Chris@909: require File.dirname(__FILE__) + '/test_helper' Chris@909: require File.dirname(__FILE__) + '/../lib/open_id_authentication/mem_cache_store' Chris@909: Chris@909: # Mock MemCacheStore with MemoryStore for testing Chris@909: class OpenIdAuthentication::MemCacheStore < OpenID::Store::Interface Chris@909: def initialize(*addresses) Chris@909: @connection = ActiveSupport::Cache::MemoryStore.new Chris@909: end Chris@909: end Chris@909: Chris@909: class MemCacheStoreTest < Test::Unit::TestCase Chris@909: ALLOWED_HANDLE = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~' Chris@909: Chris@909: def setup Chris@909: @store = OpenIdAuthentication::MemCacheStore.new Chris@909: end Chris@909: Chris@909: def test_store Chris@909: server_url = "http://www.myopenid.com/openid" Chris@909: assoc = gen_assoc(0) Chris@909: Chris@909: # Make sure that a missing association returns no result Chris@909: assert_retrieve(server_url) Chris@909: Chris@909: # Check that after storage, getting returns the same result Chris@909: @store.store_association(server_url, assoc) Chris@909: assert_retrieve(server_url, nil, assoc) Chris@909: Chris@909: # more than once Chris@909: assert_retrieve(server_url, nil, assoc) Chris@909: Chris@909: # Storing more than once has no ill effect Chris@909: @store.store_association(server_url, assoc) Chris@909: assert_retrieve(server_url, nil, assoc) Chris@909: Chris@909: # Removing an association that does not exist returns not present Chris@909: assert_remove(server_url, assoc.handle + 'x', false) Chris@909: Chris@909: # Removing an association that does not exist returns not present Chris@909: assert_remove(server_url + 'x', assoc.handle, false) Chris@909: Chris@909: # Removing an association that is present returns present Chris@909: assert_remove(server_url, assoc.handle, true) Chris@909: Chris@909: # but not present on subsequent calls Chris@909: assert_remove(server_url, assoc.handle, false) Chris@909: Chris@909: # Put assoc back in the store Chris@909: @store.store_association(server_url, assoc) Chris@909: Chris@909: # More recent and expires after assoc Chris@909: assoc2 = gen_assoc(1) Chris@909: @store.store_association(server_url, assoc2) Chris@909: Chris@909: # After storing an association with a different handle, but the Chris@909: # same server_url, the handle with the later expiration is returned. Chris@909: assert_retrieve(server_url, nil, assoc2) Chris@909: Chris@909: # We can still retrieve the older association Chris@909: assert_retrieve(server_url, assoc.handle, assoc) Chris@909: Chris@909: # Plus we can retrieve the association with the later expiration Chris@909: # explicitly Chris@909: assert_retrieve(server_url, assoc2.handle, assoc2) Chris@909: Chris@909: # More recent, and expires earlier than assoc2 or assoc. Make sure Chris@909: # that we're picking the one with the latest issued date and not Chris@909: # taking into account the expiration. Chris@909: assoc3 = gen_assoc(2, 100) Chris@909: @store.store_association(server_url, assoc3) Chris@909: Chris@909: assert_retrieve(server_url, nil, assoc3) Chris@909: assert_retrieve(server_url, assoc.handle, assoc) Chris@909: assert_retrieve(server_url, assoc2.handle, assoc2) Chris@909: assert_retrieve(server_url, assoc3.handle, assoc3) Chris@909: Chris@909: assert_remove(server_url, assoc2.handle, true) Chris@909: Chris@909: assert_retrieve(server_url, nil, assoc3) Chris@909: assert_retrieve(server_url, assoc.handle, assoc) Chris@909: assert_retrieve(server_url, assoc2.handle, nil) Chris@909: assert_retrieve(server_url, assoc3.handle, assoc3) Chris@909: Chris@909: assert_remove(server_url, assoc2.handle, false) Chris@909: assert_remove(server_url, assoc3.handle, true) Chris@909: Chris@909: assert_retrieve(server_url, nil, assoc) Chris@909: assert_retrieve(server_url, assoc.handle, assoc) Chris@909: assert_retrieve(server_url, assoc2.handle, nil) Chris@909: assert_retrieve(server_url, assoc3.handle, nil) Chris@909: Chris@909: assert_remove(server_url, assoc2.handle, false) Chris@909: assert_remove(server_url, assoc.handle, true) Chris@909: assert_remove(server_url, assoc3.handle, false) Chris@909: Chris@909: assert_retrieve(server_url, nil, nil) Chris@909: assert_retrieve(server_url, assoc.handle, nil) Chris@909: assert_retrieve(server_url, assoc2.handle, nil) Chris@909: assert_retrieve(server_url, assoc3.handle, nil) Chris@909: Chris@909: assert_remove(server_url, assoc2.handle, false) Chris@909: assert_remove(server_url, assoc.handle, false) Chris@909: assert_remove(server_url, assoc3.handle, false) Chris@909: end Chris@909: Chris@909: def test_nonce Chris@909: server_url = "http://www.myopenid.com/openid" Chris@909: Chris@909: [server_url, ''].each do |url| Chris@909: nonce1 = OpenID::Nonce::mk_nonce Chris@909: Chris@909: assert_nonce(nonce1, true, url, "#{url}: nonce allowed by default") Chris@909: assert_nonce(nonce1, false, url, "#{url}: nonce not allowed twice") Chris@909: assert_nonce(nonce1, false, url, "#{url}: nonce not allowed third time") Chris@909: Chris@909: # old nonces shouldn't pass Chris@909: old_nonce = OpenID::Nonce::mk_nonce(3600) Chris@909: assert_nonce(old_nonce, false, url, "Old nonce #{old_nonce.inspect} passed") Chris@909: end Chris@909: end Chris@909: Chris@909: private Chris@909: def gen_assoc(issued, lifetime = 600) Chris@909: secret = OpenID::CryptUtil.random_string(20, nil) Chris@909: handle = OpenID::CryptUtil.random_string(128, ALLOWED_HANDLE) Chris@909: OpenID::Association.new(handle, secret, Time.now + issued, lifetime, 'HMAC-SHA1') Chris@909: end Chris@909: Chris@909: def assert_retrieve(url, handle = nil, expected = nil) Chris@909: assoc = @store.get_association(url, handle) Chris@909: Chris@909: if expected.nil? Chris@909: assert_nil(assoc) Chris@909: else Chris@909: assert_equal(expected, assoc) Chris@909: assert_equal(expected.handle, assoc.handle) Chris@909: assert_equal(expected.secret, assoc.secret) Chris@909: end Chris@909: end Chris@909: Chris@909: def assert_remove(url, handle, expected) Chris@909: present = @store.remove_association(url, handle) Chris@909: assert_equal(expected, present) Chris@909: end Chris@909: Chris@909: def assert_nonce(nonce, expected, server_url, msg = "") Chris@909: stamp, salt = OpenID::Nonce::split_nonce(nonce) Chris@909: actual = @store.use_nonce(server_url, stamp, salt) Chris@909: assert_equal(expected, actual, msg) Chris@909: end Chris@909: end