touchpass 0.0.8.1 → 0.0.8.16

data/spec/curl.touchpass_client_spec-workingcontent.txt

@@ -0,0 +1,268 @@
+# ruby strings for the curl commands
+#
+#
+# Register Party
+#
+#
+
+# curlstr = 'curl -k -X POST -F "username=' user '"' '-F "email=' email '" -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
+
+curl -k -X POST -F "username=tpusery" -F "email=tpusery@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
+
+{
+    "id": 8,
+    "username": "tpusery",
+    "email": "tpusery@geodica.com",
+    "first_name": "",
+    "last_name": "",
+    "api_key": "CU2GxrYnqJJ7nMiyzG29",
+    "state": "created"
+}
+
+
+
+# attempting to register again
+# curlstr = 'curl -k -X POST -F "username=tpusera'"' '-F "email=' email '" -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
+curl -k -X POST -F "username=tpusery" -F "email=tpusery@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
+{
+    "errors": [
+      {"field": "email", "message": "has already been taken"},
+      {"field": "username", "message": "has already been taken"}
+    ]
+
+# attempting empty username
+# curlstr = 'curl -k -X POST -F "username='"' '-F "email=' email '" -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
+curl -k -X POST -F "username=" -F "email=tpuserz@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
+{
+    "errors": [
+      {"field": "username", "message": "can't be blank"},
+      {"field": "username", "message": "is too short (minimum is 4 characters)"}
+    ]
+
+
+}
+
+# attempting longer than 15 characters
+# curlstr = 'curl -k -X POST -F "username=longlonglonglonglonglonglonglongname'"' '-F "email=' email ' -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
+curl -k -X POST -F "username=longlonglonglonglonglonglonglongname" -F "email=tpuserz@geodica.com" -F "password=tpusery" "https://localhost:3999/parties.json"
+{
+    "errors": [
+      {"field": "username", "message": "is too long (maximum is 15 characters)"}
+    ]
+}
+
+
+# attempting empty email address
+# curlstr = 'curl -k -X POST -F "username=testnameok'"' '-F "email="' -F "password=' password '" "#{DFT_HOSTNAME}//parties.json"'
+curl -k -X POST -F "username=testnameok" -F "email=" -F "password=tpusery" "https://localhost:3999/parties.json"
+{
+    "errors": [
+      {"field": "email", "message": "can't be blank"}
+    ]curl -k -X POST -F "username=tpusery" -F "email=tpusery@geodica.com" -F "password=" "https://localhost:3999/parties.json"
+curl -k -X POST -F "username=tpuserz" -F "email=tpuserz@geodica.com" -F "password=" "https://localhost:3999/parties.json"
+{
+    "errors": [
+      {"field": "password", "message": "can't be blank"}
+    ]
+}
+}
+
+
+# attempting with empty password
+# curlstr = 'curl -k -X POST -F "username=' user'"' '-F "email="' -F "password=" "#{DFT_HOSTNAME}//parties.json"'
+curl -k -X POST -F "username=tpuserz" -F "email=tpuserz@geodica.com" -F "password=" "https://localhost:3999/parties.json"
+{
+    "errors": [
+      {"field": "password", "message": "can't be blank"}
+    ]
+}
+
+
+
+
+
+
+#
+#Authenticate
+#
+
+	 #
+	 # curlstr = 'curl -X POST -d "login=' username '" -d "password=' username '" "#{DFT_HOSTNAME}/parties/authenticate.json"'
+	 #
+#	 curl -k -X POST -d "login=tpusera" -d "password=tpusera" "https://localhost:3999/parties/authenticate.json"
+#{
+#    "id": 3,
