xplenty-kensa 1.4.5

data/test/options_parsing_test.rb

@@ -0,0 +1,65 @@
+require 'test/helper'
+
+class OptionParsingTest < Test::Unit::TestCase 
+  include Xplenty::Kensa
+  include FsMock
+
+  def options_for_cmd(string)
+    client = Client.new(string.split)
+    options = client.options[:options]
+  end
+
+  test "parameters get forwarded to provider" do
+    Artifice.activate_with(lambda { |env|
+      params = OkJson.decode env['rack.input'].read
+      options = params['options']
+      assert_equal 'true', options['foo']
+      assert_equal 'baz', options['bar']
+      assert_equal 'baz', options['fap']
+      [201, {}, 'hello']
+    }) do 
+      kensa "init --sso get"
+      kensa "test provision --foo --bar=baz --fap baz"
+    end
+  end
+
+  def assert_normal_options(options)
+    assert_equal true,   options[:async]
+    assert_equal 'true', options[:options]['foo']
+    assert_equal 'foo',  options[:plan]
+    assert_equal 'foo.json',   options[:filename]
+    assert_equal 'production', options[:env] 
+  end
+
+  test "leaves normal args alone" do
+    cmd = "test provision --foo --production --async --file foo.json --plan foo"
+    assert_normal_options Client.new(cmd.split).options
+  end
+
+  test "works with single dash -s tyle flags" do
+    cmd = "test provision --foo --production --async -f foo.json -p foo"
+    assert_normal_options Client.new(cmd.split).options
+  end
+
+  test "parsing --flag" do
+    options = options_for_cmd("test provision --foo")
+    assert_equal 'true', options['foo']
+  end
+
+  test "parsing --flag=value" do
+    options = options_for_cmd("test provision --foo=bar")
+    assert_equal 'bar', options['foo']
+  end
+
+  test "parsing --flag value" do
+    options = options_for_cmd("test provision --foo bar")
+    assert_equal 'bar', options['foo']
+  end
+
+  test "parsing mixed" do
+    options = options_for_cmd("test provision --foo --bar foo --baz")
+    assert_equal 'true', options['foo']
+    assert_equal 'true', options['baz']
+    assert_equal 'foo',  options['bar']
+  end
+end

data/test/plan_change_check_test.rb

@@ -0,0 +1,32 @@
+require 'test/helper'
+
+class PlanChangeCheckTest < Test::Unit::TestCase
+  include Xplenty::Kensa
+  include ProviderMock
+
+  %w{get post}.each do |method|
+    context "with sso #{method}" do
+      setup do
+        @data = Manifest.new(:method => method).skeleton.merge :id => 123, :plan => 'premium'
+        @data['api']['password'] = 'secret'
+      end
+
+      def check ; PlanChangeCheck ; end
+
+      test "working plan change call" do
+        use_provider_endpoint "working"
+        assert_valid
+      end
+
+      test "detects invalid status" do
+        use_provider_endpoint "invalid-status"
+        assert_invalid
+      end
+
+      test "detects missing auth" do
+        use_provider_endpoint "invalid-missing-auth"
+        assert_invalid
+      end
+    end
+  end
+end

data/test/provision_check_test.rb

@@ -0,0 +1,64 @@
+require 'test/helper'
+
+class ProvisionCheckTest < Test::Unit::TestCase
+  include Xplenty::Kensa
+  include ProviderMock
+
+  def check ; ProvisionCheck ; end
+
+  ['get', 'post'].each do |method| 
+    context "with sso #{method}" do
+      setup do
+        @data = Manifest.new(:method => method).skeleton
+        @data['api']['password'] = 'secret'
+      end
+
+      test "trims url" do
+        c = check.new(@data)
+        assert_equal c.url, 'http://localhost:4567' 
+      end
+
+      test "working provision call" do
+        use_provider_endpoint "working"
+        assert_valid
+      end
+
+      test "provision call with extra params" do
+        use_provider_endpoint "cmd-line-options"
+        @data[:options] = {:foo => 'bar', :bar => 'baz'}
+        assert_valid
+      end
+
+      # OkJson doesn't handle short strings correctly
+      test "doesn't choke on foo" do
+        use_provider_endpoint "foo"
+        assert_invalid
+      end
+
+      test "detects invalid JSON" do
+        use_provider_endpoint "invalid-json"
+        assert_invalid
+      end
+
+      test "detects invalid response" do
+        use_provider_endpoint "invalid-response"
+        assert_invalid
+      end
+
+      test "detects invalid status" do
+        use_provider_endpoint "invalid-status"
+        assert_invalid
+      end
+
+      test "detects missing id" do
+        use_provider_endpoint "invalid-missing-id"
+        assert_invalid
+      end
+
+      test "detects missing auth" do
+        use_provider_endpoint "invalid-missing-auth"
+        assert_invalid
+      end
+    end
+  end
+end

