Last active
September 15, 2016 19:55
-
-
Save halloffame/ff4c5a2a3b0f460b80c917d574dfdfb2 to your computer and use it in GitHub Desktop.
Tests v1.4 migration path for api-auth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'rack' | |
| # Since the requests are time-sensitive, you will need to regenerate the | |
| # mock client requests for each of the versions before testing them | |
| # against the different API versions. Otherwise they will all just return false. | |
| API_AUTH_VERSION = '1.3.2' | |
| # gem 'api-auth', '1.3.2' | |
| # gem 'api-auth', '1.4.1' | |
| # gem 'api-auth', '1.5.0' | |
| # gem 'api-auth', '2.0.1' | |
| gem 'api-auth', API_AUTH_VERSION | |
| require 'api_auth' | |
| SECRET_KEY = 'alkjdsfkjsdflkjs' | |
| ACCESS_ID = '3084029348029' | |
| def signed_request(with_http_method: false) | |
| Rack::Request.new({ 'REQUEST_METHOD' => 'GET', 'HTTP_HOST'=>'localhost:3000', | |
| 'PATH_INFO'=>'/super', 'rack.url_scheme'=>'https' }).tap do |r| | |
| if with_http_method | |
| ApiAuth.sign! r, ACCESS_ID, SECRET_KEY, {:with_http_method => with_http_method} | |
| else | |
| ApiAuth.sign! r, ACCESS_ID, SECRET_KEY | |
| end | |
| end | |
| end | |
| def mock_signed_request(attrs) | |
| Rack::Request.new(attrs) | |
| end | |
| def authentic?(req) | |
| ApiAuth.authentic? req, SECRET_KEY | |
| end | |
| ### Mock Client Requests. These are time-sensitive and will need to be regenerated before you run the tests since they expire after 15 minutes ### | |
| # 1.3.2 | |
| req13 = {"REQUEST_METHOD"=>"GET", "HTTP_HOST"=>"localhost:3000", "PATH_INFO"=>"/super", "rack.url_scheme"=>"https", "DATE"=>"Thu, 15 Sep 2016 19:51:34 GMT", "Authorization"=>"APIAuth 3084029348029:jHdQ+A8VfcOT1swb1K1JlWxtGBA="} | |
| # 1.4.1 | |
| req14_0 = {"REQUEST_METHOD"=>"GET", "HTTP_HOST"=>"localhost:3000", "PATH_INFO"=>"/super", "rack.url_scheme"=>"https", "DATE"=>"Thu, 15 Sep 2016 19:52:01 GMT", "Authorization"=>"APIAuth 3084029348029:1ZliackQOR/EHyTCSYnkSB4S7h8="} | |
| # 1.4.1 with http method | |
| req14_1 = {"REQUEST_METHOD"=>"GET", "HTTP_HOST"=>"localhost:3000", "PATH_INFO"=>"/super", "rack.url_scheme"=>"https", "DATE"=>"Thu, 15 Sep 2016 19:52:01 GMT", "Authorization"=>"APIAuth 3084029348029:Z+bC7ovAltcVfglYhIBrqZLHzDI="} | |
| # 1.5.0 | |
| req15_0 = {"REQUEST_METHOD"=>"GET", "HTTP_HOST"=>"localhost:3000", "PATH_INFO"=>"/super", "rack.url_scheme"=>"https", "DATE"=>"Thu, 15 Sep 2016 19:52:46 GMT", "Authorization"=>"APIAuth 3084029348029:4Q3MLuu+8C/Y9dCIfK09RzY6dpc="} | |
| # 1.5.0 with http method | |
| req15_1 = {"REQUEST_METHOD"=>"GET", "HTTP_HOST"=>"localhost:3000", "PATH_INFO"=>"/super", "rack.url_scheme"=>"https", "DATE"=>"Thu, 15 Sep 2016 19:52:46 GMT", "Authorization"=>"APIAuth 3084029348029:OZjKABOm1EWRQsCWiigCZ2zXFOY="} | |
| # These lines are used to generate the above requests for the set version | |
| puts("\nSample client requests: ") | |
| puts("# #{API_AUTH_VERSION}: ") | |
| puts(signed_request.env) | |
| if API_AUTH_VERSION.to_f >= 1.4 | |
| puts("# #{API_AUTH_VERSION} with http method: ") | |
| puts(signed_request(with_http_method: true).env) | |
| end | |
| puts("") | |
| puts("VERSION #{API_AUTH_VERSION} (API server)") | |
| print("Verifies requests signed by client version 1.3.2 : ") | |
| puts authentic?(mock_signed_request(req13)) | |
| print("Verifies requests signed by client version 1.4.1 : ") | |
| puts authentic?(mock_signed_request(req14_0)) | |
| print("Verifies requests signed by client version 1.4.1* : ") | |
| puts authentic?(mock_signed_request(req14_1)) | |
| print("Verifies requests signed by client version 1.5.0 : ") | |
| puts authentic?(mock_signed_request(req15_0)) | |
| print("Verifies requests signed by client version 1.5.0* : ") | |
| puts authentic?(mock_signed_request(req15_1)) | |
| puts("* with_http_method = true") | |
| puts("") | |
| # VERSION 1.3.2 (API server) | |
| # Verifies requests signed by client version 1.3.2 : true | |
| # Verifies requests signed by client version 1.4.1 : true | |
| # Verifies requests signed by client version 1.4.1* : false | |
| # Verifies requests signed by client version 1.5.0 : true | |
| # Verifies requests signed by client version 1.5.0* : false | |
| # VERSION 1.4.1 (API server) | |
| # Verifies requests signed by client version 1.3.2 : true | |
| # Verifies requests signed by client version 1.4.1 : true | |
| # Verifies requests signed by client version 1.4.1* : true | |
| # Verifies requests signed by client version 1.5.0 : true | |
| # Verifies requests signed by client version 1.5.0* : true | |
| # VERSION 1.5.0 (API server) | |
| # Verifies requests signed by client version 1.3.2 : true | |
| # Verifies requests signed by client version 1.4.1 : true | |
| # Verifies requests signed by client version 1.4.1* : true | |
| # Verifies requests signed by client version 1.5.0 : true | |
| # Verifies requests signed by client version 1.5.0* : true | |
| # VERSION 2.0.1 (API server) | |
| # Verifies requests signed by client version 1.3.2 : false | |
| # Verifies requests signed by client version 1.4.1 : false | |
| # Verifies requests signed by client version 1.4.1* : true | |
| # Verifies requests signed by client version 1.5.0 : false | |
| # Verifies requests signed by client version 1.5.0* : true | |
| # * with_http_method = true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment