touchpass 0.0.8.1 → 0.0.8.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +2 -0
- data/Gemfile +6 -0
- data/Gemfile.lock +27 -12
- data/Rakefile +20 -1
- data/app/assets/images/touchpass/buttons/cancelling.png +0 -0
- data/app/assets/images/touchpass/buttons/unverified.png +0 -0
- data/app/assets/images/touchpass/buttons/verified.png +0 -0
- data/app/assets/images/touchpass/buttons/verify.png +0 -0
- data/app/assets/images/touchpass/buttons/verifying.png +0 -0
- data/app/assets/images/touchpass/cross.png +0 -0
- data/app/assets/images/touchpass/loading.gif +0 -0
- data/app/assets/images/touchpass/tick.png +0 -0
- data/app/assets/images/touchpass/touchpass-logo.jpg +0 -0
- data/app/assets/javascripts/touchpass/index.js +1 -0
- data/app/assets/javascripts/touchpass/jquery.touchpass-0.0.1.js +199 -0
- data/app/assets/stylesheets/touchpass/index.css +1 -0
- data/app/assets/stylesheets/touchpass/widget.css +17 -0
- data/app/controllers/touchpass/verifications_controller.rb +10 -6
- data/bin/tpcli.rb +29 -21
- data/bin/tpcrypt.rb +38 -0
- data/config/routes.rb +2 -2
- data/lib/touchpass/client.rb +33 -81
- data/lib/touchpass/crypt.rb +29 -6
- data/lib/touchpass/prp.rb +9 -6
- data/lib/touchpass/{device.rb → rp/device.rb} +5 -2
- data/lib/touchpass/rp/response.rb +34 -0
- data/lib/touchpass/rp/verification.rb +53 -0
- data/lib/touchpass/verification.rb +119 -86
- data/lib/touchpass/version.rb +1 -1
- data/lib/touchpass.rb +27 -5
- data/spec/curl.touchpass_client_spec-workingcontent.txt +268 -0
- data/spec/spec_helper.rb +9 -0
- data/spec/touchpass_client_spec.rb +42 -48
- data/spec/touchpass_crypt_spec.rb +27 -0
- data/spec/touchpass_rp_verification_spec.rb +52 -0
- data/spec/touchpass_spec.rb +12 -0
- data/spec/touchpass_verification_spec.rb +26 -0
- metadata +66 -14
@@ -0,0 +1,268 @@
|
|
1
|
+
# ruby strings for the curl commands
|
2
|
+
#
|
3
|
+
#
|
4
|
+
# Register Party
|
5
|
+
#
|
6
|
+
#
|
7
|
+
|
8
|
+
# curlstr = 'curl -k -X POST -F "username=' user '"' '-F "email=' email '" -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
|
9
|
+
|
10
|
+
curl -k -X POST -F "username=tpusery" -F "email=tpusery@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
|
11
|
+
|
12
|
+
{
|
13
|
+
"id": 8,
|
14
|
+
"username": "tpusery",
|
15
|
+
"email": "tpusery@geodica.com",
|
16
|
+
"first_name": "",
|
17
|
+
"last_name": "",
|
18
|
+
"api_key": "CU2GxrYnqJJ7nMiyzG29",
|
19
|
+
"state": "created"
|
20
|
+
}
|
21
|
+
|
22
|
+
|
23
|
+
|
24
|
+
# attempting to register again
|
25
|
+
# curlstr = 'curl -k -X POST -F "username=tpusera'"' '-F "email=' email '" -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
|
26
|
+
curl -k -X POST -F "username=tpusery" -F "email=tpusery@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
|
27
|
+
{
|
28
|
+
"errors": [
|
29
|
+
{"field": "email", "message": "has already been taken"},
|
30
|
+
{"field": "username", "message": "has already been taken"}
|
31
|
+
]
|
32
|
+
|
33
|
+
# attempting empty username
|
34
|
+
# curlstr = 'curl -k -X POST -F "username='"' '-F "email=' email '" -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
|
35
|
+
curl -k -X POST -F "username=" -F "email=tpuserz@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
|
36
|
+
{
|
37
|
+
"errors": [
|
38
|
+
{"field": "username", "message": "can't be blank"},
|
39
|
+
{"field": "username", "message": "is too short (minimum is 4 characters)"}
|
40
|
+
]
|
41
|
+
|
42
|
+
|
43
|
+
}
|
44
|
+
|
45
|
+
# attempting longer than 15 characters
|
46
|
+
# curlstr = 'curl -k -X POST -F "username=longlonglonglonglonglonglonglongname'"' '-F "email=' email ' -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
|
