[Jifty-commit] r4337 - in jifty/trunk: . lib/Jifty/Plugin/OAuth/Action t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth

jifty-commit at lists.jifty.org jifty-commit at lists.jifty.org
Tue Oct 30 18:34:35 EDT 2007 

Author: sartak
Date: Tue Oct 30 18:34:34 2007
New Revision: 4337

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm
   jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Dispatcher.pm
   jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
   jifty/trunk/t/TestApp-Plugin-OAuth/t/01-basic.t
   jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t

Log:
 r44433 at onn:  sartak | 2007-10-30 14:17:57 -0400
 Wrote most of the authorization tests


Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Action/AuthorizeRequestToken.pm	Tue Oct 30 18:34:34 2007
@@ -41,6 +41,11 @@
 
     return $self->validation_error(token => "I don't know of that request token.") unless $request_token->id;
 
+    if ($request_token->valid_until < Jifty::DateTime->now(time_zone => 'GMT')) {
+        $request_token->delete();
+        return $self->validation_error(token => "This request token has expired.");
+    }
+
     return $self->validation_ok('token');
 }
 

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Dispatcher.pm	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Dispatcher.pm	Tue Oct 30 18:34:34 2007
@@ -5,19 +5,20 @@
 
 my @login_required = qw{
     oauth/authorize
+    nuke/?
 };
 
 my $login_required = join '|', map {"^$_"} @login_required;
 $login_required = qr/$login_required/;
 
-before '*' => run {
+before '**' => run {
     if (Jifty->web->current_user->id) {
         my $top = Jifty->web->navigation;
         $top->child( _('Pick!')    => url => '/pick' );
         $top->child( _('Choices')  => url => '/choices' );
     }
     elsif ($1 =~ $login_required) {
-        tangent 'login';
+        tangent '/login';
     }
 };
 

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm	Tue Oct 30 18:34:34 2007
@@ -8,7 +8,9 @@
 use Crypt::OpenSSL::RSA;
 use Digest::HMAC_SHA1 'hmac_sha1';
 
-our @EXPORT = qw($timestamp $url $mech $pubkey $seckey response_is sign get_latest_token);
+our @EXPORT = qw($timestamp $url $mech $pubkey $seckey $token_obj
+                 response_is sign get_latest_token
+                 allow_ok deny_ok _authorize_request_token);
 
 sub setup {
     my $class = shift;
@@ -21,6 +23,7 @@
 our $mech;
 our $pubkey = slurp('t/id_rsa.pub');
 our $seckey = slurp('t/id_rsa');
+our $token_obj;
 
 sub response_is {
     ++$timestamp;
@@ -66,12 +69,13 @@
     local $Test::Builder::Level = $Test::Builder::Level + 1;
     main::is($r->code, $code, $testname);
 
-    my $token = get_latest_token();
+    undef $token_obj;
+    get_latest_token();
     if ($code == 200) {
-        main::ok($token, "Successfully loaded a token object with token ".$token->token.".");
+        main::ok($token_obj, "Successfully loaded a token object with token ".$token_obj->token.".");
     }
     else {
-        main::ok(!$token, "Did not get a token");
+        main::ok(!$token_obj, "Did not get a token");
     }
 }
 
@@ -158,7 +162,7 @@
     if ($mech->uri =~ /request_token/) {
         $package .= 'RequestToken';
     }
-    elsif ($mech->uri =~ /request_token/) {
+    elsif ($mech->uri =~ /access_token/) {
         $package .= 'AccessToken';
     }
     else {
@@ -166,7 +170,7 @@
         return;
     }
 
-    my $token_obj = $package->new(current_user => Jifty::CurrentUser->superuser);
+    $token_obj = $package->new(current_user => Jifty::CurrentUser->superuser);
     $token_obj->load_by_cols(token => $token);
 
     if (!$token_obj->id) {
@@ -177,5 +181,47 @@
     return $token_obj;
 }
 
+sub allow_ok {
+    local $Test::Builder::Level = $Test::Builder::Level + 1;
+
+    my $error = _authorize_request_token('Allow');
+    ok(0, $error), return if $error;
+
+    my $name = $token_obj->consumer->name;
+    $mech->content_contains("Allowing $name to access your stuff");
+}
+
+sub deny_ok {
+    local $Test::Builder::Level = $Test::Builder::Level + 1;
+
+    my $error = _authorize_request_token('Deny');
+    ok(0, $error), return if $error;
+
+    my $name = $token_obj->consumer->name;
+    $mech->content_contains("Denying $name the right to access your stuff");
+}
+
+sub _authorize_request_token {
+    local $Test::Builder::Level = $Test::Builder::Level + 1;
+
+    my $which_button = shift
+        or die "You did not specify a button to click to _authorize_request_token";
+
+    my $token = shift || $token_obj->token;
+    $token = $token->token if ref $token;
+
+    $mech->get('/oauth/authorize')
+        or return "Unable to navigate to /oauth/authorize";;
+    $mech->content =~ /If you trust this application/
+        or return "Content did not much qr/If you trust this application/";
+    my $moniker = $mech->moniker_for('TestApp::Plugin::OAuth::Action::AuthorizeRequestToken')
+        or return "Unable to find moniker for AuthorizeRequestToken";
+    $mech->fill_in_action($moniker, token => $token)
+        or return "Unable to fill in the AuthorizeRequestToken action";
+    $mech->click_button(value => $which_button)
+        or return "Unable to click $which_button button";
+    return;
+}
+
 1;
 

