spec/enigma_spec.rb in enigma-0.0.1 vs spec/enigma_spec.rb in enigma-0.0.3
- old
+ new
@@ -1,106 +1,64 @@
-require File.dirname(__FILE__) + '/spec_helper.rb'
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
describe Enigma do
- describe "when generating an API key" do
- it "should be a string" do
- Enigma.generate_key.should be_a(String)
- end
+ Enigma.server_key = "abcd1234abcd1234"
+
+ class TestApp < Sinatra::Base
+ get '/' do
+ signature = request.env["HTTP_" + Enigma::SIGNATURE_HEADER]
+ method = request.request_method.downcase
+ path = request.path
+ payload = request.body.read
- it "should be 32 digits long" do
- Enigma.generate_key.length.should == 32
+ if Enigma.matches?(signature, method, path, payload)
+ status 200
+ else
+ status 403
+ end
end
end
- describe "when generating an API secret" do
- it "should be a string" do
- Enigma.generate_secret.should be_a(String)
- end
+ def app
+ @app ||= TestApp.new
+ end
- it "should be 64 digits long" do
- Enigma.generate_secret.length.should == 32
- end
+ def client
+ @client ||= Enigma::Spec::RackTestClient.new(app)
end
- describe "when authenticating" do
- before :each do
- @key = Enigma.generate_key
- # Sigh, has to be global to be seen below...
- @secret = $secret = Enigma.generate_secret
- @params = { :p1 => 1, :p2 => 2 }
- @signed_params = Enigma.encode_params(@secret, @params)
+ describe "with correct authentication" do
+ it "should be successful" do
+ response = client.execute(
+ :method => :get,
+ :path => "/",
+ :headers => {"X_ENIGMA_SIGNATURE" => Enigma.signature('get', '/', '')}
+ )
+ response.code.should == 200
end
-
- context "with a valid key/secret pair" do
- before :each do
- # Let's just return the secret, straight up.
- Enigma.find_secret do |key|
- $secret
- end
- end
-
- it "should return the decoded parameters" do
- Enigma.authenticate(:key => @key, :params => @signed_params).should == @params
- end
- end
-
- context "with an invalid key/secret pair" do
- before :each do
- # And now, let's return the wrong one.
- Enigma.find_secret do |key|
- Enigma.generate_secret
- end
- end
-
- it "should not be able to decode the params using the invalid secret" do
- Enigma.decode_params(Enigma.generate_secret, @signed_params).should be_nil
- end
-
- it "should return nil" do
- Enigma.authenticate(:key => @key, :params => @signed_params).should be_nil
- end
- end
end
- describe "when encoding parameters" do
- before :each do
- @secret = Enigma.generate_secret
- @params = { 'param1' => '1', 'param2' => 2 }
- end
+ describe "with incorrect authentication" do
+ it "should be forbidden" do
+ response = client.execute(
+ :method => :get,
+ :path => "/",
+ :headers => {"X_ENIGMA_SIGNATURE" => "h4x0r"}
+ )
- it "should be able to decode them" do
- Enigma.decode_params(@secret, Enigma.encode_params(@secret, @params)).should == @params
+ response.code.should == 403
end
end
-end
+ describe "with empty authorization" do
+ it "should be forbidden" do
+ response = client.execute(
+ :method => :get,
+ :path => "/",
+ :headers => {})
-describe Enigma::Client do
- describe "get" do
- before :each do
- @key = Enigma.generate_key
- @secret = Enigma.generate_secret
- @client = Enigma::Client.new(@key, @secret)
- @params = { 'p1' => 'value' }
- @signed_params = Enigma.encode_params(@secret, @params)
+ response.code.should == 403
end
-
- it "should send a GET request with the key and signed params" do
- RestClient.should_receive(:get).with("http://some.service?params=#{@signed_params}&key=#{@key}")
- @client.get("http://some.service", @params)
- end
end
end
-
-=begin
-get '/' do
- user = User.find_by_key(params[:key])
- Enigma.authenticate(params[:key], user.secret, params[:params])
-end
-
-Enigma.generate_key
-Enigma.generate_secret
-
-=end
-