47
|
+
curl -k -X POST -F "username=longlonglonglonglonglonglonglongname" -F "email=tpuserz@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
|
48
|
+
{
|
49
|
+
"errors": [
|
50
|
+
{"field": "username", "message": "is too long (maximum is 15 characters)"}
|
51
|
+
]
|
52
|
+
}
|
53
|
+
|
54
|
+
|
55
|
+
# attempting empty email address
|
56
|
+
# curlstr = 'curl -k -X POST -F "username=testnameok'"' '-F "email="' -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
|
57
|
+
curl -k -X POST -F "username=testnameok" -F "email=" -F "password=tpusery" "https://localhost:3999/parties.json"
|
58
|
+
{
|
59
|
+
"errors": [
|
60
|
+
{"field": "email", "message": "can't be blank"}
|
61
|
+
]curl -k -X POST -F "username=tpusery" -F "email=tpusery@geodica.com" -F "password=" "https://localhost:3999/parties.json"
|
62
|
+
curl -k -X POST -F "username=tpuserz" -F "email=tpuserz@geodica.com" -F "password=" "https://localhost:3999/parties.json"
|
63
|
+
{
|
64
|
+
"errors": [
|
65
|
+
{"field": "password", "message": "can't be blank"}
|
66
|
+
]
|
67
|
+
}
|
68
|
+
}
|
69
|
+
|
70
|
+
|
71
|
+
# attempting with empty password
|
72
|
+
# curlstr = 'curl -k -X POST -F "username=' user'"' '-F "email="' -F "password=" "#{DFT_HOSTNAME}//parties.json"'
|
73
|
+
curl -k -X POST -F "username=tpuserz" -F "email=tpuserz@geodica.com" -F "password=" "https://localhost:3999/parties.json"
|
74
|
+
{
|
75
|
+
"errors": [
|
76
|
+
{"field": "password", "message": "can't be blank"}
|
77
|
+
]
|
78
|
+
}
|
79
|
+
|
80
|
+
|
81
|
+
|
82
|
+
|
83
|
+
|
84
|
+
|
85
|
+
#
|
86
|
+
#Authenticate
|
87
|
+
#
|
88
|
+
|
89
|
+
#
|
90
|
+
# curlstr = 'curl -X POST -d "login=' username '" -d "password=' username '" "#{DFT_HOSTNAME}/parties/authenticate.json"'
|
91
|
+
#
|
92
|
+
# curl -k -X POST -d "login=tpusera" -d "password=tpusera" "https://localhost:3999/parties/authenticate.json"
|
93
|
+
#{
|
94
|
+
# "id": 3,
|
95
|
+
# "username": "tpusera",
|
96
|
+
# "email": "tpusera@geodica.com",
|
97
|
+
# "first_name": "Tpuser",
|
98
|
+
# "last_name": "A",
|
99
|
+
# "api_key": "zEHFEvT7V99uQoQ4enZX",
|
100
|
+
# "state": "active"
|
101
|
+
#}
|
102
|
+
|
103
|
+
|
104
|
+
#Authenticate with blank login name
|
105
|
+
curl -k -X POST -d "login=" -d "password=tpusera" "https://localhost:3999/parties/authenticate.json"
|
106
|
+
{
|
107
|
+
"errors": [
|
108
|
+
{"message": "Invalid login or password"}
|
109
|
+
]
|
110
|
+
}
|
111
|
+
|
112
|
+
|
113
|
+
#Authenticate with name > 15
|
114
|
+
curl -k -X POST -d "login=longlonglonglonglonglonglonglongname" -d "password=tpusera" "https://localhost:3999/parties/authenticate.json"
|
115
|
+
{
|
116
|
+
"errors": [
|
117
|
+
{"message": "Invalid login or password"}
|
118
|
+
]
|
119
|
+
}
|
120
|
+
|
121
|
+
|
122
|
+
#
|
123
|
+
# Validate API Key for registere user
|
124
|
+
#
|
125
|
+
# get party
|
126
|
+
#
|
127
|
+
#
|
128
|
+
# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '" "#{DFT_HOSTNAME}//parties/10.json"'
|
129
|
+
#
|
130
|
+
curl -k -X GET -H "X-TouchPass-ApiKey:ug8VHKNRsFoDPLHBA549" "https://localhost:3999/parties/10.json"
|
131
|
+
{
|
132
|
+
"id": 10,
|
133
|
+
"username": "tpuserab",
|
134
|
+
"email": "tpuserab@geodica.com",
|
135
|
+
"first_name": "",
|
136
|
+
"last_name": "",
|
137
|
+
"state": "created"
|
138
|
+
,"devices": [
|
139
|
+
]
|
140
|
+
}
|
141
|
+
|
142
|
+
|
143
|
+
#
|
144
|
+
# Make changes to a registered party. update party
|
145
|
+
#
|
146
|
+
# TBC: do we need a test in here to see if you can rename the username to the same as another already registered name
|
