From fcdb5e4e340f59ff8d9d50dbee1c50b5b93836ae Mon Sep 17 00:00:00 2001 From: Daniel Barber Date: Sat, 16 Nov 2019 22:58:39 -0500 Subject: [PATCH] Add tests for authorization --- lib/{micropub => }/indieauth.rb | 0 lib/{micropub => }/indieauth/endpoints.rb | 0 lib/{micropub => }/indieauth/token.rb | 0 lib/micropub.rb | 5 +-- lib/micropub/webserver.rb | 2 +- test/requests/auth_test.rb | 40 +++++++++++++++++++++++ test/requests/create_post_test.rb | 2 +- 7 files changed, 45 insertions(+), 4 deletions(-) rename lib/{micropub => }/indieauth.rb (100%) rename lib/{micropub => }/indieauth/endpoints.rb (100%) rename lib/{micropub => }/indieauth/token.rb (100%) create mode 100644 test/requests/auth_test.rb diff --git a/lib/micropub/indieauth.rb b/lib/indieauth.rb similarity index 100% rename from lib/micropub/indieauth.rb rename to lib/indieauth.rb diff --git a/lib/micropub/indieauth/endpoints.rb b/lib/indieauth/endpoints.rb similarity index 100% rename from lib/micropub/indieauth/endpoints.rb rename to lib/indieauth/endpoints.rb diff --git a/lib/micropub/indieauth/token.rb b/lib/indieauth/token.rb similarity index 100% rename from lib/micropub/indieauth/token.rb rename to lib/indieauth/token.rb diff --git a/lib/micropub.rb b/lib/micropub.rb index 0879e41..778ca09 100644 --- a/lib/micropub.rb +++ b/lib/micropub.rb @@ -1,8 +1,9 @@ +autoload :Indieauth, File.expand_path('indieauth.rb', __dir__) + module Micropub - autoload :Webserver, File.expand_path('micropub/webserver.rb', __dir__) autoload :Github, File.expand_path('micropub/github.rb', __dir__) - autoload :Indieauth, File.expand_path('micropub/indieauth.rb', __dir__) autoload :Post, File.expand_path('micropub/models/post.rb', __dir__) autoload :PostJSONParser, File.expand_path('micropub/models/post_json_parser.rb', __dir__) + autoload :Webserver, File.expand_path('micropub/webserver.rb', __dir__) end diff --git a/lib/micropub/webserver.rb b/lib/micropub/webserver.rb index 91b32f7..45f8ad9 100644 --- a/lib/micropub/webserver.rb +++ b/lib/micropub/webserver.rb @@ -58,7 +58,7 @@ module Micropub auth_type, auth_token = request.env["HTTP_AUTHORIZATION"]&.split(" ") auth_token ||= params["access_token"] - auth_type == "Bearer" && token.validate(auth_token) + token.validate(auth_token) end def endpoints diff --git a/test/requests/auth_test.rb b/test/requests/auth_test.rb new file mode 100644 index 0000000..2f7a1e6 --- /dev/null +++ b/test/requests/auth_test.rb @@ -0,0 +1,40 @@ +require "request_helper" + +describe "auth" do + before(:each) do + @auth_token = "123abc" + endpoints = mock("Indieauth::Endpoints") + endpoints.stubs(:token_endpoint) + Indieauth::Endpoints.stubs(:new).returns endpoints + Indieauth::Token.any_instance.stubs(:validate).returns(false) + Indieauth::Token.any_instance.stubs(:validate). + with(@auth_token).returns(true) + Micropub::Github.any_instance.stubs(:post!).returns(true) + end + + it "rejects authentication without a token" do + post "/micropub/main", { + content: "Hello, World!" + } + + assert last_response.unauthorized? + end + + it "authenticates with a header" do + header "Authorization", "Bearer #{@auth_token}" + post "/micropub/main", { + content: "Hello, World!" + } + + assert last_response.accepted? + end + + it "authenticates with a form param" do + post "/micropub/main", { + access_token: @auth_token, + content: "Hello, World!" + } + + assert last_response.accepted? + end +end diff --git a/test/requests/create_post_test.rb b/test/requests/create_post_test.rb index d102c13..99a1835 100644 --- a/test/requests/create_post_test.rb +++ b/test/requests/create_post_test.rb @@ -1,5 +1,5 @@ require "request_helper" -require "micropub/indieauth" +require "indieauth" require "micropub/github" describe "create post" do