Download as
Browse Code »

Commit 61c44cf5458778d0c343b1d8a0687d43c37fb725

Authored by Evandro Junior
1 parent d7d8a871
Exists in staging and in 3 other branches captcha_serpro_plugin, production, production-vendorized

Main tests passing

Showing 6 changed files with 45 additions and 150 deletions   Show diff stats
plugins/serpro_captcha/lib/serpro_captcha_plugin.rb
  Diff comments   View file @61c44cf
@@ -13,8 +13,8 @@ class SerproCaptchaPlugin < Noosfero::Plugin @@ -13,8 +13,8 @@ class SerproCaptchaPlugin < Noosfero::Plugin
13 end 13 end
14 14
15 def test_captcha(remote_ip, params, environment) 15 def test_captcha(remote_ip, params, environment)
16 - spv = SerproCaptchaVerification.new  
17 - return spv.verify_serpro_captcha(environment.serpro_captcha_client_id, params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], environment.serpro_captcha_verify_uri) 16 + scv = SerproCaptchaVerification.new
  17 + return scv.verify_serpro_captcha(environment.serpro_captcha_client_id, params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], environment.serpro_captcha_verify_uri)
18 end 18 end
19 19
20 end 20 end
plugins/serpro_captcha/lib/serpro_captcha_verification.rb
  Diff comments   View file @61c44cf
@@ -14,18 +14,14 @@ class SerproCaptchaVerification @@ -14,18 +14,14 @@ class SerproCaptchaVerification
14 request = Net::HTTP::Post.new(uri.path) 14 request = Net::HTTP::Post.new(uri.path)
15 verify_string = "#{client_id}&#{token}&#{captcha_text}" 15 verify_string = "#{client_id}&#{token}&#{captcha_text}"
16 request.body = verify_string 16 request.body = verify_string
17 - begin  
18 - body = http.request(request).body  
19 - rescue Exception => e  
20 - return hash_error(_('Internal captcha validation error'), 500, nil, "Serpro captcha error: #{e.message}")  
21 - end 17 + body = http.request(request).body
22 return true if body == '1' 18 return true if body == '1'
23 return hash_error(_("Internal captcha validation error"), 500, body, "Unable to reach Serpro's Captcha validation service") if body == "Activity timed out" 19 return hash_error(_("Internal captcha validation error"), 500, body, "Unable to reach Serpro's Captcha validation service") if body == "Activity timed out"
24 - return hash_error(_("Wrong captcha text, please try again"), 403) if body == 0  
25 - return hash_error(_("Serpro's captcha token not found"), 500) if body == 2 20 + return hash_error(_("Wrong captcha text, please try again"), 403) if body == '0'
  21 + return hash_error(_("Serpro's captcha token not found"), 500) if body == '2'
26 return hash_error(_("No data sent to validation server or other serious problem"), 500) if body == -1 22 return hash_error(_("No data sent to validation server or other serious problem"), 500) if body == -1
27 #Catches all errors at the end 23 #Catches all errors at the end
28 - return hash_error(_("Internal captcha validation error"), 500, nil, "Error validating Serpro's captcha #{body}") 24 + return hash_error(_("Internal captcha validation error"), 500, nil, "Error validating Serpro's captcha service returned: #{body}")
29 end 25 end
30 26
31 def hash_error(user_message, status, log_message=nil, javascript_console_message=nil) 27 def hash_error(user_message, status, log_message=nil, javascript_console_message=nil)
plugins/serpro_captcha/test/test_helper.rb
  Diff comments   View file @61c44cf
@@ -8,22 +8,18 @@ class ActiveSupport::TestCase @@ -8,22 +8,18 @@ class ActiveSupport::TestCase
8 Noosfero::API::API 8 Noosfero::API::API
9 end 9 end
10 10
11 - def pass_captcha  
12 - stub_request(:post, "http://www.somecompany.com:443/validate").  
13 - with(:body => "323232&642646&44641441", 11 + def pass_captcha(mocked_url, captcha_verification_body)
  12 + stub_request(:post, mocked_url).