147
|
+
#
|
148
|
+
#
|
149
|
+
# curlstr = 'curl -k -X PUT -H "X-TouchPass-ApiKey:" ' apikey '" -d "firstname=' newname '" "#{DFT_HOSTNAME}/tpuserab.json"'
|
150
|
+
#
|
151
|
+
curl -k -X PUT -H "X-TouchPass-ApiKey:ug8VHKNRsFoDPLHBA549" -d "first_name=new" "https://localhost:3999/tpuserab.json"
|
152
|
+
{
|
153
|
+
"id": 10,
|
154
|
+
"username": "tpuserab",
|
155
|
+
"email": "tpuserab@geodica.com",
|
156
|
+
"first_name": "new",
|
157
|
+
"last_name": "",
|
158
|
+
"state": "created"
|
159
|
+
,"devices": [
|
160
|
+
]
|
161
|
+
}
|
162
|
+
|
163
|
+
|
164
|
+
#
|
165
|
+
#
|
166
|
+
# Validate additiona of new devices
|
167
|
+
|
168
|
+
#
|
169
|
+
#
|
170
|
+
# add device
|
171
|
+
#
|
172
|
+
# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '" "#{DFT_HOSTNAME}/' username '/devices.json"'
|
173
|
+
#
|
174
|
+
# #todo need to setup the params for this string
|
175
|
+
# -F "name=" newdevicename
|
176
|
+
# -F "udid=" randomstring1
|
177
|
+
# -F "pub_key=" randomstring2
|
178
|
+
# -F "messaging_value=" randomstring3
|
179
|
+
# -F "app_id=geodica.touchpass.client.app-R100"
|
180
|
+
#
|
181
|
+
curl -k -X POST -H "X-TouchPass-ApiKey: zEHFEvT7V99uQoQ4enZX" -F "name=Tpusera Device Test" -F "udid=747c2098adsrjlakfjlaskdfjlj77f3b3f5e2c3b" -F "pub_key=-----BEGIN RSA PUBLIC KEY-----MIGJAoGBAMa0TaTSmYC5xkWLBdffcTe2wJ8ebv0COONbWTb0iZVBG3NwC0WfqATHdDEQfAKPeTxH1xte5U+o5Bl3NQRGOeeQPsZTOZkENIe1C560Ehx/swUyDiW4Z5a2OKFQqLqt8u2LyUmhVZv6bpfBTL6HcWh+rrOZN6RasBbi/GJEndxrAgMBAAE=-----END RSA PUBLIC KEY-----" -F "messaging_type=apn-development" -F "messaging_value=8ca4329cc55bf98f6c81e4ff443201cb03a0e8d4afbd07bea159194bf29ea8a0" -F "app_id=geodica.touchpass.client.app-R100" "https://localhost:3999/tpusera/devices.json"
|
182
|
+
{
|
183
|
+
"id": 6,
|
184
|
+
"udid": "747c2098adsrjlakfjlaskdfjlj77f3b3f5e2c3b",
|
185
|
+
"name": "Tpusera Device Test",
|
186
|
+
"pub_key": "-----BEGIN RSA PUBLIC KEY-----MIGJAoGBAMa0TaTSmYC5xkWLBdffcTe2wJ8ebv0COONbWTb0iZVBG3NwC0WfqATHdDEQfAKPeTxH1xte5U+o5Bl3NQRGOeeQPsZTOZkENIe1C560Ehx/swUyDiW4Z5a2OKFQqLqt8u2LyUmhVZv6bpfBTL6HcWh+rrOZN6RasBbi/GJEndxrAgMBAAE=-----END RSA PUBLIC KEY-----",
|
187
|
+
"app_id": "geodica.touchpass.client.app-R100"
|
188
|
+
}
|
189
|
+
|
190
|
+
|
191
|
+
#
|
192
|
+
# get devices
|
193
|
+
#
|
194
|
+
# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '" "#{DFT_HOSTNAME}/' username '/devices.json"'
|
195
|
+
#
|
196
|
+
curl -k -X GET -H "X-TouchPass-ApiKey:8rm2JYjzVfeFHpAaJTwM" "https://localhost:3999/tpusera/devices.json"
|
197
|
+
{
|
198
|
+
"devices": [
|
199
|
+
{
|
200
|
+
"id": 4,
|
201
|
+
"udid": "62dae634ab99a2b69cfb01c6e18ea7d6841c93cc",
|
202
|
+
"name": "Ben’s iPhone",
|
203
|
+
"pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAMNH6Z8oZxCZKhWnBuLqfx21S2QMl8FBY7+RIaBIiCXigBY6aL6GD5yT\nw67l3piUfJg3dzobEBh0mwhxy0JC4jPDX1f9BF5colJ9eI2E+xzZ7RJT/HDZLlR1\nB/+2vVUXjNOk8j43ZQg7tLnU3/B5s7n7SoHFC7VSgWPNqC72DhjNAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
|
204
|
+
"app_id": "geodica.touchpass.client.app-R100"
|
205
|
+
},
|
206
|
+
{
|
207
|
+
"id": 2,
|
208
|
+
"udid": "3b3f5e2c3b747c37dc35148398e77fb66830e921",
|
209
|
+
"name": "Tpusera Device 2",
|
210
|
+
"pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL6Doy1emQcTVuNfaqClPGQosuEsbkmHYIAzDpeltT10CPhpt5j7441O\nNGjlxirYb/PkvRNjzCxh2fUAcLnbXPgaeYqFg1yXSlmwIM5wVzPJPMRCzoWxLY4g\nvNpTahG/X+ydAy0AeVI7CGFlljaWCdX25FKLucjfUEpL+qccoITLAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
|
211
|
+
"app_id": "seeds"
|
212
|
+
},
|
213
|
+
{
|
214
|
+
"id": 1,
|
215
|
+
"udid": "747c37dc35b66830e921148398e77f3b3f5e2c3b",
|
216
|
+