+#    "username": "tpusera",
+#    "email": "tpusera@geodica.com",
+#    "first_name": "Tpuser",
+#    "last_name": "A",
+#    "api_key": "zEHFEvT7V99uQoQ4enZX",
+#    "state": "active"
+#}
+
+
+#Authenticate with blank login name
+curl -k -X POST -d "login=" -d "password=tpusera" "https://localhost:3999/parties/authenticate.json"
+{
+    "errors": [
+      {"message": "Invalid login or password"}
+    ]
+}
+
+
+#Authenticate with name > 15
+curl -k -X POST -d "login=longlonglonglonglonglonglonglongname" -d "password=tpusera" "https://localhost:3999/parties/authenticate.json"
+{
+    "errors": [
+      {"message": "Invalid login or password"}
+    ]
+}
+
+
+#
+# Validate API Key for registere user
+#
+# get party
+#
+#
+# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey  '" "#{DFT_HOSTNAME}//parties/10.json"'
+#
+curl -k -X GET -H "X-TouchPass-ApiKey:ug8VHKNRsFoDPLHBA549"  "https://localhost:3999/parties/10.json"
+{
+    "id": 10,
+    "username": "tpuserab",
+    "email": "tpuserab@geodica.com",
+    "first_name": "",
+    "last_name": "",
+    "state": "created"
+    ,"devices": [
+    ]
+}
+
+
+#
+# Make changes to a registered party. update party
+#
+# TBC: do we need a test in here to see if you can rename the username to the same as another already registered name
+#
+#
+# curlstr = 'curl -k -X PUT -H "X-TouchPass-ApiKey:" ' apikey '" -d "firstname=' newname '" "#{DFT_HOSTNAME}/tpuserab.json"'
+#
+curl -k -X PUT -H "X-TouchPass-ApiKey:ug8VHKNRsFoDPLHBA549" -d "first_name=new" "https://localhost:3999/tpuserab.json"
+{
+    "id": 10,
+    "username": "tpuserab",
+    "email": "tpuserab@geodica.com",
+    "first_name": "new",
+    "last_name": "",
+    "state": "created"
+    ,"devices": [
+    ]
+}
+
+
+#
+#
+# Validate additiona of new devices
+
+#
+#
+# add device
+#
+# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '"  "#{DFT_HOSTNAME}/' username '/devices.json"'
+#
+# #todo need to setup the params for this string
+# -F "name=" newdevicename
+# -F "udid=" randomstring1
+# -F "pub_key=" randomstring2
+# -F "messaging_value=" randomstring3
+# -F "app_id=geodica.touchpass.client.app-R100"
+#
+curl -k -X POST -H "X-TouchPass-ApiKey: zEHFEvT7V99uQoQ4enZX" -F "name=Tpusera Device Test" -F "udid=747c2098adsrjlakfjlaskdfjlj77f3b3f5e2c3b" -F "pub_key=-----BEGIN RSA PUBLIC KEY-----MIGJAoGBAMa0TaTSmYC5xkWLBdffcTe2wJ8ebv0COONbWTb0iZVBG3NwC0WfqATHdDEQfAKPeTxH1xte5U+o5Bl3NQRGOeeQPsZTOZkENIe1C560Ehx/swUyDiW4Z5a2OKFQqLqt8u2LyUmhVZv6bpfBTL6HcWh+rrOZN6RasBbi/GJEndxrAgMBAAE=-----END RSA PUBLIC KEY-----" -F "messaging_type=apn-development" -F "messaging_value=8ca4329cc55bf98f6c81e4ff443201cb03a0e8d4afbd07bea159194bf29ea8a0" -F "app_id=geodica.touchpass.client.app-R100" "https://localhost:3999/tpusera/devices.json"
+{
+    "id": 6,
+    "udid": "747c2098adsrjlakfjlaskdfjlj77f3b3f5e2c3b",
+    "name": "Tpusera Device Test",
+    "pub_key": "-----BEGIN RSA PUBLIC KEY-----MIGJAoGBAMa0TaTSmYC5xkWLBdffcTe2wJ8ebv0COONbWTb0iZVBG3NwC0WfqATHdDEQfAKPeTxH1xte5U+o5Bl3NQRGOeeQPsZTOZkENIe1C560Ehx/swUyDiW4Z5a2OKFQqLqt8u2LyUmhVZv6bpfBTL6HcWh+rrOZN6RasBbi/GJEndxrAgMBAAE=-----END RSA PUBLIC KEY-----",
+    "app_id": "geodica.touchpass.client.app-R100"
+}
+
+
+#
+# get devices
+#
+# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '"  "#{DFT_HOSTNAME}/' username '/devices.json"'
+#
