vault-tools 0.4.15 → 0.5.0

data/lib/vault-tools/version.rb

@@ -1,5 +1,5 @@
 module Vault
   module Tools
-    VERSION = '0.4.15'
+    VERSION = '0.5.0'
   end
 end

data/lib/vault-tools/web.rb

@@ -13,8 +13,8 @@ module Vault
     helpers do
       # Protects an http method.  Returns 401 Not Authorized response
       # when authorized? returns false
-      def protected!
-        unless authorized?
+      def protected!(*passwords)
+        unless authorized?(passwords)
           response['WWW-Authenticate'] = %(Basic realm="Restricted Area")
           throw(:halt, [401, "Not authorized\n"])
         end
@@ -22,10 +22,11 @@ module Vault
 
       # Check request for HTTP Basic creds and
       # password matches settings.basic_password
-      def authorized?
+      def authorized?(passwords)
+        passwords << settings.basic_password if passwords.empty?
         @auth ||= Rack::Auth::Basic::Request.new(request.env)
         @auth.provided? && @auth.basic? && @auth.credentials &&
-          @auth.credentials[1] == settings.basic_password
+          passwords.include?(@auth.credentials[1])
       end
     end
 

data/test/web_test.rb

@@ -10,6 +10,15 @@ class WebTest < Vault::TestCase
     @app ||= Class.new(Vault::Web)
   end
 
+  # Middleware is attached at load time, so we have to delete the Vault::Web
+  # class and reload it to simulate being loaded with different environment
+  # variables.
+  def reload_web!
+    # remove the constant to force a clean reload
+    Vault.send(:remove_const, 'Web')
+    load 'lib/vault-tools/web.rb'
+  end
+
   # Always reload the web class to eliminate test leakage
   def setup
     super
@@ -18,6 +27,11 @@ class WebTest < Vault::TestCase
     reload_web!
   end
 
+  def teardown
+    super
+    @app = nil
+  end
+
   def test_http_basic_auth
     app.set :basic_password, 'password'
     app.get '/protected' do
@@ -33,13 +47,41 @@ class WebTest < Vault::TestCase
     assert_equal 'You may pass', last_response.body
   end
 
-  # Middleware is attached at load time, so we have to delete the Vault::Web
-  # class and reload it to simulate being loaded with different environment
-  # variables.
-  def reload_web!
-    # remove the constant to force a clean reload
-    Vault.send(:remove_const, 'Web')
-    load 'lib/vault-tools/web.rb'
+  def test_http_basic_auth_with_alternate_password
+    app.set :basic_password, 'password'
+    app.get '/protected' do
+      protected!('leelu-dallas-multipass')
+      'You may pass'
+    end
+
+    get '/protected'
+    assert_equal 401, last_response.status
+    authorize('','password')
+    get '/protected'
+    assert_equal 401, last_response.status
+    authorize('','leelu-dallas-multipass')
+    get '/protected'
+    assert_equal 200, last_response.status
+    assert_equal 'You may pass', last_response.body
+  end
+
+  def test_http_basic_auth_with_two_passwords
+    app.set :basic_password, 'password'
+    app.get '/protected' do
+      protected!('leelu-dallas-multipass','password')
+      'You may pass'
+    end
+
+    get '/protected'
+    assert_equal 401, last_response.status
+    authorize('','password')
+    get '/protected'
+    assert_equal 200, last_response.status
+    assert_equal 'You may pass', last_response.body
+    authorize('','leelu-dallas-multipass')
+    get '/protected'
+    assert_equal 200, last_response.status
+    assert_equal 'You may pass', last_response.body
   end
 
   # An `http_200` and an `http_2xx` log metric is written for successful

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: vault-tools
 version: !ruby/object:Gem::Version
-  version: 0.4.15
+  version: 0.5.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-01-29 00:00:00.000000000 Z
+date: 2014-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: scrolls
@@ -239,7 +239,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2680217358305856175
+      hash: 4584414138595131643
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -248,7 +248,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2680217358305856175
+      hash: 4584414138595131643
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.23