diff options
Diffstat (limited to 'test/rubygems/test_webauthn_listener.rb')
-rw-r--r-- | test/rubygems/test_webauthn_listener.rb | 57 |
1 files changed, 37 insertions, 20 deletions
diff --git a/test/rubygems/test_webauthn_listener.rb b/test/rubygems/test_webauthn_listener.rb index 81cfd2fc61..08edabceb2 100644 --- a/test/rubygems/test_webauthn_listener.rb +++ b/test/rubygems/test_webauthn_listener.rb @@ -1,7 +1,8 @@ # frozen_string_literal: true require_relative "helper" -require "rubygems/webauthn_listener" +require "rubygems/gemcutter_utilities/webauthn_listener" +require "rubygems/gemcutter_utilities" class WebauthnListenerTest < Gem::TestCase def setup @@ -16,17 +17,33 @@ class WebauthnListenerTest < Gem::TestCase super end + def test_listener_thread_retreives_otp_code + thread = Gem::GemcutterUtilities::WebauthnListener.listener_thread(Gem.host, @server) + Gem::MockBrowser.get Gem::URI("http://localhost:#{@port}?code=xyz") + + thread.join + assert_equal "xyz", thread[:otp] + end + + def test_listener_thread_sets_error + thread = Gem::GemcutterUtilities::WebauthnListener.listener_thread(Gem.host, @server) + Gem::MockBrowser.post Gem::URI("http://localhost:#{@port}?code=xyz") + + thread.join + assert_equal "Security device verification failed: Invalid HTTP method POST received.", thread[:error].message + end + def test_wait_for_otp_code_get_follows_options wait_for_otp_code - assert Gem::MockBrowser.options(URI("http://localhost:#{@port}?code=xyz")).is_a? Net::HTTPNoContent - assert Gem::MockBrowser.get(URI("http://localhost:#{@port}?code=xyz")).is_a? Net::HTTPOK + assert Gem::MockBrowser.options(Gem::URI("http://localhost:#{@port}?code=xyz")).is_a? Gem::Net::HTTPNoContent + assert Gem::MockBrowser.get(Gem::URI("http://localhost:#{@port}?code=xyz")).is_a? Gem::Net::HTTPOK end def test_wait_for_otp_code_options_request wait_for_otp_code - response = Gem::MockBrowser.options URI("http://localhost:#{@port}?code=xyz") + response = Gem::MockBrowser.options Gem::URI("http://localhost:#{@port}?code=xyz") - assert response.is_a? Net::HTTPNoContent + assert response.is_a? Gem::Net::HTTPNoContent assert_equal Gem.host, response["access-control-allow-origin"] assert_equal "POST", response["access-control-allow-methods"] assert_equal "Content-Type, Authorization, x-csrf-token", response["access-control-allow-headers"] @@ -35,10 +52,10 @@ class WebauthnListenerTest < Gem::TestCase def test_wait_for_otp_code_get_request wait_for_otp_code - response = Gem::MockBrowser.get URI("http://localhost:#{@port}?code=xyz") + response = Gem::MockBrowser.get Gem::URI("http://localhost:#{@port}?code=xyz") - assert response.is_a? Net::HTTPOK - assert_equal "text/plain", response["Content-Type"] + assert response.is_a? Gem::Net::HTTPOK + assert_equal "text/plain; charset=utf-8", response["Content-Type"] assert_equal "7", response["Content-Length"] assert_equal Gem.host, response["access-control-allow-origin"] assert_equal "POST", response["access-control-allow-methods"] @@ -52,10 +69,10 @@ class WebauthnListenerTest < Gem::TestCase def test_wait_for_otp_code_invalid_post_req_method wait_for_otp_code_expect_error_with_message("Security device verification failed: Invalid HTTP method POST received.") - response = Gem::MockBrowser.post URI("http://localhost:#{@port}?code=xyz") + response = Gem::MockBrowser.post Gem::URI("http://localhost:#{@port}?code=xyz") assert response - assert response.is_a? Net::HTTPMethodNotAllowed + assert response.is_a? Gem::Net::HTTPMethodNotAllowed assert_equal "GET, OPTIONS", response["allow"] assert_equal "close", response["Connection"] @@ -65,9 +82,9 @@ class WebauthnListenerTest < Gem::TestCase def test_wait_for_otp_code_incorrect_path wait_for_otp_code_expect_error_with_message("Security device verification failed: Page at /path not found.") - response = Gem::MockBrowser.post URI("http://localhost:#{@port}/path?code=xyz") + response = Gem::MockBrowser.post Gem::URI("http://localhost:#{@port}/path?code=xyz") - assert response.is_a? Net::HTTPNotFound + assert response.is_a? Gem::Net::HTTPNotFound assert_equal "close", response["Connection"] @thread.join @@ -76,10 +93,10 @@ class WebauthnListenerTest < Gem::TestCase def test_wait_for_otp_code_no_params_response wait_for_otp_code_expect_error_with_message("Security device verification failed: Did not receive OTP from https://rubygems.org.") - response = Gem::MockBrowser.get URI("http://localhost:#{@port}") + response = Gem::MockBrowser.get Gem::URI("http://localhost:#{@port}") - assert response.is_a? Net::HTTPBadRequest - assert_equal "text/plain", response["Content-Type"] + assert response.is_a? Gem::Net::HTTPBadRequest + assert_equal "text/plain; charset=utf-8", response["Content-Type"] assert_equal "22", response["Content-Length"] assert_equal "close", response["Connection"] assert_equal "missing code parameter", response.body @@ -90,10 +107,10 @@ class WebauthnListenerTest < Gem::TestCase def test_wait_for_otp_code_incorrect_params wait_for_otp_code_expect_error_with_message("Security device verification failed: Did not receive OTP from https://rubygems.org.") - response = Gem::MockBrowser.get URI("http://localhost:#{@port}?param=xyz") + response = Gem::MockBrowser.get Gem::URI("http://localhost:#{@port}?param=xyz") - assert response.is_a? Net::HTTPBadRequest - assert_equal "text/plain", response["Content-Type"] + assert response.is_a? Gem::Net::HTTPBadRequest + assert_equal "text/plain; charset=utf-8", response["Content-Type"] assert_equal "22", response["Content-Length"] assert_equal "close", response["Connection"] assert_equal "missing code parameter", response.body @@ -106,7 +123,7 @@ class WebauthnListenerTest < Gem::TestCase def wait_for_otp_code @thread = Thread.new do - Thread.current[:otp] = Gem::WebauthnListener.wait_for_otp_code(Gem.host, @server) + Thread.current[:otp] = Gem::GemcutterUtilities::WebauthnListener.new(Gem.host).wait_for_otp_code(@server) end @thread.abort_on_exception = true @thread.report_on_exception = false @@ -115,7 +132,7 @@ class WebauthnListenerTest < Gem::TestCase def wait_for_otp_code_expect_error_with_message(message) @thread = Thread.new do error = assert_raise Gem::WebauthnVerificationError do - Thread.current[:otp] = Gem::WebauthnListener.wait_for_otp_code(Gem.host, @server) + Thread.current[:otp] = Gem::GemcutterUtilities::WebauthnListener.new(Gem.host).wait_for_otp_code(@server) end assert_equal message, error.message |