2008-01-05 08:32:06 -05:00
|
|
|
require 'abstract_unit'
|
2007-05-08 01:48:18 -04:00
|
|
|
|
|
|
|
class HttpBasicAuthenticationTest < Test::Unit::TestCase
|
|
|
|
include ActionController::HttpAuthentication::Basic
|
|
|
|
|
2007-06-23 12:43:08 -04:00
|
|
|
class DummyController
|
|
|
|
attr_accessor :headers, :renders, :request
|
|
|
|
|
|
|
|
def initialize
|
|
|
|
@headers, @renders = {}, []
|
|
|
|
@request = ActionController::TestRequest.new
|
|
|
|
end
|
|
|
|
|
|
|
|
def render(options)
|
|
|
|
self.renders << options
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2007-05-08 01:48:18 -04:00
|
|
|
def setup
|
2007-06-23 12:43:08 -04:00
|
|
|
@controller = DummyController.new
|
|
|
|
@credentials = ActionController::HttpAuthentication::Basic.encode_credentials("dhh", "secret")
|
2007-05-08 01:48:18 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_successful_authentication
|
2007-06-23 12:43:08 -04:00
|
|
|
login = Proc.new { |user_name, password| user_name == "dhh" && password == "secret" }
|
|
|
|
set_headers
|
|
|
|
assert authenticate(@controller, &login)
|
2007-05-08 01:48:18 -04:00
|
|
|
|
2007-06-23 12:43:08 -04:00
|
|
|
set_headers ''
|
|
|
|
assert_nothing_raised do
|
|
|
|
assert !authenticate(@controller, &login)
|
|
|
|
end
|
|
|
|
|
|
|
|
set_headers nil
|
|
|
|
set_headers @credentials, 'REDIRECT_X_HTTP_AUTHORIZATION'
|
|
|
|
assert authenticate(@controller, &login)
|
|
|
|
end
|
2007-05-08 01:48:18 -04:00
|
|
|
|
|
|
|
def test_failing_authentication
|
2007-06-23 12:43:08 -04:00
|
|
|
set_headers
|
|
|
|
assert !authenticate(@controller) { |user_name, password| user_name == "dhh" && password == "incorrect" }
|
2007-05-08 01:48:18 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_authentication_request
|
|
|
|
authentication_request(@controller, "Megaglobalapp")
|
|
|
|
assert_equal 'Basic realm="Megaglobalapp"', @controller.headers["WWW-Authenticate"]
|
|
|
|
assert_equal :unauthorized, @controller.renders.first[:status]
|
|
|
|
end
|
2007-06-23 12:43:08 -04:00
|
|
|
|
|
|
|
private
|
|
|
|
def set_headers(value = @credentials, name = 'HTTP_AUTHORIZATION')
|
|
|
|
@controller.request.env[name] = value
|
|
|
|
end
|
2007-05-08 01:48:18 -04:00
|
|
|
end
|