Download as
Browse Code »

Commit 61c44cf5458778d0c343b1d8a0687d43c37fb725

Authored by Evandro Junior
1 parent d7d8a871
Exists in staging and in 3 other branches captcha_serpro_plugin, production, production-vendorized

Main tests passing

Showing 6 changed files with 45 additions and 150 deletions   Show diff stats
plugins/serpro_captcha/lib/serpro_captcha_plugin.rb
  Diff comments   View file @61c44cf
... ... @@ -13,8 +13,8 @@ class SerproCaptchaPlugin < Noosfero::Plugin
13 13 end
14 14  
15 15 def test_captcha(remote_ip, params, environment)
16   - spv = SerproCaptchaVerification.new
17   - return spv.verify_serpro_captcha(environment.serpro_captcha_client_id, params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], environment.serpro_captcha_verify_uri)
  16 + scv = SerproCaptchaVerification.new
  17 + return scv.verify_serpro_captcha(environment.serpro_captcha_client_id, params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], environment.serpro_captcha_verify_uri)
18 18 end
19 19  
20 20 end
... ...
plugins/serpro_captcha/lib/serpro_captcha_verification.rb
  Diff comments   View file @61c44cf
... ... @@ -14,18 +14,14 @@ class SerproCaptchaVerification
14 14 request = Net::HTTP::Post.new(uri.path)
15 15 verify_string = "#{client_id}&#{token}&#{captcha_text}"
16 16 request.body = verify_string
17   - begin
18   - body = http.request(request).body
19   - rescue Exception => e
20   - return hash_error(_('Internal captcha validation error'), 500, nil, "Serpro captcha error: #{e.message}")
21   - end
  17 + body = http.request(request).body
22 18 return true if body == '1'
23 19 return hash_error(_("Internal captcha validation error"), 500, body, "Unable to reach Serpro's Captcha validation service") if body == "Activity timed out"
24   - return hash_error(_("Wrong captcha text, please try again"), 403) if body == 0
25   - return hash_error(_("Serpro's captcha token not found"), 500) if body == 2
  20 + return hash_error(_("Wrong captcha text, please try again"), 403) if body == '0'
  21 + return hash_error(_("Serpro's captcha token not found"), 500) if body == '2'
26 22 return hash_error(_("No data sent to validation server or other serious problem"), 500) if body == -1
27 23 #Catches all errors at the end
28   - return hash_error(_("Internal captcha validation error"), 500, nil, "Error validating Serpro's captcha #{body}")
  24 + return hash_error(_("Internal captcha validation error"), 500, nil, "Error validating Serpro's captcha service returned: #{body}")
29 25 end
30 26  
31 27 def hash_error(user_message, status, log_message=nil, javascript_console_message=nil)
... ...
plugins/serpro_captcha/test/test_helper.rb
  Diff comments   View file @61c44cf
... ... @@ -8,22 +8,18 @@ class ActiveSupport::TestCase
8 8 Noosfero::API::API
9 9 end
10 10  
11   - def pass_captcha
12   - stub_request(:post, "http://www.somecompany.com:443/validate").
13   - with(:body => "323232&642646&44641441",
  11 + def pass_captcha(mocked_url, captcha_verification_body)
  12 + stub_request(:post, mocked_url).
  13 + with(:body => captcha_verification_body,
14 14 :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
15 15 to_return(:status => 200, :body => "1", :headers => {'Content-Length' => 1})
16   - spv = SerproCaptchaVerification.new
17   - assert spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', '44641441', @environment.serpro_captcha_verify_uri)
18 16 end
19 17  
20   - def fail_captcha
21   - stub_request(:post, "http://www.somecompany.com:443/validate").
22   - with(:body => "323232&642646&44641441",
  18 + def fail_captcha_text(mocked_url, captcha_verification_body)
  19 + stub_request(:post, mocked_url).
  20 + with(:body => captcha_verification_body,
23 21 :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
24   - to_return(:status => 200, :body => "2", :headers => {'Content-Length' => 1})
25   - spv = SerproCaptchaVerification.new
26   - assert spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', '44641441', @environment.serpro_captcha_verify_uri)
  22 + to_return(:status => 200, :body => "0", :headers => {'Content-Length' => 1})
27 23 end
28 24  
29 25 def login_with_captcha
... ...
plugins/serpro_captcha/test/unit/serpro_captcha_verification_test.rb
  Diff comments   View file @61c44cf
... ... @@ -8,53 +8,61 @@ class SerproCaptchaVerificationTest < ActiveSupport::TestCase
8 8 def setup
9 9 @environment = Environment.default
10 10 @environment.enabled_plugins = ['SerproCaptchaPlugin']
11   - @environment.serpro_captcha_verify_uri='https://www.somecompany.com/validate'
  11 + @environment.serpro_captcha_verify_uri="http://www.somecompany.com:443/validate"
12 12 @environment.serpro_captcha_client_id='323232'
13 13 @environment.save!