data/test/provision_response_check_test.rb

@@ -0,0 +1,81 @@
+require 'test/helper'
+
+class ProvisionResponseCheckTest < Test::Unit::TestCase
+  include Xplenty::Kensa
+
+  def check ; ProvisionResponseCheck ; end
+
+  setup do
+    @response = { "id" => "123", 
+                  "config" => {
+                    "MYADDON_URL" => "http://example.com/resource",
+                    "MYADDON_CONFIG" => "value" 
+                }}
+    @data = Manifest.new.skeleton.merge(:provision_response => @response)
+    @data['api']['config_vars'] << "MYADDON_CONFIG"
+  end
+
+  test "is valid if no errors" do
+    assert_valid
+  end
+
+  test "has an id" do
+    @response.delete("id")
+    assert_invalid
+  end
+
+  describe "when config is present" do
+
+    test "is a hash" do
+      @response["config"] = ""
+      assert_invalid
+    end
+
+    test "each key is previously set in the manifest" do
+      @response["config"]["MYSQL_URL"] = "http://..." 
+      assert_invalid
+    end
+
+    test "each value is a string" do
+      @response["config"]["MYADDON_URL"] = {} 
+      assert_invalid
+    end
+
+    test "asserts _URL vars are valid URIs" do
+      @response["config"]["MYADDON_URL"] = "abc:" 
+      assert_invalid
+    end
+
+    test "asserts _URL vars have a host" do
+      @response["config"]["MYADDON_URL"] = "path" 
+      assert_invalid
+    end
+
+    test "asserts _URL vars have a scheme" do
+      @response["config"]["MYADDON_URL"] = "//host/path" 
+      assert_invalid
+    end
+
+    test "doesn't run URI test against other vars" do
+      @response["config"]['MYADDON_CONFIG'] = "abc:"
+      assert_valid
+    end
+
+    test "doesn't allow localhost URIs on production" do
+      @data[:env] = 'production'
+      @response["config"]["MYADDON_URL"] = "http://localhost/abc" 
+      assert_invalid
+    end
+
+    test "asserts all vars in manifest are in response" do
+      @response["config"].delete('MYADDON_CONFIG')
+      assert_invalid
+    end
+
+    test "is valid otherwise" do
+      @response["config"]["MYADDON_URL"] = "http://localhost/abc" 
+      assert_valid
+    end
+  end
+
+end

data/test/resources/runner.rb

@@ -0,0 +1 @@
+exit(1) if ARGV.first == 'fail'