"name": "Tpusera Device 1",
|
217
|
+
"pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBALufhXKqGqe1OL0KZ09xI029GnYzWTZtsUXqLXXGv++jN1KgkPTxrxll\nJ35i7UFN9eryNj3IX34BN0FmF5o3FqrQdpmVSA5TI4a4qb9DMfeJjfp6uqx+MWUw\nk4Pq7z3SGEv7jvLB5AY0ntuMSgluhqLWhZ8phaE2iWZQ8CL2tnRVAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
|
218
|
+
"app_id": "seeds"
|
219
|
+
}
|
220
|
+
]
|
221
|
+
}
|
222
|
+
|
223
|
+
#
|
224
|
+
# get details of a specific device for a user
|
225
|
+
#
|
226
|
+
# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '" "#{DFT_HOSTNAME}/' username '/devices/' deviceid '.json"'
|
227
|
+
#
|
228
|
+
curl -k -X GET -H "X-TouchPass-ApiKey:8rm2JYjzVfeFHpAaJTwM" "https://localhost:3999/tpusera/devices/4.json"
|
229
|
+
{
|
230
|
+
"id": 4,
|
231
|
+
"udid": "62dae634ab99a2b69cfb01c6e18ea7d6841c93cc",
|
232
|
+
"name": "Ben’s iPhone",
|
233
|
+
"pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAMNH6Z8oZxCZKhWnBuLqfx21S2QMl8FBY7+RIaBIiCXigBY6aL6GD5yT\nw67l3piUfJg3dzobEBh0mwhxy0JC4jPDX1f9BF5colJ9eI2E+xzZ7RJT/HDZLlR1\nB/+2vVUXjNOk8j43ZQg7tLnU3/B5s7n7SoHFC7VSgWPNqC72DhjNAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
|
234
|
+
"app_id": "geodica.touchpass.client.app-R100"
|
235
|
+
}
|
236
|
+
|
237
|
+
|
238
|
+
#
|
239
|
+
# get details of a specific device AS a user
|
240
|
+
#
|
241
|
+
#
|
242
|
+
# note: apikey must be of a user for which a device matches (e.g. add it before!?!)
|
243
|
+
# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '" "#{DFT_HOSTNAME}/devices/' deviceid '.json"'
|
244
|
+
#
|
245
|
+
curl -k -X GET -H "X-TouchPass-ApiKey:zEHFEvT7V99uQoQ4enZX" "https://localhost:3999/devices/1.json"
|
246
|
+
{
|
247
|
+
"id": 1,
|
248
|
+
"udid": "747c37dc35b66830e921148398e77f3b3f5e2c3b",
|
249
|
+
"name": "Tpusera Device 1",
|
250
|
+
"pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBALufhXKqGqe1OL0KZ09xI029GnYzWTZtsUXqLXXGv++jN1KgkPTxrxll\nJ35i7UFN9eryNj3IX34BN0FmF5o3FqrQdpmVSA5TI4a4qb9DMfeJjfp6uqx+MWUw\nk4Pq7z3SGEv7jvLB5AY0ntuMSgluhqLWhZ8phaE2iWZQ8CL2tnRVAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
|
251
|
+
"app_id": "seeds"
|
252
|
+
}
|
253
|
+
|
254
|
+
#
|
255
|
+
# get device, no such device
|
256
|
+
#
|
257
|
+
# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '" "#{DFT_HOSTNAME}/' username '/devices/999.json"'
|
258
|
+
#
|
259
|
+
curl -k -X GET -H "X-TouchPass-ApiKey:8rm2JYjzVfeFHpAaJTwM" "https://localhost:3999/tpusera/devices/999.json"
|
260
|
+
{
|
261
|
+
"errors": [
|
262
|
+
{"message": "Device cannot be found"}
|
263
|
+
]
|
264
|
+
}
|
265
|
+
|
266
|
+
#
|
267
|
+
# add a new device
|
268
|
+
#
|
data/spec/spec_helper.rb
CHANGED
@@ -5,7 +5,9 @@
|
|
5
5
|
#
|
6
6
|
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
7
7
|
|
8
|
+
require 'cover_me'
|
8
9
|
SPEC_KEYS_PATH = File.join(ENV['HOME'], ".touchpass", "certs_spec")
|
10
|
+
require 'touchpass'
|
9
11
|
|
10
12
|
RSpec.configure do |config|
|
11
13
|
config.treat_symbols_as_metadata_keys_with_true_values = true
|
@@ -22,3 +24,10 @@ end
|
|
22
24
|
|
23
25
|
require 'helpers/gtp_spec_helper'
|
24
26
|
require 'helpers/client_spec_helper'
|
27
|
+
|
28
|
+
def expect_response_error(response, field = nil, error = nil)
|
29
|
+
response.should_not be_nil
|
30
|
+
#p response
|
31
|
+
response['errors'].should_not be_nil
|
32
|
+
end
|
33
|
+
|
@@ -28,8 +28,9 @@ describe "Touchpass Client" do
|
|
28
28
|
|
29
29
|
# Ensure that we can register a new party
|
30
30
|
context "Register Party" do
|
31
|
+
|
31
32
|
it "should allow a party to register with valid username, email and password" do
|
32
|
-
username = "tp#{Touchpass::Crypt.
