Redmine 3.4.4

lib/plugins/open_id_authentication/test/mem_cache_store_test.rb

@@ -0,0 +1,151 @@
+require File.dirname(__FILE__) + '/test_helper'
+require File.dirname(__FILE__) + '/../lib/open_id_authentication/mem_cache_store'
+
+# Mock MemCacheStore with MemoryStore for testing
+class OpenIdAuthentication::MemCacheStore < OpenID::Store::Interface
+  def initialize(*addresses)
+    @connection = ActiveSupport::Cache::MemoryStore.new
+  end
+end
+
+class MemCacheStoreTest < Test::Unit::TestCase
+  ALLOWED_HANDLE = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~'
+
+  def setup
+    @store = OpenIdAuthentication::MemCacheStore.new
+  end
+
+  def test_store
+    server_url = "http://www.myopenid.com/openid"
+    assoc = gen_assoc(0)
+
+    # Make sure that a missing association returns no result
+    assert_retrieve(server_url)
+
+    # Check that after storage, getting returns the same result
+    @store.store_association(server_url, assoc)
+    assert_retrieve(server_url, nil, assoc)
+
+    # more than once
+    assert_retrieve(server_url, nil, assoc)
+
+    # Storing more than once has no ill effect
+    @store.store_association(server_url, assoc)
+    assert_retrieve(server_url, nil, assoc)
+
+    # Removing an association that does not exist returns not present
+    assert_remove(server_url, assoc.handle + 'x', false)
+
+    # Removing an association that does not exist returns not present
+    assert_remove(server_url + 'x', assoc.handle, false)
+
+    # Removing an association that is present returns present
+    assert_remove(server_url, assoc.handle, true)
+
+    # but not present on subsequent calls
+    assert_remove(server_url, assoc.handle, false)
+
+    # Put assoc back in the store
+    @store.store_association(server_url, assoc)
+
+    # More recent and expires after assoc
+    assoc2 = gen_assoc(1)
+    @store.store_association(server_url, assoc2)
+
+    # After storing an association with a different handle, but the
+    # same server_url, the handle with the later expiration is returned.
+    assert_retrieve(server_url, nil, assoc2)
+
+    # We can still retrieve the older association
+    assert_retrieve(server_url, assoc.handle, assoc)
+
+    # Plus we can retrieve the association with the later expiration
+    # explicitly
+    assert_retrieve(server_url, assoc2.handle, assoc2)
+
+    # More recent, and expires earlier than assoc2 or assoc. Make sure
+    # that we're picking the one with the latest issued date and not
+    # taking into account the expiration.
+    assoc3 = gen_assoc(2, 100)
+    @store.store_association(server_url, assoc3)
+
+    assert_retrieve(server_url, nil, assoc3)
+    assert_retrieve(server_url, assoc.handle, assoc)
+    assert_retrieve(server_url, assoc2.handle, assoc2)
+    assert_retrieve(server_url, assoc3.handle, assoc3)
+
+    assert_remove(server_url, assoc2.handle, true)
+
+    assert_retrieve(server_url, nil, assoc3)
+    assert_retrieve(server_url, assoc.handle, assoc)
+    assert_retrieve(server_url, assoc2.handle, nil)
+    assert_retrieve(server_url, assoc3.handle, assoc3)
+
+    assert_remove(server_url, assoc2.handle, false)
+    assert_remove(server_url, assoc3.handle, true)
+
+    assert_retrieve(server_url, nil, assoc)
+    assert_retrieve(server_url, assoc.handle, assoc)
+    assert_retrieve(server_url, assoc2.handle, nil)
+    assert_retrieve(server_url, assoc3.handle, nil)
+
+    assert_remove(server_url, assoc2.handle, false)
+    assert_remove(server_url, assoc.handle, true)
+    assert_remove(server_url, assoc3.handle, false)
+
+    assert_retrieve(server_url, nil, nil)
+    assert_retrieve(server_url, assoc.handle, nil)
+    assert_retrieve(server_url, assoc2.handle, nil)
+    assert_retrieve(server_url, assoc3.handle, nil)
+
+    assert_remove(server_url, assoc2.handle, false)
+    assert_remove(server_url, assoc.handle, false)
+    assert_remove(server_url, assoc3.handle, false)
+  end
+
+  def test_nonce
+    server_url = "http://www.myopenid.com/openid"
+
+    [server_url, ''].each do |url|
+      nonce1 = OpenID::Nonce::mk_nonce
+
+      assert_nonce(nonce1, true, url, "#{url}: nonce allowed by default")
+      assert_nonce(nonce1, false, url, "#{url}: nonce not allowed twice")
+      assert_nonce(nonce1, false, url, "#{url}: nonce not allowed third time")
+
+      # old nonces shouldn't pass
+      old_nonce = OpenID::Nonce::mk_nonce(3600)
+      assert_nonce(old_nonce, false, url, "Old nonce #{old_nonce.inspect} passed")
+    end
+  end
+
+  private
+    def gen_assoc(issued, lifetime = 600)
+      secret = OpenID::CryptUtil.random_string(20, nil)
+      handle = OpenID::CryptUtil.random_string(128, ALLOWED_HANDLE)
+      OpenID::Association.new(handle, secret, Time.now + issued, lifetime, 'HMAC-SHA1')
+    end
+
+    def assert_retrieve(url, handle = nil, expected = nil)
+      assoc = @store.get_association(url, handle)
+
+      if expected.nil?
+        assert_nil(assoc)
+      else
+        assert_equal(expected, assoc)
+        assert_equal(expected.handle, assoc.handle)
+        assert_equal(expected.secret, assoc.secret)
+      end
+    end
+
+    def assert_remove(url, handle, expected)
+      present = @store.remove_association(url, handle)
+      assert_equal(expected, present)
+    end
+
+    def assert_nonce(nonce, expected, server_url, msg = "")
+      stamp, salt = OpenID::Nonce::split_nonce(nonce)
+      actual = @store.use_nonce(server_url, stamp, salt)
+      assert_equal(expected, actual, msg)
+    end
+end