data/test/resources/server.rb

@@ -0,0 +1,237 @@
+require 'rubygems'
+require 'sinatra/base'
+
+class Hash
+  def to_json
+    OkJson.encode(self)
+  end
+end
+
+class ProviderServer < Sinatra::Base
+helpers do
+  def xplenty_only!
+    unless auth_xplenty?
+      response['WWW-Authenticate'] = %(Basic realm="Kensa Test Server")
+      unauthorized!(401)
+    end
+  end
+
+  def auth_xplenty?
+    @auth ||=  Rack::Auth::Basic::Request.new(request.env)
+    @auth.provided? && @auth.basic? && @auth.credentials && @auth.credentials == ['myaddon', 'secret']
+  end
+
+  def unauthorized!(status=403)
+    throw(:halt, [status, "Not authorized\n"])
+  end
+
+  def make_token
+    Digest::SHA1.hexdigest([params[:id], 'SSO_SALT', params[:timestamp]].join(':'))
+  end
+
+  def json_must_include(keys)
+    params = OkJson.decode(request.body.read)
+    keys.each do |param|
+      raise "#{param} not included with request" unless params.keys.include? param
+    end
+  end
+  
+  def login(xplenty_user=true)
+  @header = xplenty_user
+  haml <<-HAML
+%html
+%body
+  - if @header
+    #xplenty-header
+      %h1 Xplenty
+  %h1 Sample Addon
+HAML
+  end
+end
+
+post '/xplenty/resources' do
+  xplenty_only!
+  { :id => 123 }.to_json
+end
+
+post '/working/xplenty/resources' do
+  json_must_include(%w{xplenty_id plan callback_url logplex_token options})
+  xplenty_only!
+  { :id => 123 }.to_json
+end
+
+post '/cmd-line-options/xplenty/resources' do
+  xplenty_only!
+  options = OkJson.decode(request.body.read)['options']
+  raise "Where are my options?" unless options['foo'] && options['bar']
+  { :id => 123 }.to_json
+end
+
+post '/foo/xplenty/resources' do
+  xplenty_only!
+  'foo'
+end
+
+post '/invalid-json/xplenty/resources' do
+  xplenty_only!
+  'invalidjson'
+end
+
+post '/invalid-response/xplenty/resources' do
+  xplenty_only!
+  'null'
+end
+
+post '/invalid-status/xplenty/resources' do
+  xplenty_only!
+  status 422
+  { :id => 123 }.to_json
+end
+
+post '/invalid-missing-id/xplenty/resources' do
+  xplenty_only!
+  { :noid => 123 }.to_json
+end
+
+post '/invalid-missing-auth/xplenty/resources' do
+  { :id => 123 }.to_json
+end
+
+
+put '/working/xplenty/resources/:id' do
+  json_must_include(%w{xplenty_id plan})
+  xplenty_only!
+  {}.to_json
+end
+
+put '/invalid-missing-auth/xplenty/resources/:id' do
+  { :id => 123 }.to_json
+end
+
+put '/invalid-status/xplenty/resources/:id' do
+  xplenty_only!
+  status 422
+  {}.to_json
+end
+
+
+delete '/working/xplenty/resources/:id' do
+  xplenty_only!
+  "Ok"
+end
+
+def sso
+  unauthorized! unless params[:id] && params[:token]
+  unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
+  unauthorized! unless params[:token] == make_token
+  response.set_cookie('xplenty-nav-data', params['nav-data'])
+  login
+end
+
+get '/working/xplenty/resources/:id' do
+  sso
+end
+
+post '/working/sso/login' do
+  #puts params.inspect
+  sso
+end
+
+def notoken
+  unauthorized! unless params[:id] && params[:token]
+  unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
+  response.set_cookie('xplenty-nav-data', params['nav-data'])
+  login
+end
+
+get '/notoken/xplenty/resources/:id' do
+  notoken
+end
+
+post '/notoken/sso/login' do
+  notoken
+end
+
+def notimestamp
+  unauthorized! unless params[:id] && params[:token]
+  unauthorized! unless params[:token] == make_token
+  response.set_cookie('xplenty-nav-data', params['nav-data'])
+  login
+end
+
+get '/notimestamp/xplenty/resources/:id' do
+  notimestamp
+end
+
+post '/notimestamp/sso/login' do
+  notimestamp
+end
+
+def nolayout
+  unauthorized! unless params[:id] && params[:token]
+  unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
+  unauthorized! unless params[:token] == make_token
+  response.set_cookie('xplenty-nav-data', params['nav-data'])
+  login(false)
+end
+
+get '/nolayout/xplenty/resources/:id' do
+  nolayout
+end
+
+post '/nolayout/sso/login' do
+  nolayout
+end
+
+def nocookie
+  unauthorized! unless params[:id] && params[:token]
+  unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
+  unauthorized! unless params[:token] == make_token
+  login
+end
+
+get '/nocookie/xplenty/resources/:id' do
+  nocookie
+end
+
+post '/nocookie/sso/login' do
+  nocookie
+end
+
+def badcookie
+  unauthorized! unless params[:id] && params[:token]
+  unauthorized! unless params[:timestamp].to_i > (Time.now-60*2).to_i
+  unauthorized! unless params[:token] == make_token
+  response.set_cookie('xplenty-nav-data', 'wrong value')
+  login
+end
+
+get '/badcookie/xplenty/resources/:id' do
+  badcookie
+end
+
+post '/badcookie/sso/login' do
+  badcookie
+end
+
+def sso_user
+  head 404 unless params[:email] == 'username@example.com'
+  sso
+end
+
+get '/user/xplenty/resources/:id' do
+  sso_user
+end
+
+post '/user/sso/login' do
+  sso_user
+end
+
+get '/' do
+  unauthorized! unless session[:logged_in]
+end
+
+if $0 == __FILE__
+ self.run!
+end
+end

data/test/sso_check_test.rb

@@ -0,0 +1,58 @@
+require 'test/helper'
+
+class SsoCheckTest < Test::Unit::TestCase
+  include Xplenty::Kensa
+  include ProviderMock
+
+  def check ; SsoCheck ; end
+  %w{get post}.each do |method|
+    context "via #{method}" do
+      setup do
+        @data = Manifest.new(:sso => true, :method => method).
+          skeleton.merge :id => 123
+        @data['api']['sso_salt'] = 'SSO_SALT'
+      end
+
+      test "working sso request" do
+        use_provider_endpoint('working', 'sso')
+        assert_valid
+      end
+
+      test "rejects bad token" do
+        use_provider_endpoint("notoken", 'sso')
+        assert_invalid
+      end
+
+      test "rejects old timestamp" do
+        use_provider_endpoint("notimestamp", 'sso')
+        assert_invalid
+      end
+
+      test "reject omitted sso salt" do
+        @data['api'].delete 'sso_salt'
+        use_provider_endpoint("working", 'sso')
+        assert_invalid
+      end
+
+      test "reject missing xplenty layout" do
+        use_provider_endpoint("nolayout", 'sso')
+        assert_invalid
+      end
+
+      test "reject missing cookie" do
+        use_provider_endpoint("nocookie", 'sso')
+        assert_invalid
+      end
+
+      test "reject invalid cookie value" do
+        use_provider_endpoint("badcookie", 'sso')
+        assert_invalid
+      end
+
+      test "sends email param" do
+        use_provider_endpoint("user", 'sso')
+        assert_valid
+      end
+    end
+  end
+end

