentials are good" do
       create_new_user
       User.authenticate(@user.send(User.sorcery_config.username_attribute_names.first), 'secret').should be_true
     end
     it "authenticate should return false if credentials are bad" do
       create_new_user
       User.authenticate(@user.send(User.sorcery_config.username_attribute_names.first), 'wrong!').should be_false
     end
+    context "with empty credentials" do
+      before do
+        sorcery_model_property_set(:downcase_username_before_authenticating, true)
+      end
+      after do
+        sorcery_reload!
+      end
+      it "don't downcase empty credentials" do
+        expect(User.authenticate(nil, 'wrong!')).to be_false
+      end
+    end
     specify { User.should respond_to(:encrypt) }
     it "subclass should inherit config if defined so" do
       sorcery_reload!([],{:subclasses_inherit_config => true})
       class Admin < User
@@ -92,7 +106,7 @@ shared_examples_for "rails_3_core_model" do
       Admin.sorcery_config.should_not be_nil
       Admin.sorcery_config.should == User.sorcery_config
     end
     it "subclass should not inherit config if not defined so" do
       sorcery_reload!([],{:subclasses_inherit_config => false})
       class Admin2 < User
@@ -100,10 +114,10 @@ shared_examples_for "rails_3_core_model" do
       Admin2.sorcery_config.should be_nil
     end
   end
   # ----------------- REGISTRATION -----------------------
   describe User, "registration" do
     before(:all) do
       sorcery_reload!()
     end
@@ -111,11 +125,11 @@ shared_examples_for "rails_3_core_model" do
     before(:each) do
       User.delete_all
     end
     it "by default, encryption_provider should not be nil" do
       User.sorcery_config.encryption_provider.should_not be_nil
     end
     it "should encrypt password when a new user is saved" do
       create_new_user
       User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
@@ -125,18 +139,18 @@ shared_examples_for "rails_3_core_model" do
       create_new_user
       @user.password.should be_nil
     end
     it "should not clear the virtual password field if save failed due to validity" do
       create_new_user
       User.class_eval do
-        validates_format_of :email, :with => /^(.)+@(.)+$/, :if => Proc.new {|r| r.email}, :message => "is invalid"
+        validates_format_of :email, :with => /\A(.)+@(.)+\Z/, :if => Proc.new {|r| r.email}, :message => "is invalid"
       end
       @user.password = 'blupush'
       @user.email = 'asd'
       @user.save
       @user.password.should_not be_nil
     end
     it "should not clear the virtual password field if save failed due to exception" do
       create_new_user
       @user.password = '4blupush'
@@ -150,7 +164,7 @@ shared_examples_for "rails_3_core_model" do
       end
       @user.password.should_not be_nil
     end
     it "should not encrypt the password twice when a user is updated" do
       create_new_user
       @user.email = "blup@bla.com"
@@ -166,34 +180,34 @@ shared_examples_for "rails_3_core_model" do
     end
   end
   # ----------------- PASSWORD ENCRYPTION -----------------------
   describe User, "special encryption cases" do
     before(:all) do
       sorcery_reload!()
       @text = "Some Text!"
     end
     before(:each) do
       User.delete_all
     end
     after(:each) do
       User.sorcery_config.reset!
     end
     it "should work with no password encryption" do
       sorcery_model_property_set(:encryption_algorithm, :none)
       create_new_user
       User.authenticate(@user.send(User.sorcery_config.username_attribute_names.first), 'secret').should be_true
     end
     it "should work with custom password encryption" do
       class MyCrypto
         def self.encrypt(*tokens)
           tokens.flatten.join('').gsub(/e/,'A')
         end
         def self.matches?(crypted,*tokens)
           crypted == encrypt(*tokens)
         end
@@ -203,49 +217,49 @@ shared_examples_for "rails_3_core_model" do
       create_new_user
       User.authenticate(@user.send(User.sorcery_config.username_attribute_names.first), 'secret').should be_true
     end
     it "if encryption algo is aes256, it should set key to crypto provider" do
       sorcery_model_property_set(:encryption_algorithm, :aes256)
       sorcery_model_property_set(:encryption_key, nil)
       expect{User.encrypt(@text)}.to raise_error(ArgumentError)
       sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
-      expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
+      expect{User.encrypt(@text)}.to_not raise_error
     end
     it "if encryption algo is aes256, it should set key to crypto provider, even if attributes are set in reverse" do
       sorcery_model_property_set(:encryption_key, nil)
       sorcery_model_property_set(:encryption_algorithm, :none)
       sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
       sorcery_model_property_set(:encryption_algorithm, :aes256)
-      expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
+      expect{User.encrypt(@text)}.to_not raise_error
     end
     it "if encryption algo is md5 it should work" do
