-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprotocol_test_suite_spec.rb
134 lines (113 loc) · 4.91 KB
/
protocol_test_suite_spec.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# frozen_string_literal: true
require 'test_suite_parser'
require 'faraday'
require 'mauth/client'
describe 'MAuth Client passes the protocol test suite' do
let(:app_uuid) { ProtocolHelper::Config.app_uuid }
let(:pub_key) { ProtocolHelper::Config.pub_key }
let(:request_time) { ProtocolHelper::Config.request_time }
let(:mauth_client) { ProtocolHelper::Config.mauth_client }
let(:signing_info) { { app_uuid: app_uuid, time: request_time } }
before(:all) { ProtocolHelper::Config.load }
let(:parser) { ProtocolHelper::CaseParser.new(protocol, case_dir) }
let(:req_attrs) { parser.req_attrs }
# must have protocol and domain name so URI won't consider `//example//` test case a
# relative uri. Without protocol and domain here URI('//example//').path => '//'
let(:uri_obj) { URI("https://example.com#{req_attrs['url']}") }
let(:expected_str_to_sign) { parser.sts }
let(:expected_signature) { parser.sig }
let(:expected_auth_headers) { parser.auth_headers }
let(:body) { parser.req_attrs['body'] }
let(:faraday_env) do
{
method: req_attrs['verb'],
url: uri_obj,
body: body
}
end
let(:faraday_req) { MAuth::Faraday::Request.new(faraday_env) }
let(:path) { req_attrs['url'].split('?')[0] }
let(:query) { req_attrs['url'].split('?')[1].to_s }
let(:rackified_auth_headers) do
expected_auth_headers.transform_keys { |k| k.upcase.tr('-', '_').prepend('HTTP_') }
end
let(:mock_rack_env) do
{
'REQUEST_METHOD' => req_attrs['verb'],
'PATH_INFO' => path,
'QUERY_STRING' => query,
'rack.input' => double('rack.input', rewind: nil, read: body)
}.merge(rackified_auth_headers)
end
let(:rack_req) { MAuth::Rack::Request.new(mock_rack_env) }
describe 'MWS protocol' do
let(:protocol) { 'MWS' }
ProtocolHelper::Config.cases('MWS').each do |case_dir|
context case_dir.to_s do
let(:case_dir) { case_dir.to_s }
context 'signing' do
unless case_dir.include?('binary-body')
it 'generates the corect string to sign' do
elements = faraday_req.string_to_sign_v1(signing_info).split("\n")
expected_elements = expected_str_to_sign.split("\n")
elements.zip(expected_elements).each do |generated_sts_element, expected_sts_element|
expect(generated_sts_element).to eq(expected_sts_element)
end
expect(faraday_req.string_to_sign_v1(signing_info)).to eq(expected_str_to_sign)
end
it 'generates the correct signature' do
expect(mauth_client.signature_v1(expected_str_to_sign)).to eq(expected_signature)
end
end
it 'generates the correct authentication headers' do
expect(mauth_client.signed_headers_v1(faraday_req, time: request_time)).to eq(expected_auth_headers)
end
end
context 'authentication' do
before do
allow(Time).to receive(:now).and_return(Time.at(request_time))
allow(mauth_client).to receive(:retrieve_public_key).and_return(pub_key)
end
it 'considers the authentically-signed request to be authentic' do
expect { mauth_client.authenticate!(rack_req) }.not_to raise_error
end
end
end
end
describe 'MWSV2 protocol' do
let(:protocol) { 'MWSV2' }
ProtocolHelper::Config.cases('MWSV2').each do |case_dir|
context case_dir.to_s do
let(:case_dir) { case_dir.to_s }
unless case_dir.include?('authentication-only')
context 'signing' do
it 'generates the corect string to sign' do
elements = faraday_req.string_to_sign_v2(signing_info).split("\n")
expected_elements = expected_str_to_sign.split("\n")
elements.zip(expected_elements).each do |generated_sts_element, expected_sts_element|
expect(generated_sts_element).to eq(expected_sts_element)
end
expect(faraday_req.string_to_sign_v2(signing_info)).to eq(expected_str_to_sign)
end
it 'generates the correct signature' do
expect(mauth_client.signature_v2(expected_str_to_sign)).to eq(expected_signature)
end
it 'generates the correct authentication headers' do
expect(mauth_client.signed_headers_v2(faraday_req, time: request_time)).to eq(expected_auth_headers)
end
end
end
context 'authentication' do
before do
allow(Time).to receive(:now).and_return(Time.at(request_time))
allow(mauth_client).to receive(:retrieve_public_key).and_return(pub_key)
end
it 'considers the authentically-signed request to be authentic' do
expect { mauth_client.authenticate!(rack_req) }.not_to raise_error
end
end
end
end
end
end
end