+curl -k -X GET -H "X-TouchPass-ApiKey:8rm2JYjzVfeFHpAaJTwM"  "https://localhost:3999/tpusera/devices.json"
+{
+    "devices": [
+      {
+    "id": 4,
+    "udid": "62dae634ab99a2b69cfb01c6e18ea7d6841c93cc",
+    "name": "Ben’s iPhone",
+    "pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAMNH6Z8oZxCZKhWnBuLqfx21S2QMl8FBY7+RIaBIiCXigBY6aL6GD5yT\nw67l3piUfJg3dzobEBh0mwhxy0JC4jPDX1f9BF5colJ9eI2E+xzZ7RJT/HDZLlR1\nB/+2vVUXjNOk8j43ZQg7tLnU3/B5s7n7SoHFC7VSgWPNqC72DhjNAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
+    "app_id": "geodica.touchpass.client.app-R100"
+},
+      {
+    "id": 2,
+    "udid": "3b3f5e2c3b747c37dc35148398e77fb66830e921",
+    "name": "Tpusera Device 2",
+    "pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL6Doy1emQcTVuNfaqClPGQosuEsbkmHYIAzDpeltT10CPhpt5j7441O\nNGjlxirYb/PkvRNjzCxh2fUAcLnbXPgaeYqFg1yXSlmwIM5wVzPJPMRCzoWxLY4g\nvNpTahG/X+ydAy0AeVI7CGFlljaWCdX25FKLucjfUEpL+qccoITLAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
+    "app_id": "seeds"
+},
+      {
+    "id": 1,
+    "udid": "747c37dc35b66830e921148398e77f3b3f5e2c3b",
+    "name": "Tpusera Device 1",
+    "pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBALufhXKqGqe1OL0KZ09xI029GnYzWTZtsUXqLXXGv++jN1KgkPTxrxll\nJ35i7UFN9eryNj3IX34BN0FmF5o3FqrQdpmVSA5TI4a4qb9DMfeJjfp6uqx+MWUw\nk4Pq7z3SGEv7jvLB5AY0ntuMSgluhqLWhZ8phaE2iWZQ8CL2tnRVAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
+    "app_id": "seeds"
+}
+    ]
+}
+
+#
+# get details of a specific device for a user
+#
+# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '"  "#{DFT_HOSTNAME}/' username '/devices/' deviceid '.json"'
+#
+curl -k -X GET -H "X-TouchPass-ApiKey:8rm2JYjzVfeFHpAaJTwM"  "https://localhost:3999/tpusera/devices/4.json"
+{
+    "id": 4,
+    "udid": "62dae634ab99a2b69cfb01c6e18ea7d6841c93cc",
+    "name": "Ben’s iPhone",
+    "pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAMNH6Z8oZxCZKhWnBuLqfx21S2QMl8FBY7+RIaBIiCXigBY6aL6GD5yT\nw67l3piUfJg3dzobEBh0mwhxy0JC4jPDX1f9BF5colJ9eI2E+xzZ7RJT/HDZLlR1\nB/+2vVUXjNOk8j43ZQg7tLnU3/B5s7n7SoHFC7VSgWPNqC72DhjNAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
+    "app_id": "geodica.touchpass.client.app-R100"
+}
+
+
+#
+# get details of a specific device AS a user
+#
+#
+# note: apikey must be of a user for which a device matches (e.g. add it before!?!)
+# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '"  "#{DFT_HOSTNAME}/devices/' deviceid '.json"'
+#
+curl -k -X GET -H "X-TouchPass-ApiKey:zEHFEvT7V99uQoQ4enZX"  "https://localhost:3999/devices/1.json"
+{
+    "id": 1,
+    "udid": "747c37dc35b66830e921148398e77f3b3f5e2c3b",
+    "name": "Tpusera Device 1",
+    "pub_key": "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBALufhXKqGqe1OL0KZ09xI029GnYzWTZtsUXqLXXGv++jN1KgkPTxrxll\nJ35i7UFN9eryNj3IX34BN0FmF5o3FqrQdpmVSA5TI4a4qb9DMfeJjfp6uqx+MWUw\nk4Pq7z3SGEv7jvLB5AY0ntuMSgluhqLWhZ8phaE2iWZQ8CL2tnRVAgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
+    "app_id": "seeds"
+}
+
+#
+# get device, no such device
+#
+# curlstr = 'curl -k -X GET -H "X-TouchPass-ApiKey:" ' apikey '"  "#{DFT_HOSTNAME}/' username '/devices/999.json"'
+#
+curl -k -X GET -H "X-TouchPass-ApiKey:8rm2JYjzVfeFHpAaJTwM"  "https://localhost:3999/tpusera/devices/999.json"
+{
+    "errors": [
+      {"message": "Device cannot be found"}
+    ]
+}
+
+#
+# add a new device
+#