       sorcery_model_property_set(:encryption_algorithm, :md5)
       User.encrypt(@text).should == Sorcery::CryptoProviders::MD5.encrypt(@text)
     end
     it "if encryption algo is sha1 it should work" do
       sorcery_model_property_set(:encryption_algorithm, :sha1)
       User.encrypt(@text).should == Sorcery::CryptoProviders::SHA1.encrypt(@text)
     end
     it "if encryption algo is sha256 it should work" do
       sorcery_model_property_set(:encryption_algorithm, :sha256)
       User.encrypt(@text).should == Sorcery::CryptoProviders::SHA256.encrypt(@text)
     end
     it "if encryption algo is sha512 it should work" do
       sorcery_model_property_set(:encryption_algorithm, :sha512)
       User.encrypt(@text).should == Sorcery::CryptoProviders::SHA512.encrypt(@text)
     end
     it "salt should be random for each user and saved in db" do
       sorcery_model_property_set(:salt_attribute_name, :salt)
       create_new_user
       @user.salt.should_not be_nil
     end
     it "if salt is set should use it to encrypt" do
       sorcery_model_property_set(:salt_attribute_name, :salt)
       sorcery_model_property_set(:encryption_algorithm, :sha512)
@@ -253,7 +267,7 @@ shared_examples_for "rails_3_core_model" do
       @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
       @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
     end
     it "if salt_join_token is set should use it to encrypt" do
       sorcery_model_property_set(:salt_attribute_name, :salt)
       sorcery_model_property_set(:salt_join_token, "-@=>")
@@ -265,15 +279,15 @@ shared_examples_for "rails_3_core_model" do
       Sorcery::CryptoProviders::SHA512.join_token = User.sorcery_config.salt_join_token
       @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
     end
   end
   describe User, "ORM adapter" do
     before(:all) do
       sorcery_reload!()
       User.delete_all
     end
     before(:each) do
       create_new_user
     end
@@ -284,6 +298,7 @@ shared_examples_for "rails_3_core_model" do
     end
     it "find_by_username should work as expected" do
+      sorcery_model_property_set(:username_attribute_names, [:username])
       User.find_by_username("gizmo").should == @user
     end
@@ -302,17 +317,17 @@ shared_examples_for "external_user" do
   before(:each) do
     User.delete_all
   end
   it "should respond to 'external?'" do
     create_new_user
     @user.should respond_to(:external?)
   end
   it "external? should be false for regular users" do
     create_new_user
     @user.external?.should be_false
   end
   it "external? should be true for external users" do
     create_new_external_user(:twitter)
     @user.external?.should be_true

data/spec/sorcery_crypto_providers_spec.rb CHANGED

@@ -1,56 +1,56 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+require 'spec_helper'
 describe "Crypto Providers wrappers" do
   describe Sorcery::CryptoProviders::MD5 do
     after(:each) do
       Sorcery::CryptoProviders::MD5.reset!
     end
     it "encrypt works via wrapper like normal lib" do
       Sorcery::CryptoProviders::MD5.encrypt('Noam Ben-Ari').should == Digest::MD5.hexdigest('Noam Ben-Ari')
     end
     it "works with multiple stretches" do
       Sorcery::CryptoProviders::MD5.stretches = 3
       Sorcery::CryptoProviders::MD5.encrypt('Noam Ben-Ari').should == Digest::MD5.hexdigest(Digest::MD5.hexdigest(Digest::MD5.hexdigest('Noam Ben-Ari')))
     end
     it "matches? returns true when matches" do
       Sorcery::CryptoProviders::MD5.matches?(Digest::MD5.hexdigest('Noam Ben-Ari'), 'Noam Ben-Ari').should be_true
     end
     it "matches? returns false when no match" do
       Sorcery::CryptoProviders::MD5.matches?(Digest::MD5.hexdigest('Noam Ben-Ari'), 'Some Dude').should be_false
     end
   end
   describe Sorcery::CryptoProviders::SHA1 do
     before(:all) do
       @digest = 'Noam Ben-Ari'
       Sorcery::CryptoProviders::SHA1.stretches.times {@digest = Digest::SHA1.hexdigest(@digest)}
     end
     after(:each) do
       Sorcery::CryptoProviders::SHA1.reset!
     end
     it "encrypt works via wrapper like normal lib" do
       Sorcery::CryptoProviders::SHA1.encrypt('Noam Ben-Ari').should == @digest
     end
     it "works with multiple stretches" do
       Sorcery::CryptoProviders::SHA1.stretches = 3
       Sorcery::CryptoProviders::SHA1.encrypt('Noam Ben-Ari').should == Digest::SHA1.hexdigest(Digest::SHA1.hexdigest(Digest::SHA1.hexdigest('Noam Ben-Ari')))
     end
     it "matches? returns true when matches" do
       Sorcery::CryptoProviders::SHA1.matches?(@digest, 'Noam Ben-Ari').should be_true
     end
     it "matches? returns false when no match" do
       Sorcery::CryptoProviders::SHA1.matches?(@digest, 'Some Dude').should be_false
     end
@@ -62,67 +62,67 @@ describe "Crypto Providers wrappers" do
   end
   describe Sorcery::CryptoProviders::SHA256 do
     before(:all) do
       @digest = 'Noam Ben-Ari'
       Sorcery::CryptoProviders::SHA256.stretches.times {@digest = Digest::SHA256.hexdigest(@digest)}
     end
     after(:each) do
       Sorcery::CryptoProviders::SHA256.reset!
