wsoc 0.1.0 → 0.1.1

data.tar.gz.sig

@@ -1,4 +1,2 @@
-�~v��&����@�F`�6w�#p1Qf�&�3�X�.�E�CԧTh�
-&F�^���MF��,���!�ēe:c<�yo*~��*5�
-�6S����.�qbO�%��&<5���0>lp�����6�A���8�h�n���'�W��m<!X��i������B-����Y��ד.�Rf�^p���WQ��6"J,��5U͋��v��gK��6��q��� k�*X�ٞx�����Q=&�\�u����l���b�c*׈
-�
+���
+���
�B�����6�gt5�

data/History.rdoc

@@ -1,3 +1,15 @@
+=== 0.1.1 / 2010-01-06
+
+* Added WSOC::Specs.metadata.
+* Added WSOC::Specs.config.
+* Added {WSOC::Helpers::Authentication}.
+* Added a failing link to <tt>/course/remote/start.html</tt> with a bad TLD.
+* Added a failing link to <tt>/course/remote/start.html</tt> with the bad
+  IP address +191.255.0.0+.
+* Added <tt>/course/auth</tt> for testing spidering of HTTP Basic
+  Auth protected pages.
+  * Added auth store information to the metadata within the specs.
+
 === 0.1.0 / 2010-01-02
 
 * Initial release:

data/Manifest.txt

@@ -11,6 +11,7 @@ lib/wsoc/specs.rb
 lib/wsoc/course_specs.rb
 lib/wsoc/helpers.rb
 lib/wsoc/helpers/rendering.rb
+lib/wsoc/helpers/authentication.rb
 lib/wsoc/helpers/course.rb
 lib/wsoc/course.rb
 lib/wsoc/app.rb
@@ -39,4 +40,5 @@ views/course_remote_next.erb
 views/course_cookies_start.erb
 views/course_cookies_get.erb
 views/course_redirects_start.erb
+views/course_auth_start.erb
 views/welcome.erb

data/README.rdoc

@@ -22,7 +22,9 @@ the thoroughness and resilience of Web Spiders.
   * Remote links.
   * <tt>javascript:</tt> links.
   * Links within +frameset+ and +iframe+ tags.
+  * Cookie protected pages.
   * HTTP 300, 301, 302, 303 and 307 Redirects.
+  * HTTP Baisc Auth protected pages.
 
 == SYNOPSIS:
 

data/lib/wsoc/app.rb

@@ -37,7 +37,7 @@ module WSOC
     end
 
     get '/specs' do
-      @specs = specs
+      @specs = specs[:specs]
 
       show :specs
     end
@@ -125,23 +125,22 @@ module WSOC
       course_page :course_cookies_get
     end
 
-    get '/course/cookies/post.html' do
-      response.set_cookie 'auth_level', '2'
+    course_pass '/course/cookies/protected.html'
 
-      course_page :course_cookies_post
+    get '/course/auth/start.html' do
+      protected! do
+        course_page :course_auth_start
+      end
     end
 
-    post '/course/cookies/post.html' do
-      @authed = (request.cookies['auth_level'] == '2')
-
-      course_page :course_cookies_post
+    get '/course/auth/protected.html' do
+      protected! do
+        course_page :course_pass
+      end
     end
 
-    course_pass '/course/cookies/protected/1.html'
-
     get '/*' do
       redirect remote_url('/course/fail')
     end
-
   end
 end

data/lib/wsoc/config.rb

@@ -42,5 +42,9 @@ module WSOC
 
     # Path to the course failure page
     COURSE_FAIL_PATH = "#{COURSE_DIR}/fail"
+
+    # HTTP Basic Auth credential data
+    COURSE_AUTH_USER = 'admin'
+    COURSE_AUTH_PASSWORD = 'password'
   end
 end

data/lib/wsoc/course_specs.rb

@@ -19,6 +19,7 @@
 #
 
 require 'wsoc/specs'
+require 'wsoc/config'
 
 module WSOC
   module CourseSpecs
@@ -86,7 +87,11 @@ module WSOC
                  'should visit normal remote links'
     should_fail 'http://spidr.rubyforge.org:1337/course/remote/fail.html',
                 'should safely fail on closed ports'
-    should_fail 'http://not.found/course/remote/fail.html',
+    should_fail 'http://191.255.0.0/course/remote/fail.html',
+                'should safely fail on unreachable IP Addresses'
+    should_fail 'http://bad.tld/course/remote/fail.html',
+                'should safely fail on host-names with invalid TLDs'
+    should_fail 'http://bad.url.lol.com/course/remote/fail.html',
                 'should safely fail on bad host-names'
 
