Download as
Browse Code »

Commit 6948f9dc9888f9f63d0c5163c22572538afd5d1c

Authored by Evandro Junior
1 parent 2778d9d9
Exists in master

fixing tests

Showing 3 changed files with 141 additions and 114 deletions   Show diff stats
lib/recaptcha_verification.rb
  Diff comments   View file @6948f9d
... ... @@ -22,11 +22,11 @@ class RecaptchaVerification
22 22 https.use_ssl = true
23 23 request = Net::HTTP::Post.new(uri.path)
24 24 request.set_form_data(verify_hash)
25   - begin
  25 + # begin
26 26 result = https.request(request).body.split("\n")
27   - rescue Exception => e
28   - return hash_error(_('Internal captcha validation error'), 500, nil, "Error validating Googles' recaptcha version 1: #{e.message}")
29   - end
  27 + # rescue Exception => e
  28 + # return hash_error(_('Internal captcha validation error'), 500, nil, "Error validating Googles' recaptcha version 1: #{e.message}")
  29 + # end
30 30 return true if result[0] == "true"
31 31 return hash_error(_("Wrong captcha text, please try again"), 403, nil, "Error validating Googles' recaptcha version 1: #{result[1]}") if result[1] == "incorrect-captcha-sol"
32 32 #Catches all errors at the end
... ... @@ -47,18 +47,19 @@ class RecaptchaVerification
47 47 https.use_ssl = true
48 48 request = Net::HTTP::Post.new(uri.path)
49 49 request.set_form_data(verify_hash)
50   - begin
  50 + # begin
51 51 body = https.request(request).body
52   - rescue Exception => e
53   - return hash_error(_('Internal captcha validation error'), 500, nil, "recaptcha error: #{e.message}")
54   - end
  52 + # rescue Exception => e
  53 + # return hash_error(_('Internal captcha validation error'), 500, nil, "recaptcha error: #{e.message}")
  54 + # end
55 55 captcha_result = JSON.parse(body)
56   - captcha_result["success"] ? true : captcha_result
  56 + return true if captcha_result["success"]
  57 + return hash_error(_("Wrong captcha text, please try again"), 403, body, captcha_result["error-codes"])
57 58 end
58 59  
59 60 # return true or a hash with the error
60 61 # :user_message, :status, :log_message, :javascript_console_message
61   - def verify_recaptcha(client_id, token, captcha_text, verify_uri)
  62 + def verify_serpro_captcha(client_id, token, captcha_text, verify_uri)
62 63 msg_icve = _('Internal captcha validation error')
63 64 msg_esca = 'Environment recaptcha_plugin_attributes'
64 65 return hash_error(msg_icve, 500, nil, "#{msg_esca} verify_uri not defined") if verify_uri.nil?
... ...
test/test_helper.rb
  Diff comments   View file @6948f9d
... ... @@ -8,47 +8,39 @@ class ActiveSupport::TestCase
8 8 Noosfero::API::API
9 9 end
10 10  
11   - def pass_captcha(version)
  11 + def validate_captcha(version, pass = true)
12 12  
13   - if version.to_i == 1
14   - mocked_url = 'https://www.google.com/recaptcha/api/verify'
15   - end
16   - if version.to_i == 2
17   - mocked_url = 'https://www.google.com/recaptcha/api/siteverify'
18   - body={ secret: "secret",
19   - response: "response",
20   - remoteip: "127.0.0.1"}
  13 + if pass
  14 + status = 200
  15 + else
  16 + status = 403
21 17 end
22 18  
23   - pass_body = '{
24   - "success": true
25   - }'
26   - stub_request(:post, mocked_url).
27   - with(:body => body,
28   - :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
29   - to_return(:status => 200, :body => pass_body, :headers => {'Content-Length' => 1})
30   - end
31   -
32   - def fail_captcha(version)
33 19 if version.to_i == 1
34   - mocked_url = 'https://www.google.com/recaptcha/api/verify'
  20 + body = {
  21 + "challenge" => "challenge",
  22 + "privatekey" => "secret",
  23 + "remoteip" => "127.0.0.1",
  24 + "response" => "response"
  25 + }
35 26 end
36 27 if version.to_i == 2
37   - mocked_url = 'https://www.google.com/recaptcha/api/siteverify'
38 28 body={ secret: "secret",
39 29 response: "response",
40 30 remoteip: "127.0.0.1"}
41 31 end
42 32  
43   - fail_body = '{
44   - "success": false
45   - }'
46   - stub_request(:post, mocked_url).
  33 + return_body = "{
  34 + \"success\": #{pass}
  35 + }"
  36 +
  37 + stub_request(:post, @verify_uri).