data/spec/spec_helper.rb

@@ -5,7 +5,9 @@
 #
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 
+require 'cover_me'
 SPEC_KEYS_PATH = File.join(ENV['HOME'], ".touchpass", "certs_spec")
+require 'touchpass'
 
 RSpec.configure do |config|
   config.treat_symbols_as_metadata_keys_with_true_values = true
@@ -22,3 +24,10 @@ end
 
 require 'helpers/gtp_spec_helper'
 require 'helpers/client_spec_helper'
+
+def expect_response_error(response, field = nil, error = nil)
+  response.should_not be_nil
+  #p response
+  response['errors'].should_not be_nil
+end
+

data/spec/touchpass_client_spec.rb

@@ -28,8 +28,9 @@ describe "Touchpass Client" do
   
   # Ensure that we can register a new party
   context "Register Party" do
+
     it "should allow a party to register with valid username, email and password" do
-      username  = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      username  = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       email     = "#{username}@geodica.com"
       password  = "#{username}"
       new_party = tpclient.register_party(:email => email, :username => username, :password => password)
@@ -39,58 +40,47 @@ describe "Touchpass Client" do
       new_party['state'   ].should == 'created'
       new_party['api_key' ].should_not be nil  
     end
+
     it "should not allow a party to register with an empty username" do
       username  = ""
       email     = "#{username}@geodica.com"
       password  = "password"
-      new_party  = tpclient.register_party(:email => email, :username => username, :password => password)
-      new_party['id'      ].should be nil
-      new_party['username'].should == ["can't be blank", "is too short (minimum is 4 characters)"]
-      new_party['email'   ].should == ['is invalid']
-      new_party['state'   ].should be nil
-      new_party['api_key' ].should be nil  
+      response = tpclient.register_party(:email => email, :username => username, :password => password)
+      expect_response_error(response, :username, "can't be blank")
+      expect_response_error(response, :email, "is invalid")
     end    
+
     it "should not allow a party to register with an username > 15" do
-      username  = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)}"
+      username  = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)}"
       username.length.should be >= 15
       email     = "#{username}@geodica.com"
       password  = "password"
       new_party  = tpclient.register_party(:email => email, :username => username, :password => password)
-      new_party['id'      ].should be nil
-      new_party['username'].should == ["is too long (maximum is 15 characters)"]
-      new_party['email'   ].should be nil
-      new_party['state'   ].should be nil
-      new_party['api_key' ].should be nil  
+      expect_response_error(new_party, :username, "is too long (maximum is 15 characters)")
     end    
+
     it "should not allow a party to register with an empty email address" do
-      username  = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      username  = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       email     = ""
       password  = "#{username}"
-      new_party  = tpclient.register_party(:email => email, :username => username, :password => password)
-      new_party['id'      ].should be nil
-      new_party['username'].should be nil
-      new_party['email'   ].should == ['can\'t be blank']
-      new_party['state'   ].should be nil
-      new_party['api_key' ].should be nil  
+      response = tpclient.register_party(:email => email, :username => username, :password => password)
+      expect_response_error(response, :email, "can't be blank")
     end
+
     it "should not allow a party to register with an empty password" do
-      username  = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      username  = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       email     = "#{username}@geodica.com"
       password  = ""
-      new_party  = tpclient.register_party(:email => email, :username => username, :password => password)
-      new_party['id'      ].should be nil
-      new_party['username'].should be nil
-      new_party['email'   ].should be nil
-      new_party['state'   ].should be nil
-      new_party['api_key' ].should be nil  
-    end        
+      response = tpclient.register_party(:email => email, :username => username, :password => password)
+      expect_response_error(response, :password, "can't be blank")
+    end 
   end
   