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/01-basic.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/01-basic.t	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/01-basic.t	Tue Oct 30 18:34:34 2007
@@ -29,5 +29,5 @@
 $mech->content_like(qr{http://oauth\.net/}, "oauth page mentions OAuth homepage");
 
 $mech->get_ok($URL . '/oauth/authorize');
-$mech->content_like(qr{If you trust this application}, "oauth authorization page exists without fancy headers");
+$mech->content_unlike(qr{If you trust this application}, "/oauth/authorize requires being logged in");
 

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t	Tue Oct 30 18:34:34 2007
@@ -51,4 +51,110 @@
     oauth_signature_method => 'PLAINTEXT',
 );
 # }}}
+# try to navigate to protected pages while not logged in {{{
+$mech->get_ok('/oauth/authorize');
+$mech->content_unlike(qr/If you trust this application/);
+
+$mech->get_ok('/nuke/the/whales');
+$mech->content_unlike(qr/Press the shiny red button/);
+# }}}
+# log in {{{
+my $u = TestApp::Plugin::OAuth::Model::User->new(current_user => TestApp::Plugin::OAuth::CurrentUser->superuser);
+$u->create( name => 'You Zer', email => 'youzer at example.com', password => 'secret', email_confirmed => 1);
+ok($u->id, "New user has valid id set");
+
+$mech->get_ok('/login');
+$mech->fill_in_action_ok($mech->moniker_for('TestApp::Plugin::OAuth::Action::Login'), email => 'youzer at example.com', password => 'secret');
+$mech->submit;
+$mech->save_content('m2.html');
+$mech->content_contains('Logout');
+# }}}
+# try to navigate to protected pages while logged in {{{
+$mech->get_ok('/oauth/authorize');
+$mech->content_like(qr/If you trust this application/);
+
+$mech->get_ok('/nuke/the/whales');
+$mech->content_like(qr/Press the shiny red button/);
+# }}}
+# deny an unknown access token {{{
+my $error = _authorize_request_token('Deny', 'deadbeef');
+if ($error) {
+    ok(0, $error);
+}
+else {
+    $mech->content_contains("I don't know of that request token.");
+}
+# }}}
+# allow an unknown access token {{{
+$error = _authorize_request_token('Allow', 'hamburger');
+if ($error) {
+    ok(0, $error);
+}
+else {
+    $mech->content_contains("I don't know of that request token.");
+}
+# }}}
+# deny the above request token {{{
+deny_ok();
+# }}}
+# try to use the denied request token {{{
+$error = _authorize_request_token('Deny');
+if ($error) {
+    ok(0, $error);
+}
+else {
+    $mech->content_contains("I don't know of that request token.");
+}
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+    code                   => 200,
+    testname               => "200 - plaintext signature",
+    consumer_secret        => 'bar',
+    oauth_consumer_key     => 'foo',
+    oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# allow the above request token {{{
+allow_ok();
+# }}}
+# try to allow again {{{
+$error = _authorize_request_token('Allow');
+if ($error) {
+    ok(0, $error);
+}
+else {
+    $mech->content_contains("I don't know of that request token.");
+}
+# }}}
+# get another request token as a known consumer (PLAINTEXT) {{{
+response_is(
+    code                   => 200,
+    testname               => "200 - plaintext signature",
+    consumer_secret        => 'bar',
+    oauth_consumer_key     => 'foo',
+    oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# expire the token, try to allow it {{{
+my $late = Jifty::DateTime->now(time_zone => 'GMT')->subtract(minutes => 10);
+$token_obj->set_valid_until($late);
+
+$error = _authorize_request_token('Allow');
+if ($error) {
+    ok(0, $error);
+}
+else {
+    $mech->content_contains("This request token has expired.");
+}
+# }}}
+# try again, it should be deleted {{{
+$error = _authorize_request_token('Allow');
+if ($error) {
+    ok(0, $error);
+}
+else {
+    $mech->content_contains("I don't know of that request token.");
+}
+# }}}

More information about the Jifty-commit mailing list