/test/sinatra/ssl_client_verification_integration_test.rb - Smart Proxy - Foreman

| Branch: | Tag: | Revision:

root/test/sinatra/ssl_client_verification_integration_test.rb @ 335d1332

       require 'test_helper'
       require 'net/http'
       class SSLClientVerificationIntegrationTest < Test::Unit::TestCase
         include Proxy::IntegrationTestCase
         class TestAPIWithSSLClientAuth < ::Sinatra::Base
           helpers ::Proxy::Helpers
           authorize_with_ssl_client
           get('/') { 'Success' }
         end
         class TestPluginWithSSLClientAuth < ::Proxy::Plugin
           class << self
             def http_rackup
               'run SSLClientVerificationIntegrationTest::TestAPIWithSSLClientAuth'
             end
             alias https_rackup http_rackup
           end
         end
         def test_http
           launch protocol: 'http', plugins: [TestPluginWithSSLClientAuth]
           res = Net::HTTP.get_response('localhost', '/', @settings.http_port)
           assert_kind_of Net::HTTPSuccess, res
           assert_equal 'Success', res.body
         end
         def test_https_no_cert
           launch_https
           http = Net::HTTP.new('localhost', @settings.https_port)
           http.use_ssl = true
           http.verify_mode = OpenSSL::SSL::VERIFY_NONE
           res = http.get('/')
           assert_kind_of Net::HTTPForbidden, res
         end
         def test_https_cert_from_different_authority
           launch_https
           http = Net::HTTP.new('localhost', @settings.https_port)
           http.use_ssl = true
           http.ca_file = File.join(fixtures, 'certs', 'ca.pem')
           http.cert    = OpenSSL::X509::Certificate.new(File.read(File.join(fixtures, 'certs', 'badclient.example.com.pem')))
           http.key     = OpenSSL::PKey::RSA.new(File.read(File.join(fixtures, 'private_keys', 'badclient.example.com.pem')))
           http.verify_mode = OpenSSL::SSL::VERIFY_PEER
           assert_raise OpenSSL::SSL::SSLError do
             http.get('/')
           end
         end
         def test_https_cert
           launch_https
           http = Net::HTTP.new('localhost', @settings.https_port)
           http.use_ssl = true
           http.ca_file = File.join(fixtures, 'certs', 'ca.pem')
           http.cert    = OpenSSL::X509::Certificate.new(File.read(File.join(fixtures, 'certs', 'client.example.com.pem')))
           http.key     = OpenSSL::PKey::RSA.new(File.read(File.join(fixtures, 'private_keys', 'client.example.com.pem')))
           http.verify_mode = OpenSSL::SSL::VERIFY_PEER
           res = http.get('/')
           assert_kind_of Net::HTTPSuccess, res
           assert_equal 'Success', res.body
         end
         private
         def launch_https
           launch protocol: 'https', plugins: [TestPluginWithSSLClientAuth],
                  settings: {
                    ssl_private_key: File.join(fixtures, 'private_keys', 'server.example.com.pem'),
                    ssl_certificate: File.join(fixtures, 'certs', 'server.example.com.pem'),
                    ssl_ca_file:     File.join(fixtures, 'certs', 'ca.pem'),
+                 }
         end
         def fixtures
           File.expand_path(File.join(File.dirname(__FILE__), '..', 'fixtures', 'ssl'))
         end
       end

(3-3/5)

Project

General

Profile

Foreman » Smart Proxy