   # Check that a new rego provides an API key and that we can use the API key to access info
   context "Validate api_key for newly registered user" do
     it "should provide a valid API key that can be used to access the party record" do
       # create a new party and get that party's api_key
-      username  = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      username  = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       email     = "#{username}@geodica.com"
       password  = "#{username}"
       new_party  = tpclient.register_party(:email => email, :username => username, :password => password)
@@ -121,7 +111,7 @@ describe "Touchpass Client" do
   context "Make changes to a registered party" do
     it "should allow changes to be made to a party" do
       # create a new party and get that party's api_key
-      username  = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      username  = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       email     = "#{username}@geodica.com"
       password  = "#{username}"
       new_party  = tpclient.register_party(:email => email, :username => username, :password => password)
@@ -140,7 +130,7 @@ describe "Touchpass Client" do
   # Validate addition of new devices
   context "Add, get and update a device" do
     before(:each) do
-      @username   = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      @username   = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       @email      = "#{@username}@geodica.com"
       @password   = "#{@username}"
       @new_party  = tpclient.register_party(:email => @email, :username => @username, :password => @password)
@@ -153,9 +143,11 @@ describe "Touchpass Client" do
     
     it "should allow for the addition and retrieval of a new device" do
       # create a new device for this party
-      udid            = Touchpass::Crypt.encrypt(Touchpass::Crypt.salt) # a random string
-      messaging_value = Touchpass::Crypt.encrypt(Touchpass::Crypt.salt) # another random string
+      udid            = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # a random string
+      messaging_value = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # another random string
+      app_id =  "touchpass_client_spec"
       new_device = tpclient.register_device(:username        => @new_party['username'],
+                                            :app_id        => app_id,
                                             :udid            => udid, 
                                             :name            => "#{@username}'s Device",
                                             :messaging_type  => 'apn-development', 
@@ -163,6 +155,7 @@ describe "Touchpass Client" do
                                              
       new_device['id'     ].should_not be nil
       new_device['udid'   ].should == udid     
+      new_device['app_id'].should == app_id
       new_device['name'   ].should == "#{@username}'s Device"
       new_device['pub_key'].should_not be nil
 
@@ -186,10 +179,11 @@ describe "Touchpass Client" do
     end
     
     it "should allow for removal of a device by id" do
-      udid            = Touchpass::Crypt.encrypt(Touchpass::Crypt.salt) # a random string
-      messaging_value = Touchpass::Crypt.encrypt(Touchpass::Crypt.salt) # another random string      
+      udid            = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # a random string
+      messaging_value = Touchpass::Crypt.hash(Touchpass::Crypt.salt) # another random string      
       
       new_device = tpclient.register_device(:username        => @new_party['username'], 
+                                            :app_id       => "touchpass_client_spec",
                                             :udid            => udid, 
                                             :name            => "#{@username}'s Device",
                                             :messaging_type  => 'apn-development', 
@@ -204,9 +198,9 @@ describe "Touchpass Client" do
       retrieved_devices['devices'].size.should be 0
       
       retrieved_device = tpclient.get_device(:username => @username, :id => new_device['id'])
-      retrieved_device['errors'].should_not be nil
+      expect_response_error(retrieved_device)
     end
-    
+
   end
 
   # Work with verifications
@@ -216,23 +210,24 @@ describe "Touchpass Client" do
       @rp_client = Touchpass::Client.new(TPC_HOSTNAME, TPC_DEBUG)
 
       # create a new verifying party
-      @vp_username   = "tp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      @vp_username   = "tp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       @vp_email      = "#{@vp_username}@geodica.com"
       @vp_password   = "#{@vp_username}"
       @new_vp        = @vp_client.register_party(:email => @vp_email, :username => @vp_username, :password => @vp_password)
       
       # create a new relying party
-      @rp_username   = "rp#{Touchpass::Crypt.encrypt(Touchpass::Crypt.salt)[0..12]}"
+      @rp_username   = "rp#{Touchpass::Crypt.hash(Touchpass::Crypt.salt)[0..12]}"
       @rp_email      = "#{@rp_username}@geodica.com"
       @rp_password   = "#{@rp_username}"
       @new_rp        = @rp_client.register_party(:email => @rp_email, :username => @rp_username, :password => @rp_password)      
       
