1
require 'abstract_unit'
3
class AuthorizationTest < Test::Unit::TestCase
4
Response = Struct.new(:code)
7
@conn = ActiveResource::Connection.new('http://localhost')
8
@matz = { :id => 1, :name => 'Matz' }.to_xml(:root => 'person')
9
@david = { :id => 2, :name => 'David' }.to_xml(:root => 'person')
10
@authenticated_conn = ActiveResource::Connection.new("http://david:test123@localhost")
11
@authorization_request_header = { 'Authorization' => 'Basic ZGF2aWQ6dGVzdDEyMw==' }
13
ActiveResource::HttpMock.respond_to do |mock|
14
mock.get "/people/2.xml", @authorization_request_header, @david
15
mock.put "/people/2.xml", @authorization_request_header, nil, 204
16
mock.delete "/people/2.xml", @authorization_request_header, nil, 200
17
mock.post "/people/2/addresses.xml", @authorization_request_header, nil, 201, 'Location' => '/people/1/addresses/5'
21
def test_authorization_header
22
authorization_header = @authenticated_conn.__send__(:authorization_header)
23
assert_equal @authorization_request_header['Authorization'], authorization_header['Authorization']
24
authorization = authorization_header["Authorization"].to_s.split
26
assert_equal "Basic", authorization[0]
27
assert_equal ["david", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
30
def test_authorization_header_with_username_but_no_password
31
@conn = ActiveResource::Connection.new("http://david:@localhost")
32
authorization_header = @conn.__send__(:authorization_header)
33
authorization = authorization_header["Authorization"].to_s.split
35
assert_equal "Basic", authorization[0]
36
assert_equal ["david"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
39
def test_authorization_header_with_password_but_no_username
40
@conn = ActiveResource::Connection.new("http://:test123@localhost")
41
authorization_header = @conn.__send__(:authorization_header)
42
authorization = authorization_header["Authorization"].to_s.split
44
assert_equal "Basic", authorization[0]
45
assert_equal ["", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
48
def test_authorization_header_with_decoded_credentials_from_url
49
@conn = ActiveResource::Connection.new("http://my%40email.com:%31%32%33@localhost")
50
authorization_header = @conn.__send__(:authorization_header)
51
authorization = authorization_header["Authorization"].to_s.split
53
assert_equal "Basic", authorization[0]
54
assert_equal ["my@email.com", "123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
57
def test_authorization_header_explicitly_setting_username_and_password
58
@authenticated_conn = ActiveResource::Connection.new("http://@localhost")
59
@authenticated_conn.user = 'david'
60
@authenticated_conn.password = 'test123'
61
authorization_header = @authenticated_conn.__send__(:authorization_header)
62
assert_equal @authorization_request_header['Authorization'], authorization_header['Authorization']
63
authorization = authorization_header["Authorization"].to_s.split
65
assert_equal "Basic", authorization[0]
66
assert_equal ["david", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
69
def test_authorization_header_explicitly_setting_username_but_no_password
70
@conn = ActiveResource::Connection.new("http://@localhost")
72
authorization_header = @conn.__send__(:authorization_header)
73
authorization = authorization_header["Authorization"].to_s.split
75
assert_equal "Basic", authorization[0]
76
assert_equal ["david"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
79
def test_authorization_header_explicitly_setting_password_but_no_username
80
@conn = ActiveResource::Connection.new("http://@localhost")
81
@conn.password = "test123"
82
authorization_header = @conn.__send__(:authorization_header)
83
authorization = authorization_header["Authorization"].to_s.split
85
assert_equal "Basic", authorization[0]
86
assert_equal ["", "test123"], ActiveSupport::Base64.decode64(authorization[1]).split(":")[0..1]
90
david = @authenticated_conn.get("/people/2.xml")
91
assert_equal "David", david["name"]
95
response = @authenticated_conn.post("/people/2/addresses.xml")
96
assert_equal "/people/1/addresses/5", response["Location"]
100
response = @authenticated_conn.put("/people/2.xml")
101
assert_equal 204, response.code
105
response = @authenticated_conn.delete("/people/2.xml")
106
assert_equal 200, response.code
109
def test_raises_invalid_request_on_unauthorized_requests
110
assert_raise(ActiveResource::InvalidRequestError) { @conn.post("/people/2.xml") }
111
assert_raise(ActiveResource::InvalidRequestError) { @conn.post("/people/2/addresses.xml") }
112
assert_raise(ActiveResource::InvalidRequestError) { @conn.put("/people/2.xml") }
113
assert_raise(ActiveResource::InvalidRequestError) { @conn.delete("/people/2.xml") }
117
def assert_response_raises(klass, code)
118
assert_raise(klass, "Expected response code #{code} to raise #{klass}") do
119
@conn.__send__(:handle_response, Response.new(code))