  14 + @captcha_token = "642646"
  15 + @captcha_text = "44641441"
  16 + @captcha_verification_body = "#{@environment.serpro_captcha_client_id}&#{@captcha_token}&#{@captcha_text}"
14 17 end
15 18  
16 19 should 'register a user when there are no enabled captcha pluging' do
17 20 @environment.enabled_plugins = []
  21 + @environment.save!
18 22 Environment.default.enable('skip_new_user_email_confirmation')
19 23 params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com" }
20 24 post "/api/v1/register?#{params.to_query}"
21 25 assert_equal 201, last_response.status
22 26 json = JSON.parse(last_response.body)
23 27 assert User['newuserapi'].activated?
24   - assert json['activated']
25   - assert json['private_token'].present?
  28 + assert json['user']['private_token'].present?
26 29 end
27 30  
28   - # should 'not register a user if captcha fails' do
29   - # fail_captcha
30   - # Environment.default.enable('skip_new_user_email_confirmation')
31   - # params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com" }
32   - # post "/api/v1/register?#{params.to_query}"
33   - # assert_equal 201, last_response.status
34   - # json = JSON.parse(last_response.body)
35   - # refute User['newuserapi'].activated?
36   - # refute !json['activated']
37   - # refute !json['private_token'].present?
38   - # end
  31 + should 'not register a user if captcha fails' do
  32 + fail_captcha_text @environment.serpro_captcha_verify_uri, @captcha_verification_body
  33 + Environment.default.enable('skip_new_user_email_confirmation')
  34 + params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com", :txtToken_captcha_serpro_gov_br => @captcha_token, :captcha_text => @captcha_text}
  35 + post "/api/v1/register?#{params.to_query}"
  36 + assert_equal 403, last_response.status
  37 + json = JSON.parse(last_response.body)
  38 + assert_equal json["message"], _("Wrong captcha text, please try again")
  39 + end
39 40  
40 41 should 'verify_serpro_captcha' do
41   - pass_captcha
42   - spv = SerproCaptchaVerification.new
43   - assert spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', '44641441', @environment.serpro_captcha_verify_uri)
  42 + pass_captcha @environment.serpro_captcha_verify_uri, @captcha_verification_body
  43 + scv = SerproCaptchaVerification.new
  44 + assert scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, @captcha_token, '44641441', @environment.serpro_captcha_verify_uri)
44 45 end
45 46  
46 47 should 'fail captcha if user has not filled Serpro\' captcha text' do
47   - pass_captcha
48   - spv = SerproCaptchaVerification.new
49   - hash = spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', nil, @environment.serpro_captcha_verify_uri)
  48 + pass_captcha @environment.serpro_captcha_verify_uri, @captcha_verification_body
  49 + scv = SerproCaptchaVerification.new
  50 + hash = scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, @captcha_token, nil, @environment.serpro_captcha_verify_uri)
50 51 assert hash[:user_message], _('Captcha text has not been filled')
51 52 end
52 53  
53 54 should 'fail captcha if Serpro\' captcha token has not been sent' do
54   - pass_captcha
55   - spv = SerproCaptchaVerification.new
56   - hash = spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, nil, '76876846', @environment.serpro_captcha_verify_uri)
  55 + pass_captcha @environment.serpro_captcha_verify_uri, @captcha_verification_body
  56 + scv = SerproCaptchaVerification.new
  57 + hash = scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, nil, @captcha_text, @environment.serpro_captcha_verify_uri)
57 58 assert hash[:javascript_console_message], _("Missing Serpro's Captcha token")
58 59 end
59 60  
  61 + should 'fail captcha text' do
  62 + fail_captcha_text @environment.serpro_captcha_verify_uri, @captcha_verification_body
  63 + scv = SerproCaptchaVerification.new
  64 + hash = scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, nil, @captcha_text, @environment.serpro_captcha_verify_uri)
  65 + assert hash[:javascript_console_message], _("Wrong captcha text, please try again")
  66 + end
  67 +
60 68 end
... ...