  13 + with(:body => captcha_verification_body,
14 :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}). 14 :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
15 to_return(:status => 200, :body => "1", :headers => {'Content-Length' => 1}) 15 to_return(:status => 200, :body => "1", :headers => {'Content-Length' => 1})
16 - spv = SerproCaptchaVerification.new  
17 - assert spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', '44641441', @environment.serpro_captcha_verify_uri)  
18 end 16 end
19 17
20 - def fail_captcha  
21 - stub_request(:post, "http://www.somecompany.com:443/validate").  
22 - with(:body => "323232&642646&44641441", 18 + def fail_captcha_text(mocked_url, captcha_verification_body)
  19 + stub_request(:post, mocked_url).
  20 + with(:body => captcha_verification_body,
23 :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}). 21 :headers => {'Accept'=>'*/*', 'User-Agent'=>'Ruby'}).
24 - to_return(:status => 200, :body => "2", :headers => {'Content-Length' => 1})  
25 - spv = SerproCaptchaVerification.new  
26 - assert spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', '44641441', @environment.serpro_captcha_verify_uri) 22 + to_return(:status => 200, :body => "0", :headers => {'Content-Length' => 1})
27 end 23 end
28 24
29 def login_with_captcha 25 def login_with_captcha
plugins/serpro_captcha/test/unit/serpro_captcha_verification_test.rb
  Diff comments   View file @61c44cf
@@ -8,53 +8,61 @@ class SerproCaptchaVerificationTest < ActiveSupport::TestCase @@ -8,53 +8,61 @@ class SerproCaptchaVerificationTest < ActiveSupport::TestCase
8 def setup 8 def setup
9 @environment = Environment.default 9 @environment = Environment.default
10 @environment.enabled_plugins = ['SerproCaptchaPlugin'] 10 @environment.enabled_plugins = ['SerproCaptchaPlugin']
11 - @environment.serpro_captcha_verify_uri='https://www.somecompany.com/validate' 11 + @environment.serpro_captcha_verify_uri="http://www.somecompany.com:443/validate"
12 @environment.serpro_captcha_client_id='323232' 12 @environment.serpro_captcha_client_id='323232'
13 @environment.save! 13 @environment.save!
  14 + @captcha_token = "642646"
  15 + @captcha_text = "44641441"
  16 + @captcha_verification_body = "#{@environment.serpro_captcha_client_id}&#{@captcha_token}&#{@captcha_text}"
14 end 17 end
15 18
16 should 'register a user when there are no enabled captcha pluging' do 19 should 'register a user when there are no enabled captcha pluging' do
17 @environment.enabled_plugins = [] 20 @environment.enabled_plugins = []
  21 + @environment.save!
18 Environment.default.enable('skip_new_user_email_confirmation') 22 Environment.default.enable('skip_new_user_email_confirmation')
19 params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com" } 23 params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com" }
20 post "/api/v1/register?#{params.to_query}" 24 post "/api/v1/register?#{params.to_query}"
21 assert_equal 201, last_response.status 25 assert_equal 201, last_response.status
22 json = JSON.parse(last_response.body) 26 json = JSON.parse(last_response.body)
23 assert User['newuserapi'].activated? 27 assert User['newuserapi'].activated?
24 - assert json['activated']  
25 - assert json['private_token'].present? 28 + assert json['user']['private_token'].present?
26 end 29 end
27 30
28 - # should 'not register a user if captcha fails' do  
29 - # fail_captcha  
30 - # Environment.default.enable('skip_new_user_email_confirmation')  
31 - # params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com" }  
32 - # post "/api/v1/register?#{params.to_query}"  
33 - # assert_equal 201, last_response.status  
34 - # json = JSON.parse(last_response.body)  
35 - # refute User['newuserapi'].activated?  
36 - # refute !json['activated']  
37 - # refute !json['private_token'].present?  