data/test/sso_test.rb

@@ -0,0 +1,146 @@
+require 'test/helper'
+require 'cgi'
+
+class SsoTest < Test::Unit::TestCase
+  include Xplenty::Kensa
+
+  context "with GET" do
+    setup do
+      @data = Manifest.new.skeleton.merge(:id => 1)
+      @data['api']['test'] = 'http://localhost:4567/'
+      @data['api']['sso_salt'] = 'SSO_SALT'
+    end
+
+    teardown { Timecop.return }
+
+    def builds_full_url(env)
+      url, query = @sso.full_url.split('?')
+      data = CGI.parse(query)
+
+
+      assert_equal "#{@data['api'][env]}xplenty/resources/1", url 
+      assert_equal 'b6010f6fbb850887a396c2bc0ab23974003008f6', data['token'].first
+      assert_equal '1262304000', data['timestamp'].first
+      assert_equal 'username@example.com', data['email'].first
+      assert_equal 'myapp', data['app'].first
+    end
+
+    context 'sso' do
+      setup do
+        Timecop.freeze Time.utc(2010, 1)
+        @sso = Sso.new @data 
+      end
+
+      test 'builds path' do
+        assert_equal '/xplenty/resources/1', @sso.path
+      end
+
+      test 'builds full url' do
+        builds_full_url('test')
+      end
+
+      context 'with no "sso" field specified' do
+        test "defaults to GET" do
+          assert_equal @sso.full_url, @sso.sso_url
+        end
+      end
+
+      context 'when sso method is GET' do
+        setup do
+          @data['api']['sso'] = 'GET'
+          @sso = Sso.new(@data).start
+        end
+
+        test "#sso_url should be the #full_url" do
+          assert_equal @sso.full_url, @sso.sso_url
+        end
+
+        test "#message is Opening <full_url>" do
+          assert_equal "Opening #{@sso.full_url}", @sso.message
+        end
+      end
+
+    end
+
+    context 'sso without salt' do
+      setup do
+        @data['api'].delete 'sso_salt'
+        @sso = Sso.new @data
+      end
+
+      test 'builds full url' do
+        expected = 'http://localhost:4567/xplenty/resources/1'
+
+        assert @sso.full_url.include?(expected)
+      end
+    end
+
+    context 'sso in production' do
+      setup do
+        Timecop.freeze Time.utc(2010, 1)
+        env = 'production'
+        @data[:env] = env
+        @data['api'][env] = 'http://localhost:7654/'
+
+        @sso = Sso.new @data
+      end
+
+      test 'builds full url' do
+        builds_full_url('production')
+      end
+    end
+  end
+
+  context "via POST" do
+    include FsMock
+    setup do
+      Timecop.freeze Time.utc(2010, 1)
+      @data = Manifest.new(:method => :post).skeleton
+      @data['api']['sso_salt'] = 'SSO_SALT'
+    end
+
+    test "command line" do
+      any_instance_of(Client) { |c| stub(c).puts }
+      stub(Launchy).open
+      start = Object.new
+      stub(start).message
+      stub(start).sso_url
+      stub(Sso).new.stub!.start.returns(start)
+
+      kensa "init"
+      kensa "sso 1234"
+
+      assert_received(Sso) { |sso| sso.new(hash_including(:id => '1234')) }
+    end
+
+    test "it starts the proxy server" do
+      @sso = Sso.new(@data.merge(:id => 1)).start
+      body = RestClient.get(@sso.sso_url)
+
+      assert body.include? @sso.path
+      assert body.include? 'b6010f6fbb850887a396c2bc0ab23974003008f6'
+      assert body.include? '1262304000'
+      assert body.include? @sso.url
+      assert body.include? @sso.sample_nav_data
+    end
+
+    context "with the proxy working" do
+      setup do 
+        any_instance_of(Sso, :run_proxy => false)
+        @sso = Sso.new(@data).start
+      end
+
+      test "#sso_url should point to the proxy" do
+        assert_equal "http://localhost:#{@sso.proxy_port}/", @sso.sso_url
+      end
+
+      test "#post_url contains url and path" do
+        assert_equal "http://localhost:4567/sso/login", @sso.post_url
+      end
+
+      test "#message is Posting <data> to <post_url> via proxy on port <proxy_port>" do
+        assert_equal "POSTing #{@sso.query_data} to http://localhost:4567/sso/login via proxy on port #{@sso.proxy_port}", @sso.message
+      end
+    end
+  end
+end