47 38 with(:body => body,
48 39 :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
49   - to_return(:status => 200, :body => fail_body, :headers => {'Content-Length' => 1})
  40 + to_return(:status => status, :body => return_body, :headers => {'Content-Length' => 1})
50 41 end
51 42  
  43 +
52 44 def login_with_captcha
53 45 json = do_login_captcha_from_api
54 46 @private_token = json["private_token"]
... ...
test/unit/recaptcha_verification_test.rb
  Diff comments   View file @6948f9d
... ... @@ -12,19 +12,26 @@ class RecaptchaVerificationTest < ActiveSupport::TestCase
12 12  
13 13 def setup_captcha(version)
14 14 @environment.recaptcha_version=version.to_s
15   - @remote_ip = "127.0.0.1"
  15 + @environment.recaptcha_private_key = "secret"
  16 + @remoteip = "127.0.0.1"
  17 + @params = {}
  18 + @params[:remoteip] = @remoteip
16 19 if version.to_i == 1
17   - @params[:recaptcha_challenge_field] = "challenge"
18   - @params[:recaptcha_response_field] = "response"
  20 + #wont go to google thanks to webmock
  21 + @verify_uri = 'https://www.google.com/recaptcha/api/verify'
  22 + @params[:privatekey] = @environment.recaptcha_private_key
  23 + @params[:challenge] = "challenge"
  24 + @params[:response] = "response"
  25 +
  26 + @params[:recaptcha_challenge_field] = @params[:challenge]
  27 + @params[:recaptcha_response_field] = @params[:response]
19 28 end
20 29 if version.to_i == 2
21 30 #wont go to google thanks to webmock
22   - @environment.recaptcha_private_key = "secret"
23   - @recaptcha_site_key = "64264643"
24   - @captcha_text = "44641441"
25   - @params = {}
26   -
27   - @params[:g_recaptcha_response] = "response"
  31 + @verify_uri = 'https://www.google.com/recaptcha/api/siteverify'
  32 + @params[:secret] = @environment.recaptcha_private_key
  33 + @params[:response] = "response"
  34 + @params[:g_recaptcha_response] = @params[:response]
28 35 end
29 36 @environment.save!
30 37 end
... ... @@ -44,26 +51,36 @@ class RecaptchaVerificationTest < ActiveSupport::TestCase
44 51 end
45 52  
46 53 should 'pass recaptcha version 1' do
47   - pass_captcha(1)
48   - rp = RecaptchaPlugin.new
49   - r = rp.test_captcha(@remote_ip, @params, @environment)
  54 + version = 1
  55 + setup_captcha(version)
  56 + validate_captcha(version)
  57 + r = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
  58 + assert r
  59 + end
  60 +
  61 + should 'fail recaptcha version 1' do
  62 + version = 1
  63 + setup_captcha(version)
  64 + validate_captcha(version, false)
  65 + r = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
50 66 assert r
51 67 end
52 68  
53 69 should 'pass recaptcha version 2' do
54   - setup_captcha(2)
55   - pass_captcha(2)
  70 + version = 2
  71 + setup_captcha(version)
  72 + validate_captcha(version)
56 73 rp = RecaptchaPlugin.new
57   - r = rp.test_captcha(@remote_ip, @params, @environment)
  74 + r = rp.test_captcha(@remoteip, @params, @environment)
58 75 assert r
59 76 end
60 77  
61 78 should 'fail recaptcha version 2' do
62   - setup_captcha(2)
63   - fail_captcha(2)
64   - rp = RecaptchaPlugin.new
65   - r = rp.test_captcha(@remote_ip, @params, @environment)
66   - assert_equal({"success"=>false}, r)
  79 + version = 2
  80 + setup_captcha(version)
  81 + validate_captcha(version, false)
  82 + r = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
  83 + assert_equal r[:user_message], _("Wrong captcha text, please try again")
67 84 end
68 85  
69 86 should 'register a user when there are no enabled captcha pluging' do
... ... @@ -78,69 +95,86 @@ class RecaptchaVerificationTest < ActiveSupport::TestCase
78 95 assert json['user']['private_token'].present?