     # Cookies
@@ -94,7 +99,7 @@ module WSOC
                  'should visit the cookies start page'
     should_visit '/course/cookies/get.html',
                  'should visit the cookies GET request test page'
-    should_visit '/course/cookies/protected/1.html',
+    should_visit '/course/cookies/protected.html',
                  'should visit the first cookie protected page'
 
     # HTTP Redirects
@@ -120,5 +125,18 @@ module WSOC
                  'should visit the 307 HTTP redirect test page'
     should_visit '/course/redirects/307/pass.html',
                  'should follow HTTP 307 redirects'
+
+    config :auth_store, {
+      '/course/auth/' => {
+        :user, Config::COURSE_AUTH_USER,
+        :password, Config::COURSE_AUTH_PASSWORD
+      }
+    }
+
+    # HTTP Auth
+    should_visit '/course/auth/start.html',
+                 'should visit the HTTP Auth start page'
+    should_visit '/course/auth/protected.html',
+                 'should visit the HTTP Auth protected page'
   end
 end

data/lib/wsoc/helpers.rb

@@ -18,8 +18,9 @@
 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 #
 
-require 'wsoc/helpers/course'
+require 'wsoc/helpers/authentication'
 require 'wsoc/helpers/rendering'
+require 'wsoc/helpers/course'
 
 require 'rack'
 
@@ -28,6 +29,7 @@ module WSOC
     include Rack::Utils
     alias :h :escape_html
 
+    include Authentication
     include Rendering
     include Course
   end

data/lib/wsoc/helpers/authentication.rb

@@ -0,0 +1,64 @@
+#
+# WSOC - The Web Spider Obstacle Course
+#
+# Copyright (c) 2009-2010 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+
+module WSOC
+  module Helpers
+    module Authentication
+
+      #
+      # Protects an action by requiring HTTP Basic Access Authentication.
+      #
+      # @yield []
+      #   If a block is given, it will be called if the client is
+      #   authenticated.
+      #
+      # @since 0.1.1
+      #
+      def protected!(&block)
+        if authorized?
+          block.call() if block
+        else
+          response['WWW-Authenticate'] = %(Basic realm="HTTP Auth Test")
+          throw :halt, [401, "Not authorized\n"]
+        end
+      end
+
+      # 
+      # Checks to see if the requesting user is authorized.
+      #
+      # @return [Boolean]
+      #   Specifies whether or not the client is authenticated.
+      #
+      # @since 0.1.1
+      #
+      def authorized?
+        @auth ||=  Rack::Auth::Basic::Request.new(request.env)
+
+        @auth.provided? && \
+        @auth.basic? && \
+        @auth.credentials && \
+        @auth.credentials == [
+          WSOC::Config::COURSE_AUTH_USER,
+          WSOC::Config::COURSE_AUTH_PASSWORD
+        ]
+      end
+    end
+  end
+end

data/lib/wsoc/helpers/course.rb

@@ -141,7 +141,7 @@ module WSOC
       # @since 0.1.0
       #
       def specs
-        CourseSpecs.specs_for(request.host,request.port)
+        CourseSpecs.map(request.host,request.port)
       end
     end
   end

data/lib/wsoc/specs.rb

@@ -22,29 +22,44 @@ module WSOC
   module Specs
     def self.included(base)
       base.module_eval do
+        def self.hash
+          @@specs_hash ||= {}
+        end
+
         def self.specs
-          @@specs ||= []
+          self.hash[:specs] ||= []
+        end
+
+        def self.metadata
+          self.hash[:metadata] ||= {}
         end
 
         def self.should(behavior,options)
           self.specs << {:behavior => behavior}.merge(options)
         end
 
-        def self.specs_for(host,port=nil)
+        def self.map(host,port=nil)
           prefix = "http://#{host}"
           prefix << ":#{port}" if (port && port != 80)
 