|
33
|
+
username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
33
34
|
email = "#{username}@geodica.com"
|
34
35
|
password = "#{username}"
|
35
36
|
new_party = tpclient.register_party(:email => email, :username => username, :password => password)
|
@@ -39,58 +40,47 @@ describe "Touchpass Client" do
|
|
39
40
|
new_party['state' ].should == 'created'
|
40
41
|
new_party['api_key' ].should_not be nil
|
41
42
|
end
|
43
|
+
|
42
44
|
it "should not allow a party to register with an empty username" do
|
43
45
|
username = ""
|
44
46
|
email = "#{username}@geodica.com"
|
45
47
|
password = "password"
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
new_party['email' ].should == ['is invalid']
|
50
|
-
new_party['state' ].should be nil
|
51
|
-
new_party['api_key' ].should be nil
|
48
|
+
response = tpclient.register_party(:email => email, :username => username, :password => password)
|
49
|
+
expect_response_error(response, :username, "can't be blank")
|
50
|
+
expect_response_error(response, :email, "is invalid")
|
52
51
|
end
|
52
|
+
|
53
53
|
it "should not allow a party to register with an username > 15" do
|
54
|
-
username = "tp#{Touchpass::Crypt.
|
54
|
+
username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)}"
|
55
55
|
username.length.should be >= 15
|
56
56
|
email = "#{username}@geodica.com"
|
57
57
|
password = "password"
|
58
58
|
new_party = tpclient.register_party(:email => email, :username => username, :password => password)
|
59
|
-
new_party
|
60
|
-
new_party['username'].should == ["is too long (maximum is 15 characters)"]
|
61
|
-
new_party['email' ].should be nil
|
62
|
-
new_party['state' ].should be nil
|
63
|
-
new_party['api_key' ].should be nil
|
59
|
+
expect_response_error(new_party, :username, "is too long (maximum is 15 characters)")
|
64
60
|
end
|
61
|
+
|
65
62
|
it "should not allow a party to register with an empty email address" do
|
66
|
-
username = "tp#{Touchpass::Crypt.
|
63
|
+
username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
67
64
|
email = ""
|
68
65
|
password = "#{username}"
|
69
|
-
|
70
|
-
|
71
|
-
new_party['username'].should be nil
|
72
|
-
new_party['email' ].should == ['can\'t be blank']
|
73
|
-
new_party['state' ].should be nil
|
74
|
-
new_party['api_key' ].should be nil
|
66
|
+
response = tpclient.register_party(:email => email, :username => username, :password => password)
|
67
|
+
expect_response_error(response, :email, "can't be blank")
|
75
68
|
end
|
69
|
+
|
76
70
|
it "should not allow a party to register with an empty password" do
|
77
|
-
username = "tp#{Touchpass::Crypt.
|
71
|
+
username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
78
72
|
email = "#{username}@geodica.com"
|
79
73
|
password = ""
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
new_party['email' ].should be nil
|
84
|
-
new_party['state' ].should be nil
|
85
|
-
new_party['api_key' ].should be nil
|
86
|
-
end
|
74
|
+
response = tpclient.register_party(:email => email, :username => username, :password => password)
|
75
|
+
expect_response_error(response, :password, "can't be blank")
|
76
|
+
end
|
87
77
|
end
|
88
78
|
|
89
79
|
# Check that a new rego provides an API key and that we can use the API key to access info
|
90
80
|
context "Validate api_key for newly registered user" do
|
91
81
|
it "should provide a valid API key that can be used to access the party record" do
|
92
82
|
# create a new party and get that party's api_key
|
93
|
-
username = "tp#{Touchpass::Crypt.