plugins/serpro_captcha/views/ldap_plugin_admin/index.html.erb
View file @d7d8a87
... ... @@ -1,27 +0,0 @@
1   -<h1><%= _("Serpro's Captcha Management") %> </h1>
2   -
3   -<%= labelled_form_for(:environment, :url => {:action => 'update'}) do |f| %>
4   -
5   -<table>
6   - <tr>
7   - <th><%= c_('Configuration') %></th>
8   - <th><%= _('Value') %></th>
9   - </tr>
10   - <tr>
11   - <td><%= _('Host') %></td>
12   - <td><%= text_field :environment, :serpro_captcha_verify_uri %></td>
13   - </tr>
14   - <tr>
15   - <td><%= _('Port') %></td>
16   - <td><%= text_field :environment, :serpro_captcha_client_id %></td>
17   - </tr>
18   -</table>
19   -
20   -<div>
21   - <% button_bar do %>
22   - <%= submit_button('save', c_('Save changes')) %>
23   - <%= button :back, _('Back to plugins administration panel'), :controller => 'plugins' %>
24   - <% end %>
25   -</div>
26   -
27   -<% end %>
test/unit/api/helpers_test.rb
  Diff comments   View file @61c44cf
... ... @@ -216,89 +216,11 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
216 216  
217 217 ###### Captcha tests ######
218 218  
219   -should 'do not test captcha when there are no settings' do
  219 +should 'do not test captcha when there is no captcha plugin enabled' do
220 220 environment = Environment.new
221 221 assert test_captcha("127.0.0.1", {}, environment)
222 222 end
223 223  
224   -should 'do not test captcha when captcha is disabled on settings' do
225   - environment = Environment.new
226   - environment.api_captcha_settings = {
227   - enabled: false,
228   - }
229   - assert test_captcha("127.0.0.1", {}, environment)
230   -end
231   -
232   -should 'fail display recaptcha v1' do
233   - environment = Environment.new
234   - environment.api_captcha_settings = {
235   - enabled: true,
236   - provider: 'google',
237   - version: 1,
238   - private_key: '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',
239   - public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
240   - verify_uri: 'https://www.google.com/recaptcha/api/verify',
241   - }
242   - r = test_captcha('127.0.0.1', params, environment)
243   - assert_equal(_("Missing captcha data"), r[0][:javascript_console_message])
244   -end
245   -
246   -should 'fail display recaptcha v2' do
247   - environment = Environment.new
248   - environment.api_captcha_settings = {
249   - enabled: true,
250   - provider: 'google',
251   - version: 2,
252   - private_key: '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',
253   - public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',
254   - verify_uri: 'https://www.google.com/recaptcha/api/siteverify',
255   - }
256   - r = test_captcha('127.0.0.1', params, environment)
257   - assert_equal(_("Missing captcha data"), r[0][:javascript_console_message])
258   -end
259   -
260   -should 'verify if user filled Serpro\' captcha text' do
261   - environment = Environment.new
262   - environment.api_captcha_settings = {
263   - enabled: true,
264   - provider: 'serpro',
265   - serpro_client_id: '0000000000000000',
266   - verify_uri: 'http://localhost/api/verify',
267   - }
268   - params = {}
269   - params[:txtToken_captcha_serpro_gov_br] = '4324343'
270   - assert_equal(_('Captcha text has not been filled'), test_captcha('127.0.0.1', params, environment)[0]['message'])
271   -end
272   -
273   -should 'verify if Serpro\' captcha token has been sent' do
274   - environment = Environment.new
275   - environment.api_captcha_settings = {
276   - enabled: true,
277   - provider: 'serpro',
278   - serpro_client_id: '0000000000000000',
279   - verify_uri: 'http://localhost/api/verify',
280   - }
281   - params = {}
282   - params[:captcha_text] = '4324343'
283   - r = test_captcha('127.0.0.1', params, environment)
284   - assert_equal(_("Missing Serpro's Captcha token"), r[0][:javascript_console_message])
285   -end
286   -
287   -should 'captcha serpro say name or service not known' do
288   - environment = Environment.new
289   - environment.api_captcha_settings = {
290   - enabled: true,
291   - provider: 'serpro',
292   - serpro_client_id: '0000000000000000',
293   - verify_uri: 'http://someserverthatdoesnotexist.mycompanythatdoesnotexist.com/validate',
294   - }
295   - params = {}
296   - params[:txtToken_captcha_serpro_gov_br] = '4324343'
297   - params[:captcha_text] = '4324343'
298   - r = test_captcha('127.0.0.1', params, environment)
299   - assert (r[0][:javascript_console_message]).starts_with?("Serpro captcha error: getaddrinfo")
300   -end
301   -
302 224 ###### END Captcha tests ######
303 225  
304 226 protected
... ...