38 - # end 31 + should 'not register a user if captcha fails' do
  32 + fail_captcha_text @environment.serpro_captcha_verify_uri, @captcha_verification_body
  33 + Environment.default.enable('skip_new_user_email_confirmation')
  34 + params = {:login => "newuserapi", :password => "newuserapi", :password_confirmation => "newuserapi", :email => "newuserapi@email.com", :txtToken_captcha_serpro_gov_br => @captcha_token, :captcha_text => @captcha_text}
  35 + post "/api/v1/register?#{params.to_query}"
  36 + assert_equal 403, last_response.status
  37 + json = JSON.parse(last_response.body)
  38 + assert_equal json["message"], _("Wrong captcha text, please try again")
  39 + end
39 40
40 should 'verify_serpro_captcha' do 41 should 'verify_serpro_captcha' do
41 - pass_captcha  
42 - spv = SerproCaptchaVerification.new  
43 - assert spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', '44641441', @environment.serpro_captcha_verify_uri) 42 + pass_captcha @environment.serpro_captcha_verify_uri, @captcha_verification_body
  43 + scv = SerproCaptchaVerification.new
  44 + assert scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, @captcha_token, '44641441', @environment.serpro_captcha_verify_uri)
44 end 45 end
45 46
46 should 'fail captcha if user has not filled Serpro\' captcha text' do 47 should 'fail captcha if user has not filled Serpro\' captcha text' do
47 - pass_captcha  
48 - spv = SerproCaptchaVerification.new  
49 - hash = spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, '642646', nil, @environment.serpro_captcha_verify_uri) 48 + pass_captcha @environment.serpro_captcha_verify_uri, @captcha_verification_body
  49 + scv = SerproCaptchaVerification.new
  50 + hash = scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, @captcha_token, nil, @environment.serpro_captcha_verify_uri)
50 assert hash[:user_message], _('Captcha text has not been filled') 51 assert hash[:user_message], _('Captcha text has not been filled')
51 end 52 end
52 53
53 should 'fail captcha if Serpro\' captcha token has not been sent' do 54 should 'fail captcha if Serpro\' captcha token has not been sent' do
54 - pass_captcha  
55 - spv = SerproCaptchaVerification.new  
56 - hash = spv.verify_serpro_captcha(@environment.serpro_captcha_client_id, nil, '76876846', @environment.serpro_captcha_verify_uri) 55 + pass_captcha @environment.serpro_captcha_verify_uri, @captcha_verification_body
  56 + scv = SerproCaptchaVerification.new
  57 + hash = scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, nil, @captcha_text, @environment.serpro_captcha_verify_uri)
57 assert hash[:javascript_console_message], _("Missing Serpro's Captcha token") 58 assert hash[:javascript_console_message], _("Missing Serpro's Captcha token")
58 end 59 end
59 60
  61 + should 'fail captcha text' do
  62 + fail_captcha_text @environment.serpro_captcha_verify_uri, @captcha_verification_body
  63 + scv = SerproCaptchaVerification.new
  64 + hash = scv.verify_serpro_captcha(@environment.serpro_captcha_client_id, nil, @captcha_text, @environment.serpro_captcha_verify_uri)
  65 + assert hash[:javascript_console_message], _("Wrong captcha text, please try again")
  66 + end
  67 +
60 end 68 end
plugins/serpro_captcha/views/ldap_plugin_admin/index.html.erb
View file @d7d8a87
@@ -1,27 +0,0 @@ @@ -1,27 +0,0 @@
1 -<h1><%= _("Serpro's Captcha Management") %> </h1>  
2 -  
3 -<%= labelled_form_for(:environment, :url => {:action => 'update'}) do |f| %>  
4 -  
5 -<table>  
6 - <tr>  
7 - <th><%= c_('Configuration') %></th>  
8 - <th><%= _('Value') %></th>  
9 - </tr>  
10 - <tr>  
11 - <td><%= _('Host') %></td>  
12 - <td><%= text_field :environment, :serpro_captcha_verify_uri %></td>  
13 - </tr>  
14 - <tr>  
15 - <td><%= _('Port') %></td>  
16 - <td><%= text_field :environment, :serpro_captcha_client_id %></td>  
17 - </tr>  
18 -</table>  
19 -  
20 -<div>  
21 - <% button_bar do %>  
22 - <%= submit_button('save', c_('Save changes')) %>  
23 - <%= button :back, _('Back to plugins administration panel'), :controller => 'plugins' %>  