|
83
|
+
username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
94
84
|
email = "#{username}@geodica.com"
|
95
85
|
password = "#{username}"
|
96
86
|
new_party = tpclient.register_party(:email => email, :username => username, :password => password)
|
@@ -121,7 +111,7 @@ describe "Touchpass Client" do
|
|
121
111
|
context "Make changes to a registered party" do
|
122
112
|
it "should allow changes to be made to a party" do
|
123
113
|
# create a new party and get that party's api_key
|
124
|
-
username = "tp#{Touchpass::Crypt.
|
114
|
+
username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
125
115
|
email = "#{username}@geodica.com"
|
126
116
|
password = "#{username}"
|
127
117
|
new_party = tpclient.register_party(:email => email, :username => username, :password => password)
|
@@ -140,7 +130,7 @@ describe "Touchpass Client" do
|
|
140
130
|
# Validate addition of new devices
|
141
131
|
context "Add, get and update a device" do
|
142
132
|
before(:each) do
|
143
|
-
@username = "tp#{Touchpass::Crypt.
|
133
|
+
@username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
144
134
|
@email = "#{@username}@geodica.com"
|
145
135
|
@password = "#{@username}"
|
146
136
|
@new_party = tpclient.register_party(:email => @email, :username => @username, :password => @password)
|
@@ -153,9 +143,11 @@ describe "Touchpass Client" do
|
|
153
143
|
|
154
144
|
it "should allow for the addition and retrieval of a new device" do
|
155
145
|
# create a new device for this party
|
156
|
-
udid = Touchpass::Crypt.
|
157
|
-
messaging_value = Touchpass::Crypt.
|
146
|
+
udid = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # a random string
|
147
|
+
messaging_value = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # another random string
|
148
|
+
app_id = "touchpass_client_spec"
|
158
149
|
new_device = tpclient.register_device(:username => @new_party['username'],
|
150
|
+
:app_id => app_id,
|
159
151
|
:udid => udid,
|
160
152
|
:name => "#{@username}'s Device",
|
161
153
|
:messaging_type => 'apn-development',
|
@@ -163,6 +155,7 @@ describe "Touchpass Client" do
|
|
163
155
|
|
164
156
|
new_device['id' ].should_not be nil
|
165
157
|
new_device['udid' ].should == udid
|
158
|
+
new_device['app_id'].should == app_id
|
166
159
|
new_device['name' ].should == "#{@username}'s Device"
|
167
160
|
new_device['pub_key'].should_not be nil
|
168
161
|
|
@@ -186,10 +179,11 @@ describe "Touchpass Client" do
|
|
186
179
|
end
|
187
180
|
|
188
181
|
it "should allow for removal of a device by id" do
|
189
|
-
udid = Touchpass::Crypt.
|
190
|
-
messaging_value = Touchpass::Crypt.
|
182
|
+
udid = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # a random string
|
183
|
+
messaging_value = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # another random string
|
191
184
|
|
192
185
|
new_device = tpclient.register_device(:username => @new_party['username'],
|
186
|
+
:app_id => "touchpass_client_spec",
|
193
187
|
:udid => udid,
|
194
188
|
:name => "#{@username}'s Device",
|
195
189
|
:messaging_type => 'apn-development',
|
@@ -204,9 +198,9 @@ describe "Touchpass Client" do
|
|
204
198
|
retrieved_devices['devices'].size.should be 0
|
205
199
|
|
206
200
|
retrieved_device = tpclient.get_device(:username => @username, :id => new_device['id'])
|
207
|
-
retrieved_device
|
201
|
+
expect_response_error(retrieved_device)
|
208
202
|
end
|
209
|
-
|
203
|
+
|
210
204
|
end
|
211
205
|
|
212
206
|
# Work with verifications
|
@@ -216,23 +210,24 @@ describe "Touchpass Client" do
|
|
216
210
|
@rp_client = Touchpass::Client.new(TPC_HOSTNAME, TPC_DEBUG)
|
217
211
|
|
218
212
|
# create a new verifying party
|
219
|
-
@vp_username = "tp#{Touchpass::Crypt.
|
213
|
+
@vp_username = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
220
214
|
@vp_email = "#{@vp_username}@geodica.com"
|
221
215
|
@vp_password = "#{@vp_username}"
|
222
216
|
@new_vp = @vp_client.register_party(:email => @vp_email, :username => @vp_username, :password => @vp_password)
|
223
217
|
|
224
218
|
# create a new relying party
|
225
|
-
@rp_username = "rp#{Touchpass::Crypt.