lib/plugins/open_id_authentication/test/normalize_test.rb

@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class NormalizeTest < Test::Unit::TestCase
+  include OpenIdAuthentication
+
+  NORMALIZATIONS = {
+    "openid.aol.com/nextangler"             => "http://openid.aol.com/nextangler",
+    "http://openid.aol.com/nextangler"      => "http://openid.aol.com/nextangler",
+    "https://openid.aol.com/nextangler"     => "https://openid.aol.com/nextangler",
+    "HTTP://OPENID.AOL.COM/NEXTANGLER"      => "http://openid.aol.com/NEXTANGLER",
+    "HTTPS://OPENID.AOL.COM/NEXTANGLER"     => "https://openid.aol.com/NEXTANGLER",
+    "loudthinking.com"                      => "http://loudthinking.com/",
+    "http://loudthinking.com"               => "http://loudthinking.com/",
+    "http://loudthinking.com:80"            => "http://loudthinking.com/",
+    "https://loudthinking.com:443"          => "https://loudthinking.com/",
+    "http://loudthinking.com:8080"          => "http://loudthinking.com:8080/",
+    "techno-weenie.net"                     => "http://techno-weenie.net/",
+    "http://techno-weenie.net"              => "http://techno-weenie.net/",
+    "http://techno-weenie.net  "            => "http://techno-weenie.net/",
+    "=name"                                 => "=name"
+  }
+
+  def test_normalizations
+    NORMALIZATIONS.each do |from, to|
+      assert_equal to, normalize_identifier(from)
+    end
+  end
+
+  def test_broken_open_id
+    assert_raises(InvalidOpenId) { normalize_identifier(nil) }
+  end
+end

lib/plugins/open_id_authentication/test/open_id_authentication_test.rb

@@ -0,0 +1,46 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class OpenIdAuthenticationTest < Test::Unit::TestCase
+  def setup
+    @controller = Class.new do
+      include OpenIdAuthentication
+      def params() {} end
+    end.new
+  end
+
+  def test_authentication_should_fail_when_the_identity_server_is_missing
+    open_id_consumer = mock()
+    open_id_consumer.expects(:begin).raises(OpenID::OpenIDError)
+    @controller.expects(:open_id_consumer).returns(open_id_consumer)
+    @controller.expects(:logger).returns(mock(:error => true))
+
+    @controller.send(:authenticate_with_open_id, "http://someone.example.com") do |result, identity_url|
+      assert result.missing?
+      assert_equal "Sorry, the OpenID server couldn't be found", result.message
+    end
+  end
+
+  def test_authentication_should_be_invalid_when_the_identity_url_is_invalid
+    @controller.send(:authenticate_with_open_id, "!") do |result, identity_url|
+      assert result.invalid?, "Result expected to be invalid but was not"
+      assert_equal "Sorry, but this does not appear to be a valid OpenID", result.message
+    end
+  end
+
+  def test_authentication_should_fail_when_the_identity_server_times_out
+    open_id_consumer = mock()
+    open_id_consumer.expects(:begin).raises(Timeout::Error, "Identity Server took too long.")
+    @controller.expects(:open_id_consumer).returns(open_id_consumer)
+    @controller.expects(:logger).returns(mock(:error => true))
+
+    @controller.send(:authenticate_with_open_id, "http://someone.example.com") do |result, identity_url|
+      assert result.missing?
+      assert_equal "Sorry, the OpenID server couldn't be found", result.message
+    end
+  end
+
+  def test_authentication_should_begin_when_the_identity_server_is_present
+    @controller.expects(:begin_open_id_authentication)
+    @controller.send(:authenticate_with_open_id, "http://someone.example.com")
+  end
+end

lib/plugins/open_id_authentication/test/status_test.rb

@@ -0,0 +1,14 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class StatusTest < Test::Unit::TestCase
+  include OpenIdAuthentication
+
+  def test_state_conditional
+    assert Result[:missing].missing?
+    assert Result[:missing].unsuccessful?
+    assert !Result[:missing].successful?
+
+    assert Result[:successful].successful?
+    assert !Result[:successful].unsuccessful?
+  end
+end

lib/plugins/open_id_authentication/test/test_helper.rb

@@ -0,0 +1,17 @@
+require 'test/unit'
+require 'rubygems'
+
+gem 'activesupport'
+require 'active_support'
+
+gem 'actionpack'
+require 'action_controller'
+
+gem 'mocha'
+require 'mocha/setup'
+
+gem 'ruby-openid'
+require 'openid'
+
+RAILS_ROOT = File.dirname(__FILE__) unless defined? RAILS_ROOT
+require File.dirname(__FILE__) + "/../lib/open_id_authentication"