rubycas-server/spec/casserver/cas_spec.rb at cc654fc8641dac61c7e791ff7ebcbf5b77988152 · rubycas/rubycas-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
require 'spec_helper'

module CASServer; end
require 'casserver/cas'
require 'nokogiri'
require 'cgi'

describe CASServer::CAS do
  before do
    load_server("default_config")
    reset_spec_database
    @klass = Class.new {
      include CASServer::CAS
    }
    @client_hostname = 'myhost.test'
    @host = @klass.new
    @host.instance_variable_set(:@env, {
      'REMOTE_HOST' => @client_hostname
    })
  end

  describe "#generate_login_ticket" do
    before do
      @lt = @host.generate_login_ticket
    end

    it "should return a login ticket" do
      @lt.class.should == CASServer::Model::LoginTicket
    end

    it "should set the client_hostname" do
      @lt.client_hostname.should == @client_hostname
    end

    it "should set the ticket string" do
      @lt.ticket.should_not be_nil
    end

    it "SHOULD set the ticket string starting with 'LT'" do
      @lt.ticket.should match /^LT/
    end

    it "should not mark the ticket as consumed" do
      @lt.consumed.should be_nil
    end
  end

  describe "#generate_ticket_granting_ticket(username, extra_attributes = {})" do
    before do
      @username = 'myuser'
      @tgt = @host.generate_ticket_granting_ticket(@username)
    end

    it "should return a TicketGrantingTicket" do
      @tgt.class.should == CASServer::Model::TicketGrantingTicket
    end

    it "should set the tgt's ticket string" do
      @tgt.ticket.should_not be_nil
    end

    it "should generate a ticket string starting with 'TGC'" do
      @tgt.ticket.should match /^TGC/
    end

    it "should set the tgt's username string" do
      @tgt.username.should == @username
    end

    it "should set the tgt's client_hostname" do
      @tgt.client_hostname.should == @client_hostname
    end
  end

  describe "#generate_service_ticket(service, username, tgt)" do
    before do
      @username = 'testuser'
      @service = 'myservice.test'
      @tgt = double(CASServer::Model::TicketGrantingTicket)
      @tgt.stub(:id => rand(10000))
      @st = @host.generate_service_ticket(@service, @username, @tgt)
    end

    it "should return a ServiceTicket" do
      @st.class.should == CASServer::Model::ServiceTicket
    end

    it "should not include the service identifer in the ticket string" do
      @st.ticket.should_not match /#{@service}/
    end

    it "should not mark the ST as consumed" do
      @st.consumed.should be_nil
    end

    it "MUST generate a ticket that starts with 'ST-'" do
      @st.ticket.should match /^ST-/
    end

    it "should assoicate the ST with the supplied TGT" do
      @st.granted_by_tgt_id.should == @tgt.id
    end
  end

  describe "#generate_proxy_ticket(target_service, pgt)" do
    before do
      @target_service = 'remoteservice.test'
      @st = CASServer::Model::ServiceTicket.new({
        :username => 'joe',
        :granted_by_tgt_id => rand(10000)
      })
      @pgt = double(CASServer::Model::ProxyGrantingTicket)
      @pgt.stub({
        :id => rand(10000),
        :service_ticket => @st,
        :ticket => 'some ticket'
      })
      @pt = @host.generate_proxy_ticket(@target_service, @pgt)
    end

    it "should return a ProxyGrantingTicket" do
      @pt.class.should == CASServer::Model::ProxyTicket
    end

    it "should not consume the generated ticket" do
      @pt.consumed.should be_nil
    end

    it "should start the ticket string with PT-" do
      @pt.ticket.should match /^PT-/
    end
  end

  describe "#send_logout_notification_for_service_ticket(st)" do
    it "should send valid single sign out XML to the service URL" do
      service_stub = stub_request(:post, 'http://example.com')
      st = CASServer::Model::ServiceTicket.new(
        :ticket => 'ST-0123456789ABCDEFGHIJKLMNOPQRS',
        :service => 'http://example.com'
      )
      @host.send_logout_notification_for_service_ticket(st)

      a_request(:post, 'example.com').with{ |req|
        xml = CGI.parse(req.body)['logoutRequest'].first
        Nokogiri::XML(xml).at_xpath('//samlp:SessionIndex').text.strip == st.ticket
      }.should have_been_made
    end
  end
end