|
219
|
+
@rp_username = "rp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
|
226
220
|
@rp_email = "#{@rp_username}@geodica.com"
|
227
221
|
@rp_password = "#{@rp_username}"
|
228
222
|
@new_rp = @rp_client.register_party(:email => @rp_email, :username => @rp_username, :password => @rp_password)
|
229
223
|
|
230
224
|
# add a device to the VP
|
231
225
|
@new_device = @vp_client.register_device(:username => @new_vp['username'],
|
232
|
-
:
|
226
|
+
:app_id => "touchpass_client_spec",
|
227
|
+
:udid => Touchpass::Crypt.hash(Touchpass::Crypt.salt),
|
233
228
|
:name => "#{@username}'s Device",
|
234
229
|
:messaging_type => 'apn-development',
|
235
|
-
:messaging_value => Touchpass::Crypt.
|
230
|
+
:messaging_value => Touchpass::Crypt.hash(Touchpass::Crypt.salt) )
|
236
231
|
end
|
237
232
|
|
238
233
|
it "should create the new rp and vp to work with" do
|
@@ -257,7 +252,7 @@ describe "Touchpass Client" do
|
|
257
252
|
verification['id' ].should_not be nil
|
258
253
|
verification['reference' ].should_not be nil
|
259
254
|
verification['requested_at' ].should_not be nil
|
260
|
-
verification['responded_at' ].should_not be nil
|
255
|
+
#verification['responded_at' ].should_not be nil
|
261
256
|
verification['from_party']['id' ].should == @new_rp['id' ]
|
262
257
|
verification['from_party']['username' ].should == @new_rp['username']
|
263
258
|
verification['to_party' ]['id' ].should == @new_vp['id' ]
|
@@ -307,12 +302,11 @@ describe "Touchpass Client" do
|
|
307
302
|
updated_verification['responded_at'].should_not be nil
|
308
303
|
|
309
304
|
# We should *not* be able to canel or reject this verification since it's already been validated
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
rejected_verification['base'][0].should == "Verification has already been responded"
|
305
|
+
response = @vp_client.cancel_verification(:id => verification['id'])
|
306
|
+
expect_response_error(response, :base, "Verification has already been responded")
|
307
|
+
|
308
|
+
response = @vp_client.reject_verification(:id => verification['id'])
|
309
|
+
expect_response_error(response, :base, "Verification has already been responded")
|
316
310
|
end
|
317
311
|
end
|
318
312
|
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# Geodica Touchpass
|
2
|
+
# (C) Copyright 2009-2012 Geodica, a Carpadium Pty Ltd Venture
|
3
|
+
# All rights reserved
|
4
|
+
|
5
|
+
require 'spec_helper'
|
6
|
+
|
7
|
+
describe Touchpass::Crypt do
|
8
|
+
|
9
|
+
before(:each) do
|
10
|
+
@key = Touchpass::Crypt.generate_encryption_key
|
11
|
+
end
|
12
|
+
|
13
|
+
it "should encrypt data" do
|
14
|
+
encrypted_data = Touchpass::Crypt.encrypt("data", @key)
|
15
|
+
encrypted_data.should_not be_nil
|
16
|
+
end
|
17
|
+
|
18
|
+
it "should decrypt encrypted data" do
|
19
|
+
# test message not a multiple of 32 bytes (test padding)
|
20
|
+
message = "test data to encrypt abcabcabcabc"
|
21
|
+
(message.length % 32).should_not == 0
|
22
|
+
encrypted_data = Touchpass::Crypt.encrypt(message, @key)
|
23
|
+
data = Touchpass::Crypt.decrypt(encrypted_data, @key)
|
24
|
+
data.should == message
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
|
2
|
+
require 'spec_helper'
|
3
|
+
|
4
|
+
describe "Touchpass:Rp::Verification" do
|
5
|
+
|
6
|
+
before(:each) do
|
7
|
+
@verification = Touchpass::Rp::Verification.new
|
8
|
+
@pub_key = "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL2J74ey4flrTR4gK6MJgrwpsRq4RrsvHzv+2/tgcvAlNCXrYddc16IQ\nzy487ilZmHUF2ej9NtnsMucSbukjN0h06ntyHlTuuBVeEJAdnOHPUk5NIhYkMZ6w\nmdQTPd33gSmHtkJyorn1BvutzUsBmwcGxZ+0ADK0TwY6M/MRjjZ/AgMBAAE=\n-----END RSA PUBLIC KEY-----\n"
|
9
|
+
|
10
|
+
@devices = { 'devices' => [{ 'id' => "1", 'pub_key' => @pub_key }] }
|
11
|
+
@devices_response = mock(:response)
|
12
|
+
