spec/lib/api_spec.rb in conjur-api-4.28.1 vs spec/lib/api_spec.rb in conjur-api-4.29.0

@@ -1,6 +1,7 @@
 require 'spec_helper'
+require 'fakefs/spec_helpers'
 
 shared_examples_for "API endpoint" do
   before { Conjur.configuration = Conjur::Configuration.new }
   subject { api }
   let(:service_name) { api.name.split('::')[-2].downcase }
@@ -236,16 +237,58 @@
     let(:api_key) { "theapikey" }
     let(:api_args) { [ login, api_key, remote_ip ].compact }
     subject(:api) { Conjur::API.new_from_key(*api_args) }
   end
 
+  shared_context "logged in with a token file", logged_in: :token_file do
+    include FakeFS::SpecHelpers
+    include_context "logged in"
+    let(:token_file) { "token_file" }
+    let(:api_args) { [ token_file, remote_ip ].compact }
+    subject(:api) { Conjur::API.new_from_token_file(*api_args) }
+  end
+
   def time_travel delta
-    allow(api).to receive(:gettime).and_wrap_original do |m|
+    allow(api.authenticator).to receive(:gettime).and_wrap_original do |m|
       m[] + delta
     end
+    allow(api.authenticator).to receive(:monotonic_time).and_wrap_original do |m|
+      m[] + delta
+    end
+    allow(Time).to receive(:now).and_wrap_original do |m|
+      m[] + delta
+    end
   end
 
   describe '#token' do
+    context 'with token file available', logged_in: :token_file do
+      def write_token token
+        File.write token_file, JSON.generate(token)
+      end
+
+      before do
+        write_token token
+      end
+
+      it "reads the file to get a token" do
+        expect(api.instance_variable_get("@token")).to eq(nil)
+        expect(api.token).to eq(token)
+        expect(api.credentials).to eq({ headers: { authorization: "Token token=\"#{Base64.strict_encode64(token.to_json)}\"" }, username: login })
+      end
+
+      context "after expiration" do
+        it 'it reads a new token' do
+          expect(Time.parse(api.token['timestamp'])).to be_within(5.seconds).of(Time.now)
+          
+          time_travel 6.minutes
+          new_token = token.merge "timestamp" => Time.now.to_s
+          write_token new_token
+          
+          expect(api.token).to eq(new_token)
+        end
+      end
+    end
+
     context 'with API key available', logged_in: :api_key do
       it "authenticates to get a token" do
         expect(Conjur::API).to receive(:authenticate).with(login, api_key).and_return token
 
         expect(api.instance_variable_get("@token")).to eq(nil)