79 96 end
80 97  
81   - should 'not register a user if captcha fails' do
82   - fail_captcha(1)
  98 + should 'not register a user if captcha fails recaptcha v2' do
  99 + version = 2
  100 + setup_captcha(version)
  101 + validate_captcha(version, false)
83 102 Environment.default.enable('skip_new_user_email_confirmation')
84   - params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com", :txtToken_captcha_serpro_gov_br => @captcha_token, :captcha_text => @captcha_text}
  103 + params = {:login => "newuserapi", :password => "newuserapi",
  104 + :password_confirmation => "newuserapi", :email => "newuserapi@email.com",
  105 + :g_recaptcha_response => @params[:response]}
85 106 post "/api/v1/register?#{params.to_query}"
86   - ap last_response
87 107 assert_equal 403, last_response.status
88 108 json = JSON.parse(last_response.body)
89 109 assert_equal json["message"], _("Wrong captcha text, please try again")
90 110 end
91   - #
92   - # should 'verify_recaptcha' do
93   - # pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
94   - # rv = RecaptchaVerification.new
95   - # assert rv.verify_recaptcha(@environment.recaptcha_verify_uri, @captcha_token, @captcha_text, @environment.recaptcha_verify_uri)
96   - # end
97   - #
98   - # should 'fail captcha if user has not filled Serpro\' captcha text' do
99   - # pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
100   - # scv = RecaptchaVerification.new
101   - # hash = scv.verify_recaptcha(@environment.recaptcha_client_id, @captcha_token, nil, @environment.recaptcha_verify_uri)
102   - # assert hash[:user_message], _('Captcha text has not been filled')
103   - # end
104   - #
105   - # should 'fail captcha if Serpro\' captcha token has not been sent' do
106   - # pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
107   - # scv = RecaptchaVerification.new
108   - # hash = scv.verify_recaptcha(@environment.recaptcha_client_id, nil, @captcha_text, @environment.recaptcha_verify_uri)
109   - # assert hash[:javascript_console_message], _("Missing Serpro's Captcha token")
110   - # end
111   - #
112   - # should 'fail captcha text' do
113   - # fail_captcha_text @environment.recaptcha_verify_uri, @captcha_verification_body
114   - # scv = RecaptchaVerification.new
115   - # hash = scv.verify_recaptcha(@environment.recaptcha_client_id, nil, @captcha_text, @environment.recaptcha_verify_uri)
116   - # assert hash[:javascript_console_message], _("Wrong captcha text, please try again")
117   - # end
118   - #
119   - # should 'not perform a vote without authentication' do
120   - # article = create_article('Article 1')
121   - # params = {}
122   - # params[:value] = 1
123   - #
124   - # post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
125   - # json = JSON.parse(last_response.body)
126   - # assert_equal 401, last_response.status
127   - # end
128   - #
129   - # should 'perform a vote on an article identified by id' do
130   - # pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
131   - # params = {}
132   - # params[:txtToken_captcha_serpro_gov_br]= @captcha_token
133   - # params[:captcha_text]= @captcha_text
134   - # post "/api/v1/login-captcha?#{params.to_query}"
135   - # json = JSON.parse(last_response.body)
136   - # article = create_article('Article 1')
137   - # params = {}
138   - # params[:private_token] = json['private_token']
139   - # params[:value] = 1
140   - # post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
141   - # json = JSON.parse(last_response.body)
142   - # assert_not_equal 401, last_response.status
143   - # assert_equal true, json['vote']
144   - # end
  111 +
  112 +
  113 + should 'fail captcha if user has not filled recaptcha_verify_uri v1 text' do
  114 + version = 1
  115 + setup_captcha(version)
  116 + validate_captcha(version, false)
  117 + rv = RecaptchaVerification.new
  118 + @params[:recaptcha_response_field] = nil
  119 + hash = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
  120 + assert hash[:user_message], _('Captcha text has not been filled')
  121 + end
  122 +
  123 + should 'not perform a vote without authentication' do
  124 + article = create_article('Article 1')
  125 + params = {}
  126 + params[:value] = 1
  127 +
  128 + post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
  129 + json = JSON.parse(last_response.body)
  130 + assert_equal 401, last_response.status
  131 + end
  132 +
  133 + should 'perform a vote on an article identified by id' do
  134 + version = 2
  135 + setup_captcha(version)
  136 + validate_captcha(version)
  137 + post "/api/v1/login-captcha?#{params.to_query}"
  138 + json = JSON.parse(last_response.body)
  139 + article = create_article('Article 1')
  140 + params = {}
  141 + params[:private_token] = json['private_token']
  142 + params[:value] = 1
  143 + post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
  144 + json = JSON.parse(last_response.body)
  145 + assert_not_equal 401, last_response.status
  146 + assert_equal true, json['vote']
  147 + end
  148 +
  149 + should 'not perform a vote if recaptcha 2 fails' do
  150 + version = 2
  151 + setup_captcha(version)
  152 + validate_captcha(version, false)
  153 + post "/api/v1/login-captcha?#{@params.to_query}"
  154 + json = JSON.parse(last_response.body)
  155 + article = create_article('Article 1')
  156 + params = {}
  157 + params[:private_token] = json['private_token']
  158 + params[:value] = 1
  159 + post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
  160 + json = JSON.parse(last_response.body)
  161 + assert_equal 401, last_response.status
  162 + end
  163 +
  164 + should 'not perform a vote if recaptcha 1 fails' do
  165 + version = 1
  166 + setup_captcha(version)
  167 + validate_captcha(version, false)
  168 + post "/api/v1/login-captcha?#{@params.to_query}"
  169 + json = JSON.parse(last_response.body)
  170 + article = create_article('Article 1')
  171 + params = {}
  172 + params[:private_token] = json['private_token']
  173 + params[:value] = 1
  174 + post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
  175 + json = JSON.parse(last_response.body)
  176 + assert_equal 401, last_response.status
  177 + end
  178 +
145 179  
146 180 end
... ...