@devices_response.stub!(:code).and_return(200)
|
13
|
+
@devices_response.stub!(:parsed_response).and_return(@devices)
|
14
|
+
end
|
15
|
+
|
16
|
+
def dummy_response
|
17
|
+
parsed_response = {"id"=>6, "uuid"=>"b76b6016-aa06-11e1-8aac-d49a20f34512", "reference"=>"68e7", "requested_at"=>"2012-05-30T03:22:42Z", "responded_at"=>nil, "from_party"=>{"id"=>19, "username"=>"awilliams"}, "to_party"=>{"id"=>19, "username"=>"awilliams"}, "location_verification"=>nil, "resolution"=>"", "location_verified"=>nil, "crypted_tokens"=>[{"id"=>6, "device_id"=>12, "value"=>"Ylqyi4LQZLvk1U4/TkvRl/WOuALbiWZrhi1Kf1fmeKZLGydc3+3U9wJa/MNZZffh5Z8IxcifLsUJDCBSSlhy8K5gxvTiDRhfe401jjnoxT9vwZv1Sak9BX+49JRaZ/TwYtH5Zyk/K1l+nb5rgX5CgLYrscU64EBb1r5RQnRIzyA="}], "crypted_salts"=>[], "crypted_messages"=>[], "state"=>"created"}
|
18
|
+
response = mock(:response)
|
19
|
+
response.should_receive(:parsed_response).and_return(parsed_response)
|
20
|
+
response.should_receive(:code).and_return(200)
|
21
|
+
Touchpass::Rp::Device.should_receive(:get).and_return(@devices_response)
|
22
|
+
Touchpass::Rp::Verification.stub!(:post).and_return(response)
|
23
|
+
response
|
24
|
+
end
|
25
|
+
|
26
|
+
def dummy_response_error
|
27
|
+
parsed_response = "some error occurred" # string
|
28
|
+
response = mock(:response)
|
29
|
+
response.should_receive(:parsed_response).and_return(parsed_response)
|
30
|
+
response.should_receive(:code).and_return(500)
|
31
|
+
Touchpass::Rp::Device.should_receive(:get).and_return(@devices_response)
|
32
|
+
Touchpass::Rp::Verification.stub!(:post).and_return(response)
|
33
|
+
response
|
34
|
+
end
|
35
|
+
|
36
|
+
it "should create a new verification" do
|
37
|
+
Touchpass::Rp::Verification.should_receive(:post).and_return(dummy_response)
|
38
|
+
response = @verification.create('awilliams')
|
39
|
+
response.should_not be_nil
|
40
|
+
response.to_json.should_not be_nil
|
41
|
+
response.http_status_code.should == 200
|
42
|
+
end
|
43
|
+
|
44
|
+
it "should gracefully handle error responses from the server" do
|
45
|
+
Touchpass::Rp::Verification.should_receive(:post).and_return(dummy_response_error)
|
46
|
+
response = @verification.create('awilliams')
|
47
|
+
response.should_not be_nil
|
48
|
+
response.to_json.should_not be_nil
|
49
|
+
response.http_status_code.should == 500
|
50
|
+
end
|
51
|
+
|
52
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
require 'spec_helper.rb'
|
2
|
+
|
3
|
+
describe Touchpass do
|
4
|
+
|
5
|
+
it "should return the server base_uri" do
|
6
|
+
Touchpass.host = "touchpass.example.com"
|
7
|
+
Touchpass.port = 443
|
8
|
+
Touchpass.use_https = true
|
9
|
+
Touchpass.base_uri.should == "https://touchpass.example.com:443"
|
10
|
+
end
|
11
|
+
|
12
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# Geodica Touchpass
|
2
|
+
# (C) Copyright 2009-2012 Geodica, a Carpadium Pty Ltd Venture
|
3
|
+
# All rights reserved
|
4
|
+
|
5
|
+
require 'spec_helper'
|
6
|
+
|
7
|
+
describe "Touchpass Verification" do
|
8
|
+
|
9
|
+
before(:each) do
|
10
|
+
@device = {
|
11
|
+
'id' => 1,
|
12
|
+
'pub_key' => "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL2J74ey4flrTR4gK6MJgrwpsRq4RrsvHzv+2/tgcvAlNCXrYddc16IQ\nzy487ilZmHUF2ej9NtnsMucSbukjN0h06ntyHlTuuBVeEJAdnOHPUk5NIhYkMZ6w\nmdQTPd33gSmHtkJyorn1BvutzUsBmwcGxZ+0ADK0TwY6M/MRjjZ/AgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
|
13
|
+
}
|
14
|
+
end
|
15
|
+
|
16
|
+
it "should add messages" do
|
17
|
+
verification = Touchpass::Verification.new([@device])
|
18
|
+
verification.add_message("test")
|
19
|
+
verification.crypted_messages.count.should == 1
|
20
|
+
end
|
21
|
+
|
22
|
+
it "should create a location verification" do
|
23
|
+
verification = Touchpass::Verification.new([@device], :address => "29 foobar way, Australia")
|
24
|
+
end
|
25
|
+
|
26
|
+
end
|