24 - <% end %>  
25 -</div>  
26 -  
27 -<% end %>  
test/unit/api/helpers_test.rb
  Diff comments   View file @61c44cf
@@ -216,89 +216,11 @@ class APIHelpersTest &lt; ActiveSupport::TestCase @@ -216,89 +216,11 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
216 216
217 ###### Captcha tests ###### 217 ###### Captcha tests ######
218 218
219 -should 'do not test captcha when there are no settings' do 219 +should 'do not test captcha when there is no captcha plugin enabled' do
220 environment = Environment.new 220 environment = Environment.new
221 assert test_captcha("127.0.0.1", {}, environment) 221 assert test_captcha("127.0.0.1", {}, environment)
222 end 222 end
223 223
224 -should 'do not test captcha when captcha is disabled on settings' do  
225 - environment = Environment.new  
226 - environment.api_captcha_settings = {  
227 - enabled: false,  
228 - }  
229 - assert test_captcha("127.0.0.1", {}, environment)  
230 -end  
231 -  
232 -should 'fail display recaptcha v1' do  
233 - environment = Environment.new  
234 - environment.api_captcha_settings = {  
235 - enabled: true,  
236 - provider: 'google',  
237 - version: 1,  
238 - private_key: '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',  
239 - public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',  
240 - verify_uri: 'https://www.google.com/recaptcha/api/verify',  
241 - }  
242 - r = test_captcha('127.0.0.1', params, environment)  
243 - assert_equal(_("Missing captcha data"), r[0][:javascript_console_message])  
244 -end  
245 -  
246 -should 'fail display recaptcha v2' do  
247 - environment = Environment.new  
248 - environment.api_captcha_settings = {  
249 - enabled: true,  
250 - provider: 'google',  
251 - version: 2,  
252 - private_key: '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY',  
253 - public_key: '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-',  
254 - verify_uri: 'https://www.google.com/recaptcha/api/siteverify',  
255 - }  
256 - r = test_captcha('127.0.0.1', params, environment)  
257 - assert_equal(_("Missing captcha data"), r[0][:javascript_console_message])  
258 -end  
259 -  
260 -should 'verify if user filled Serpro\' captcha text' do  
261 - environment = Environment.new  
262 - environment.api_captcha_settings = {  
263 - enabled: true,  
264 - provider: 'serpro',  
265 - serpro_client_id: '0000000000000000',  
266 - verify_uri: 'http://localhost/api/verify',  
267 - }  
268 - params = {}  
269 - params[:txtToken_captcha_serpro_gov_br] = '4324343'  
270 - assert_equal(_('Captcha text has not been filled'), test_captcha('127.0.0.1', params, environment)[0]['message'])  
271 -end  
272 -  
273 -should 'verify if Serpro\' captcha token has been sent' do  
274 - environment = Environment.new  
275 - environment.api_captcha_settings = {  
276 - enabled: true,  
277 - provider: 'serpro',  
278 - serpro_client_id: '0000000000000000',  
279 - verify_uri: 'http://localhost/api/verify',  
280 - }  
281 - params = {}  
282 - params[:captcha_text] = '4324343'  
283 - r = test_captcha('127.0.0.1', params, environment)  
284 - assert_equal(_("Missing Serpro's Captcha token"), r[0][:javascript_console_message])  
285 -end  
286 -  
287 -should 'captcha serpro say name or service not known' do  
288 - environment = Environment.new  
289 - environment.api_captcha_settings = {  
290 - enabled: true,  
291 - provider: 'serpro',  
292 - serpro_client_id: '0000000000000000',  
293 - verify_uri: 'http://someserverthatdoesnotexist.mycompanythatdoesnotexist.com/validate',  
294 - }  
295 - params = {}  
296 - params[:txtToken_captcha_serpro_gov_br] = '4324343'  
297 - params[:captcha_text] = '4324343'  
298 - r = test_captcha('127.0.0.1', params, environment)  
299 - assert (r[0][:javascript_console_message]).starts_with?("Serpro captcha error: getaddrinfo")  
300 -end  
301 -  
302 ###### END Captcha tests ###### 224 ###### END Captcha tests ######
303 225
304 protected 226 protected