       # add a device to the VP
       @new_device = @vp_client.register_device(:username        => @new_vp['username'], 
-                                             :udid            => Touchpass::Crypt.encrypt(Touchpass::Crypt.salt), 
+                                             :app_id  => "touchpass_client_spec",
+                                             :udid            => Touchpass::Crypt.hash(Touchpass::Crypt.salt), 
                                              :name            => "#{@username}'s Device",
                                              :messaging_type  => 'apn-development', 
-                                             :messaging_value => Touchpass::Crypt.encrypt(Touchpass::Crypt.salt) )                                                       
+                                             :messaging_value => Touchpass::Crypt.hash(Touchpass::Crypt.salt) )                                                       
     end
 
     it "should create the new rp and vp to work with" do
@@ -257,7 +252,7 @@ describe "Touchpass Client" do
       verification['id'                            ].should_not be nil
       verification['reference'                     ].should_not be nil
       verification['requested_at'                  ].should_not be nil
-      verification['responded_at'                  ].should_not be nil
+      #verification['responded_at'                  ].should_not be nil
       verification['from_party']['id'              ].should == @new_rp['id'      ]
       verification['from_party']['username'        ].should == @new_rp['username']      
       verification['to_party'  ]['id'              ].should == @new_vp['id'      ]
@@ -307,12 +302,11 @@ describe "Touchpass Client" do
       updated_verification['responded_at'].should_not be nil
       
       # We should *not* be able to canel or reject this verification since it's already been validated
-      cancelled_verification = @vp_client.cancel_verification(:id => verification['id'])
-      
-      cancelled_verification['base'][0].should == "Verification has already been responded"
-      rejected_verification = @vp_client.reject_verification(:id => verification['id'])
-      
-      rejected_verification['base'][0].should == "Verification has already been responded"
+      response = @vp_client.cancel_verification(:id => verification['id'])
+      expect_response_error(response, :base, "Verification has already been responded")
+
+      response = @vp_client.reject_verification(:id => verification['id'])      
+      expect_response_error(response, :base, "Verification has already been responded")
     end
   end
 

data/spec/touchpass_crypt_spec.rb

@@ -0,0 +1,27 @@
+# Geodica Touchpass
+# (C) Copyright 2009-2012 Geodica, a Carpadium Pty Ltd Venture
+# All rights reserved
+
+require 'spec_helper'
+
+describe Touchpass::Crypt do
+
+  before(:each) do 
+    @key = Touchpass::Crypt.generate_encryption_key
+  end
+
+  it "should encrypt data" do
+    encrypted_data = Touchpass::Crypt.encrypt("data", @key)
+    encrypted_data.should_not be_nil
+  end
+
+  it "should decrypt encrypted data" do
+    # test message not a multiple of 32 bytes (test padding)
+    message = "test data to encrypt abcabcabcabc"
+    (message.length % 32).should_not == 0
+    encrypted_data = Touchpass::Crypt.encrypt(message, @key)
+    data = Touchpass::Crypt.decrypt(encrypted_data, @key)
+    data.should == message
+  end
+
+end