     end
     it "encrypt works via wrapper like normal lib" do
       Sorcery::CryptoProviders::SHA256.encrypt('Noam Ben-Ari').should == @digest
     end
     it "works with multiple stretches" do
       Sorcery::CryptoProviders::SHA256.stretches = 3
       Sorcery::CryptoProviders::SHA256.encrypt('Noam Ben-Ari').should == Digest::SHA256.hexdigest(Digest::SHA256.hexdigest(Digest::SHA256.hexdigest('Noam Ben-Ari')))
     end
     it "matches? returns true when matches" do
       Sorcery::CryptoProviders::SHA256.matches?(@digest, 'Noam Ben-Ari').should be_true
     end
     it "matches? returns false when no match" do
       Sorcery::CryptoProviders::SHA256.matches?(@digest, 'Some Dude').should be_false
     end
   end
   describe Sorcery::CryptoProviders::SHA512 do
     before(:all) do
       @digest = 'Noam Ben-Ari'
       Sorcery::CryptoProviders::SHA512.stretches.times {@digest = Digest::SHA512.hexdigest(@digest)}
     end
     after(:each) do
       Sorcery::CryptoProviders::SHA512.reset!
     end
     it "encrypt works via wrapper like normal lib" do
       Sorcery::CryptoProviders::SHA512.encrypt('Noam Ben-Ari').should == @digest
     end
     it "works with multiple stretches" do
       Sorcery::CryptoProviders::SHA512.stretches = 3
       Sorcery::CryptoProviders::SHA512.encrypt('Noam Ben-Ari').should == Digest::SHA512.hexdigest(Digest::SHA512.hexdigest(Digest::SHA512.hexdigest('Noam Ben-Ari')))
     end
     it "matches? returns true when matches" do
       Sorcery::CryptoProviders::SHA512.matches?(@digest, 'Noam Ben-Ari').should be_true
     end
     it "matches? returns false when no match" do
       Sorcery::CryptoProviders::SHA512.matches?(@digest, 'Some Dude').should be_false
     end
   end
   describe Sorcery::CryptoProviders::AES256 do
     before(:all) do
       aes = OpenSSL::Cipher::Cipher.new("AES-256-ECB")
       aes.encrypt
@@ -132,19 +132,19 @@ describe "Crypto Providers wrappers" do
       @digest = [aes.update(@digest) + aes.final].pack("m").chomp
       Sorcery::CryptoProviders::AES256.key = @key
     end
     it "encrypt works via wrapper like normal lib" do
       Sorcery::CryptoProviders::AES256.encrypt('Noam Ben-Ari').should == @digest
     end
     it "matches? returns true when matches" do
       Sorcery::CryptoProviders::AES256.matches?(@digest, 'Noam Ben-Ari').should be_true
     end
     it "matches? returns false when no match" do
       Sorcery::CryptoProviders::AES256.matches?(@digest, 'Some Dude').should be_false
     end
     it "can be decrypted" do
       aes = OpenSSL::Cipher::Cipher.new("AES-256-ECB")
       aes.decrypt
@@ -153,31 +153,31 @@ describe "Crypto Providers wrappers" do
     end
   end
   describe Sorcery::CryptoProviders::BCrypt do
     before(:all) do
       Sorcery::CryptoProviders::BCrypt.cost = 1
       @digest = BCrypt::Password.create('Noam Ben-Ari', :cost => Sorcery::CryptoProviders::BCrypt.cost)
     end
     after(:each) do
       Sorcery::CryptoProviders::BCrypt.reset!
     end
     it "should be comparable with original secret" do
       BCrypt::Password.new(Sorcery::CryptoProviders::BCrypt.encrypt('Noam Ben-Ari')).should == 'Noam Ben-Ari'
     end
     it "works with multiple costs" do
       Sorcery::CryptoProviders::BCrypt.cost = 3
       BCrypt::Password.new(Sorcery::CryptoProviders::BCrypt.encrypt('Noam Ben-Ari')).should == 'Noam Ben-Ari'
     end
     it "matches? returns true when matches" do
       Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'Noam Ben-Ari').should be_true
     end
     it "matches? returns false when no match" do
       Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'Some Dude').should be_false
     end
@@ -188,9 +188,11 @@ describe "Crypto Providers wrappers" do
     it "sets cost when stretches is set" do
       Sorcery::CryptoProviders::BCrypt.stretches = 4
-      Sorcery::CryptoProviders::BCrypt.cost.should == 4
+      # stubbed in Sorcery::TestHelpers::Internal
+      Sorcery::CryptoProviders::BCrypt.cost.should == 1
     end
   end
 end