token_spec.rb in fernet-2.1.1

- old
+ new

@@ -7,11 +7,11 @@
   it 'is invalid with a bad MAC signature' do
     generated = Fernet::Token.generate(secret: secret,
                                        message: 'hello')
 
     bogus_hmac = "1" * 32
-    Fernet::Encryption.stub(hmac_digest: bogus_hmac)
+    allow(Fernet::Encryption).to receive(:hmac_digest).and_return(bogus_hmac)
 
     token = Fernet::Token.new(generated.to_s, secret: secret)
 
     expect(token.valid?).to eq(false)
     expect(token.errors[:signature]).to include("does not match")
@@ -44,15 +44,34 @@
     expect(token.valid?).to eq(false)
     expect(token.errors[:token]).to include("invalid base64")
   end
 
   it 'is invalid with an unknown token version' do
-    token = Fernet::Token.new(Base64.urlsafe_encode64("xxxxxx"), secret: secret)
+    invalid1 = Fernet::Token.generate(message: 'message', version: 0x00, secret: secret)
+    invalid2 = Fernet::Token.generate(message: 'message', version: 0x81, secret: secret)
+    valid    = Fernet::Token.generate(message: 'message', secret: secret)
 
-    expect(token.valid?).to eq(false)
-    expect(token.errors[:version]).to include("is unknown")
+    [invalid1, invalid2].each do |token|
+      expect(token.valid?).to eq(false)
+      expect(token.errors[:version]).to include("is unknown")
+    end
+    expect(valid.valid?).to eq(true)
   end
+
+  it 'is invalid with bad base64 encodings' do
+    token = Fernet::Token.generate(message: 'message', secret: secret)
+    invalid = Fernet::Token.new("\n#{token}", secret: secret)
+
+    ["\n#{token}", "#{token} ", "#{token}+",
+      token.to_s.gsub(/(.)$/, "1"),
+      token.to_s.gsub(/(.)$/, "+"),
+      token.to_s.gsub(/(.)$/, "\\"),
+    ].each do |invalid_string|
+      invalid = Fernet::Token.new(invalid_string, secret: secret)
+      expect(invalid.valid?).to be(false)
+    end
+  end
 end
 
 describe Fernet::Token, 'message' do
   let(:secret) { 'odN/0Yu+Pwp3oIvvG8OiE5w4LsLrqfWYRb3knQtSyKI=' }
   it 'refuses to decrypt if invalid' do
@@ -73,7 +92,15 @@
     token = Fernet::Token.generate(secret: secret,
                                    message: 'hello')
     token.valid? or raise "invalid token"
 
     expect(token.message).to eq('hello')
+  end
+
+  it 'correctly handles an empty message' do
+    token = Fernet::Token.generate(secret: secret,
+                                   message: '')
+    token.valid? or raise "invalid token"
+
+    expect(token.message).to eq('')
   end
 end