From 6948f9dc9888f9f63d0c5163c22572538afd5d1c Mon Sep 17 00:00:00 2001
From: Evandro Junior <evandrojr@gmail.com>
Date: Tue, 15 Dec 2015 18:12:25 -0300
Subject: [PATCH] fixing tests

---
 lib/recaptcha_verification.rb            |  21 +++++++++++----------
 test/test_helper.rb                      |  44 ++++++++++++++++++--------------------------
 test/unit/recaptcha_verification_test.rb | 190 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------------------------------------------------------
 3 files changed, 141 insertions(+), 114 deletions(-)

diff --git a/lib/recaptcha_verification.rb b/lib/recaptcha_verification.rb
index 32a49bb..524b522 100644
--- a/lib/recaptcha_verification.rb
+++ b/lib/recaptcha_verification.rb
@@ -22,11 +22,11 @@ class RecaptchaVerification
     https.use_ssl = true
     request = Net::HTTP::Post.new(uri.path)
     request.set_form_data(verify_hash)
-    begin
+    # begin
       result = https.request(request).body.split("\n")
-    rescue Exception => e
-      return hash_error(_('Internal captcha validation error'), 500, nil, "Error validating Googles' recaptcha version 1: #{e.message}")
-    end
+    # rescue Exception => e
+      # return hash_error(_('Internal captcha validation error'), 500, nil, "Error validating Googles' recaptcha version 1: #{e.message}")
+    # end
     return true if result[0] == "true"
     return hash_error(_("Wrong captcha text, please try again"), 403, nil, "Error validating Googles' recaptcha version 1: #{result[1]}") if result[1] == "incorrect-captcha-sol"
     #Catches all errors at the end
@@ -47,18 +47,19 @@ class RecaptchaVerification
     https.use_ssl = true
     request = Net::HTTP::Post.new(uri.path)
     request.set_form_data(verify_hash)
-    begin
+    # begin
       body = https.request(request).body
-    rescue Exception => e
-      return hash_error(_('Internal captcha validation error'), 500, nil, "recaptcha error: #{e.message}")
-    end
+    # rescue Exception => e
+      # return hash_error(_('Internal captcha validation error'), 500, nil, "recaptcha error: #{e.message}")
+    # end
     captcha_result = JSON.parse(body)
-    captcha_result["success"] ? true : captcha_result
+    return true if captcha_result["success"]
+    return hash_error(_("Wrong captcha text, please try again"), 403, body, captcha_result["error-codes"])
   end
 
   # return true or a hash with the error
   # :user_message, :status, :log_message, :javascript_console_message
-  def verify_recaptcha(client_id, token, captcha_text, verify_uri)
+  def verify_serpro_captcha(client_id, token, captcha_text, verify_uri)
     msg_icve = _('Internal captcha validation error')
     msg_esca = 'Environment recaptcha_plugin_attributes'
     return hash_error(msg_icve, 500, nil, "#{msg_esca} verify_uri not defined") if verify_uri.nil?
diff --git a/test/test_helper.rb b/test/test_helper.rb
index b077a11..00a9642 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -8,47 +8,39 @@ class ActiveSupport::TestCase
     Noosfero::API::API
   end
 
-  def pass_captcha(version)
+  def validate_captcha(version, pass = true)
 
-    if version.to_i == 1
-      mocked_url = 'https://www.google.com/recaptcha/api/verify'
-    end
-    if version.to_i == 2
-      mocked_url = 'https://www.google.com/recaptcha/api/siteverify'
-      body={ secret: "secret",
-            response: "response",
-            remoteip: "127.0.0.1"}
+    if pass
+      status = 200
+    else
+      status = 403
     end
 
-    pass_body = '{
-                    "success": true
-                  }'
-    stub_request(:post, mocked_url).
-      with(:body => body,
-           :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
-      to_return(:status => 200, :body => pass_body, :headers => {'Content-Length' => 1})
-  end
-
-  def fail_captcha(version)
     if version.to_i == 1
-      mocked_url = 'https://www.google.com/recaptcha/api/verify'
+      body = {
+          "challenge"   => "challenge",
+          "privatekey"  => "secret",
+          "remoteip"    => "127.0.0.1",
+          "response"    => "response"
+      }
     end
     if version.to_i == 2
-      mocked_url = 'https://www.google.com/recaptcha/api/siteverify'
       body={ secret: "secret",
             response: "response",
             remoteip: "127.0.0.1"}
     end
 