-          self.specs.map do |spec|
-            unless spec[:url] =~ /^[a-zA-Z0-9]+:/
-              spec.merge(:url => prefix + spec[:url])
-            else
-              spec
-            end
-          end
+          return {
+            :metadata => self.metadata,
+            :specs => self.specs.map { |spec|
+              unless spec[:url] =~ /^[a-zA-Z0-9]+:/
+                spec.merge(:url => prefix + spec[:url])
+              else
+                spec
+              end
+            }
+          }
         end
 
         protected
 
+        def self.config(name,value)
+          self.metadata[name.to_sym] = value
+        end
+
         def self.should_visit(url,message=nil)
           self.should(:visit,:url => url, :message => message)
         end

data/lib/wsoc/version.rb

@@ -20,5 +20,5 @@
 
 module WSOC
   # wsoc version
-  VERSION = '0.1.0'
+  VERSION = '0.1.1'
 end

data/views/course_auth_start.erb

@@ -0,0 +1,13 @@
+<html>
+  <head>
+    <title><%= title_for 'HTTP Auth' %></title>
+  </head>
+
+  <body>
+    <p>HTTP Basic Auth</p>
+
+    <ul>
+      <li><a href="protected.html">should traverse pages that require authentication</a></li>
+    </ul>
+  </body>
+</html>

data/views/course_cookies_get.erb

@@ -6,7 +6,7 @@
   <body>
     <% if @authed %>
     <p>
-      <a href="protected/1.html">protected content</a>
+      <a href="protected.html">protected content</a>
     </p>
     <% end %>
   </body>

data/views/course_remote_start.erb

@@ -24,7 +24,15 @@
       </li>
 
       <li>
-        <a href="http://not.found/course/remote/fail.html">should ignore links that fail</a>
+        <a href="http://191.255.0.0/course/remote/fail.html">should ignore links with unreachable IP Addresses</a>
+      </li>
+
+      <li>
+        <a href="http://bad.tld/course/remote/fail.html">should ignore links with invalid TLDs</a>
+      </li>
+
+      <li>
+        <a href="http://bad.url.lol.com/course/remote/fail.html">should ignore links that fail</a>
       </li>
     </ul>
   </body>

data/views/course_start.erb

@@ -15,8 +15,10 @@
       <li><a href="empty/start.html">Empty links</a></li>
       <li><a href="javascript/start.html">Bogus JavaScript Links</a></li>
       <li><a href="frames/start.html">Frames</a></li>
+      <li><a href="auth/start.html">HTTP Auth</a></li>
       <li><a href="cookies/start.html">Cookies</a></li>
       <li><a href="redirects/start.html">HTTP Redirects</a></li>
+      <li><a href="auth/start.html">HTTP Auth</a></li>
     </ul>
   </body>
 </html>

data/views/layout.erb

@@ -16,7 +16,7 @@
 
     <div id="footer">
       <p><a href="http://github.com/postmodern/wsoc">Web Spider Obstacle Course</a> | Version <%= WSOC::VERSION %></p>
-      <p>Copyright &#169; 2009 Hal Brodigan</p>
+      <p>Copyright &#169; 2009-2010 Hal Brodigan</p>
       <p>Powered by <a href="http://www.ruby-lang.org/">Ruby</a> <%= RUBY_VERSION %> and <a href="http://www.sinatrarb.com/">Sinatra</a></p>
       <p>Made with <a href="http://www.vim.org/">Vim</a> | <a href="http://validator.w3.org/check?uri=referer">XHTML 1.1 Strict</a></p>
     </div>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: wsoc
 version: !ruby/object:Gem::Version 
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors: 
 - Postmodern
@@ -30,7 +30,7 @@ cert_chain:
   pDj+ws7QjtH/Qcrr1l9jfN0ehDs=
   -----END CERTIFICATE-----
 
-date: 2010-01-02 00:00:00 -08:00
+date: 2010-01-06 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -99,6 +99,7 @@ files:
 - lib/wsoc/course_specs.rb
 - lib/wsoc/helpers.rb
 - lib/wsoc/helpers/rendering.rb
+- lib/wsoc/helpers/authentication.rb
 - lib/wsoc/helpers/course.rb
 - lib/wsoc/course.rb
 - lib/wsoc/app.rb
@@ -127,6 +128,7 @@ files:
 - views/course_cookies_start.erb
 - views/course_cookies_get.erb
 - views/course_redirects_start.erb
+- views/course_auth_start.erb
 - views/welcome.erb
 has_rdoc: yard
 homepage: http://github.com/postmodern/wsoc