data/spec/touchpass_rp_verification_spec.rb

@@ -0,0 +1,52 @@
+
+require 'spec_helper'
+
+describe "Touchpass:Rp::Verification" do
+
+  before(:each) do
+    @verification = Touchpass::Rp::Verification.new
+    @pub_key = "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL2J74ey4flrTR4gK6MJgrwpsRq4RrsvHzv+2/tgcvAlNCXrYddc16IQ\nzy487ilZmHUF2ej9NtnsMucSbukjN0h06ntyHlTuuBVeEJAdnOHPUk5NIhYkMZ6w\nmdQTPd33gSmHtkJyorn1BvutzUsBmwcGxZ+0ADK0TwY6M/MRjjZ/AgMBAAE=\n-----END RSA PUBLIC KEY-----\n"
+
+    @devices = { 'devices' => [{ 'id' => "1", 'pub_key' => @pub_key }] }
+    @devices_response = mock(:response)
+    @devices_response.stub!(:code).and_return(200)
+    @devices_response.stub!(:parsed_response).and_return(@devices)
+  end
+
+  def dummy_response
+    parsed_response = {"id"=>6, "uuid"=>"b76b6016-aa06-11e1-8aac-d49a20f34512", "reference"=>"68e7", "requested_at"=>"2012-05-30T03:22:42Z", "responded_at"=>nil, "from_party"=>{"id"=>19, "username"=>"awilliams"}, "to_party"=>{"id"=>19, "username"=>"awilliams"}, "location_verification"=>nil, "resolution"=>"", "location_verified"=>nil, "crypted_tokens"=>[{"id"=>6, "device_id"=>12, "value"=>"Ylqyi4LQZLvk1U4/TkvRl/WOuALbiWZrhi1Kf1fmeKZLGydc3+3U9wJa/MNZZffh5Z8IxcifLsUJDCBSSlhy8K5gxvTiDRhfe401jjnoxT9vwZv1Sak9BX+49JRaZ/TwYtH5Zyk/K1l+nb5rgX5CgLYrscU64EBb1r5RQnRIzyA="}], "crypted_salts"=>[], "crypted_messages"=>[], "state"=>"created"}
+    response = mock(:response)
+    response.should_receive(:parsed_response).and_return(parsed_response)
+    response.should_receive(:code).and_return(200)
+    Touchpass::Rp::Device.should_receive(:get).and_return(@devices_response)
+    Touchpass::Rp::Verification.stub!(:post).and_return(response)
+    response
+  end
+
+  def dummy_response_error
+    parsed_response = "some error occurred"  # string
+    response = mock(:response)
+    response.should_receive(:parsed_response).and_return(parsed_response)
+    response.should_receive(:code).and_return(500)
+    Touchpass::Rp::Device.should_receive(:get).and_return(@devices_response)
+    Touchpass::Rp::Verification.stub!(:post).and_return(response)
+    response
+  end
+
+  it "should create a new verification" do
+    Touchpass::Rp::Verification.should_receive(:post).and_return(dummy_response)
+    response = @verification.create('awilliams')
+    response.should_not be_nil
+    response.to_json.should_not be_nil
+    response.http_status_code.should == 200
+  end
+
+  it "should gracefully handle error responses from the server" do
+    Touchpass::Rp::Verification.should_receive(:post).and_return(dummy_response_error)
+    response = @verification.create('awilliams')
+    response.should_not be_nil
+    response.to_json.should_not be_nil
+    response.http_status_code.should == 500
+  end
+
+end

data/spec/touchpass_spec.rb

@@ -0,0 +1,12 @@
+require 'spec_helper.rb'
+
+describe Touchpass do
+
+  it "should return the server base_uri" do
+    Touchpass.host = "touchpass.example.com"
+    Touchpass.port = 443
+    Touchpass.use_https = true
+    Touchpass.base_uri.should == "https://touchpass.example.com:443"
+  end
+
+end

data/spec/touchpass_verification_spec.rb

@@ -0,0 +1,26 @@
+# Geodica Touchpass
+# (C) Copyright 2009-2012 Geodica, a Carpadium Pty Ltd Venture
+# All rights reserved
+
+require 'spec_helper'
+
+describe "Touchpass Verification" do
+  
+  before(:each) do 
+    @device = {
+      'id' => 1,
+      'pub_key' =>  "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL2J74ey4flrTR4gK6MJgrwpsRq4RrsvHzv+2/tgcvAlNCXrYddc16IQ\nzy487ilZmHUF2ej9NtnsMucSbukjN0h06ntyHlTuuBVeEJAdnOHPUk5NIhYkMZ6w\nmdQTPd33gSmHtkJyorn1BvutzUsBmwcGxZ+0ADK0TwY6M/MRjjZ/AgMBAAE=\n-----END RSA PUBLIC KEY-----\n",
+    }
+  end
+
+  it "should add messages" do
+    verification = Touchpass::Verification.new([@device])
+    verification.add_message("test")
+    verification.crypted_messages.count.should == 1
+  end
+
+  it "should create a location verification" do
+    verification = Touchpass::Verification.new([@device], :address => "29 foobar way, Australia")
+  end
+
+end