-    fail_body = '{
-                    "success": false
-                  }'
-    stub_request(:post, mocked_url).
+    return_body = "{
+                    \"success\": #{pass}
+                  }"
+
+    stub_request(:post, @verify_uri).
       with(:body => body,
            :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
-      to_return(:status => 200, :body => fail_body, :headers => {'Content-Length' => 1})
+        to_return(:status => status, :body => return_body, :headers => {'Content-Length' => 1})
   end
 
+
   def login_with_captcha
     json = do_login_captcha_from_api
     @private_token = json["private_token"]
diff --git a/test/unit/recaptcha_verification_test.rb b/test/unit/recaptcha_verification_test.rb
index a74caf6..6df831e 100644
--- a/test/unit/recaptcha_verification_test.rb
+++ b/test/unit/recaptcha_verification_test.rb
@@ -12,19 +12,26 @@ class RecaptchaVerificationTest < ActiveSupport::TestCase
 
   def setup_captcha(version)
     @environment.recaptcha_version=version.to_s
-    @remote_ip = "127.0.0.1"
+    @environment.recaptcha_private_key = "secret"
+    @remoteip = "127.0.0.1"
+    @params = {}
+    @params[:remoteip] = @remoteip
     if version.to_i == 1
-      @params[:recaptcha_challenge_field] = "challenge"
-      @params[:recaptcha_response_field] = "response"
+      #wont go to google thanks to webmock
+      @verify_uri = 'https://www.google.com/recaptcha/api/verify'
+      @params[:privatekey] = @environment.recaptcha_private_key
+      @params[:challenge] = "challenge"
+      @params[:response] = "response"
+
+      @params[:recaptcha_challenge_field] = @params[:challenge]
+      @params[:recaptcha_response_field] = @params[:response]
     end
     if version.to_i == 2
       #wont go to google thanks to webmock
-      @environment.recaptcha_private_key = "secret"
-      @recaptcha_site_key = "64264643"
-      @captcha_text = "44641441"
-      @params = {}
-
-      @params[:g_recaptcha_response] = "response"
+      @verify_uri = 'https://www.google.com/recaptcha/api/siteverify'
+      @params[:secret] = @environment.recaptcha_private_key
+      @params[:response]  = "response"
+      @params[:g_recaptcha_response] = @params[:response]
     end
     @environment.save!
   end
@@ -44,26 +51,36 @@ class RecaptchaVerificationTest < ActiveSupport::TestCase
   end
 
   should 'pass recaptcha version 1' do
-    pass_captcha(1)
-    rp = RecaptchaPlugin.new
-    r = rp.test_captcha(@remote_ip, @params, @environment)
+    version = 1
+    setup_captcha(version)
+    validate_captcha(version)
+    r = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
+    assert r
+  end
+
+  should 'fail recaptcha version 1' do
+    version = 1
+    setup_captcha(version)
+    validate_captcha(version, false)
+    r = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
     assert r
   end
 
   should 'pass recaptcha version 2' do
-    setup_captcha(2)
-    pass_captcha(2)
+    version = 2
+    setup_captcha(version)
+    validate_captcha(version)
     rp = RecaptchaPlugin.new
-    r = rp.test_captcha(@remote_ip, @params, @environment)
+    r = rp.test_captcha(@remoteip, @params, @environment)
     assert r
   end
 
   should 'fail recaptcha version 2' do
-    setup_captcha(2)
-    fail_captcha(2)
-    rp = RecaptchaPlugin.new
-    r = rp.test_captcha(@remote_ip, @params, @environment)
-    assert_equal({"success"=>false}, r)
+    version = 2
+    setup_captcha(version)
+    validate_captcha(version, false)
+    r = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
+    assert_equal r[:user_message], _("Wrong captcha text, please try again")
   end
 
   should 'register a user when there are no enabled captcha pluging' do
@@ -78,69 +95,86 @@ class RecaptchaVerificationTest < ActiveSupport::TestCase
       assert json['user']['private_token'].present?
   end
 
-  should 'not register a user if captcha fails' do
-      fail_captcha(1)
+  should 'not register a user if captcha fails recaptcha v2' do
+      version = 2
+      setup_captcha(version)
+      validate_captcha(version, false)
       Environment.default.enable('skip_new_user_email_confirmation')
-      params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com", :txtToken_captcha_serpro_gov_br => @captcha_token, :captcha_text => @captcha_text}
+      params = {:login => "newuserapi", :password => "newuserapi",
+                :password_confirmation => "newuserapi", :email => "newuserapi@email.com",
+                :g_recaptcha_response => @params[:response]}
       post "/api/v1/register?#{params.to_query}"
-      ap last_response
       assert_equal 403, last_response.status
       json = JSON.parse(last_response.body)
       assert_equal json["message"], _("Wrong captcha text, please try again")
   end
-  #
-  # should 'verify_recaptcha' do
-  #   pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
-  #   rv = RecaptchaVerification.new
-  #   assert rv.verify_recaptcha(@environment.recaptcha_verify_uri, @captcha_token, @captcha_text, @environment.recaptcha_verify_uri)
-  # end
-  #
-  # should 'fail captcha if user has not filled Serpro\' captcha text' do
-  #   pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
-  #   scv = RecaptchaVerification.new
-  #   hash = scv.verify_recaptcha(@environment.recaptcha_client_id, @captcha_token, nil, @environment.recaptcha_verify_uri)
-  #   assert hash[:user_message], _('Captcha text has not been filled')
-  # end
-  #
-  # should 'fail captcha if Serpro\' captcha token has not been sent' do
-  #   pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
-  #   scv = RecaptchaVerification.new
-  #   hash = scv.verify_recaptcha(@environment.recaptcha_client_id, nil, @captcha_text, @environment.recaptcha_verify_uri)
-  #   assert hash[:javascript_console_message], _("Missing Serpro's Captcha token")
-  # end
-  #
-  # should 'fail captcha text' do
-  #   fail_captcha_text @environment.recaptcha_verify_uri, @captcha_verification_body
-  #   scv = RecaptchaVerification.new
-  #   hash = scv.verify_recaptcha(@environment.recaptcha_client_id, nil, @captcha_text, @environment.recaptcha_verify_uri)
-  #   assert hash[:javascript_console_message], _("Wrong captcha text, please try again")
-  # end
-  #
-  # should 'not perform a vote without authentication' do
-  #   article = create_article('Article 1')
-  #   params = {}
-  #   params[:value] = 1
-  #
-  #   post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
-  #   json = JSON.parse(last_response.body)
-  #   assert_equal 401, last_response.status
-  # end
-  #
-  # should 'perform a vote on an article identified by id' do
-  #   pass_captcha @environment.recaptcha_verify_uri, @captcha_verification_body
-  #   params = {}
-  #   params[:txtToken_captcha_serpro_gov_br]= @captcha_token
-  #   params[:captcha_text]= @captcha_text
-  #   post "/api/v1/login-captcha?#{params.to_query}"
-  #   json = JSON.parse(last_response.body)
-  #   article = create_article('Article 1')
-  #   params = {}
-  #   params[:private_token] = json['private_token']
-  #   params[:value] = 1
-  #   post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
-  #   json = JSON.parse(last_response.body)
-  #   assert_not_equal 401, last_response.status
-  #   assert_equal true, json['vote']
-  # end
+
+
+  should 'fail captcha if user has not filled recaptcha_verify_uri v1 text' do
+    version = 1
+    setup_captcha(version)
+    validate_captcha(version, false)
+    rv = RecaptchaVerification.new
+    @params[:recaptcha_response_field] = nil
+    hash = RecaptchaPlugin.new.test_captcha(@remoteip, @params, @environment)
+    assert hash[:user_message], _('Captcha text has not been filled')
+  end
+
+  should 'not perform a vote without authentication' do
+    article = create_article('Article 1')
+    params = {}
+    params[:value] = 1
+
+    post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal 401, last_response.status
+  end
+
+  should 'perform a vote on an article identified by id' do
+    version = 2
+    setup_captcha(version)
+    validate_captcha(version)
+    post "/api/v1/login-captcha?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    article = create_article('Article 1')
+    params = {}
+    params[:private_token] = json['private_token']
+    params[:value] = 1
+    post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_not_equal 401, last_response.status
+    assert_equal true, json['vote']
+  end
+
+  should 'not perform a vote if recaptcha 2 fails' do
+    version = 2
+    setup_captcha(version)
+    validate_captcha(version, false)
+    post "/api/v1/login-captcha?#{@params.to_query}"
+    json = JSON.parse(last_response.body)
+    article = create_article('Article 1')
+    params = {}
+    params[:private_token] = json['private_token']
+    params[:value] = 1
+    post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal 401, last_response.status
+  end
+
+  should 'not perform a vote if recaptcha 1 fails' do
+    version = 1
+    setup_captcha(version)
+    validate_captcha(version, false)
+    post "/api/v1/login-captcha?#{@params.to_query}"
+    json = JSON.parse(last_response.body)
+    article = create_article('Article 1')
+    params = {}
+    params[:private_token] = json['private_token']
+    params[:value] = 1
+    post "/api/v1/articles/#{article.id}/vote?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal 401, last_response.status
+  end
+
 
 end
--
libgit2 0.21.2