File: adaptor_spec.rb

package info (click to toggle)
ruby-omniauth-ldap 1.0.5-1
links: PTS, VCS
area: main
in suites: stretch
size: 200 kB
ctags: 27
sloc: ruby: 461; makefile: 3
file content (82 lines) | stat: -rw-r--r-- 5,245 bytes
require 'spec_helper'
describe "OmniAuth::LDAP::Adaptor" do

  describe 'initialize' do
    it 'should throw exception when must have field is not set' do
      #[:host, :port, :method, :bind_dn]
      expect { OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain'})}.to raise_error(ArgumentError)
    end

    it 'should throw exception when method is not supported' do
      expect { OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'myplain', uid: 'uid', port: 389, base: 'dc=com'})}.to raise_error(OmniAuth::LDAP::Adaptor::ConfigurationError)
    end

    it 'should setup ldap connection with anonymous' do
      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName'})
      expect(adaptor.connection).not_to eq(nil)
      expect(adaptor.connection.host).to eq('192.168.1.145')
      expect(adaptor.connection.port).to eq(389)
      expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
      expect(adaptor.connection.instance_variable_get('@auth')).to eq({:method => :anonymous, :username => nil, :password => nil})
    end

    it 'should setup ldap connection with simple' do
      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password'})
      expect(adaptor.connection).not_to eq(nil)
      expect(adaptor.connection.host).to eq('192.168.1.145')
      expect(adaptor.connection.port).to eq(389)
      expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
      expect(adaptor.connection.instance_variable_get('@auth')).to eq({:method => :simple, :username => 'bind_dn', :password => 'password'})
    end

    it 'should setup ldap connection with sasl-md5' do
      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["DIGEST-MD5"], bind_dn: 'bind_dn', password: 'password'})
      expect(adaptor.connection).not_to eq(nil)
      expect(adaptor.connection.host).to eq('192.168.1.145')
      expect(adaptor.connection.port).to eq(389)
      expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
      expect(adaptor.connection.instance_variable_get('@auth')[:method]).to eq(:sasl)
      expect(adaptor.connection.instance_variable_get('@auth')[:mechanism]).to eq('DIGEST-MD5')
      expect(adaptor.connection.instance_variable_get('@auth')[:initial_credential]).to eq('')
      expect(adaptor.connection.instance_variable_get('@auth')[:challenge_response]).not_to be_nil
    end

    it 'should setup ldap connection with sasl-gss' do
      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["GSS-SPNEGO"], bind_dn: 'bind_dn', password: 'password'})
      expect(adaptor.connection).not_to eq(nil)
      expect(adaptor.connection.host).to eq('192.168.1.145')
      expect(adaptor.connection.port).to eq(389)
      expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
      expect(adaptor.connection.instance_variable_get('@auth')[:method]).to eq(:sasl)
      expect(adaptor.connection.instance_variable_get('@auth')[:mechanism]).to eq('GSS-SPNEGO')
      expect(adaptor.connection.instance_variable_get('@auth')[:initial_credential]).to match(/^NTLMSSP/)
      expect(adaptor.connection.instance_variable_get('@auth')[:challenge_response]).not_to be_nil
    end

    it 'should set the encryption method correctly' do
      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'tls', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName'})
      adaptor.connection.instance_variable_get('@encryption').should include method: :start_tls
    end
  end

  describe 'bind_as' do
    let(:args) { {:filter => Net::LDAP::Filter.eq('sAMAccountName', 'username'), :password => 'password', :size => 1} }
    let(:rs) { Struct.new(:dn).new('new dn') }

    it 'should bind simple' do
      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.126", method: 'plain', base: 'dc=score, dc=local', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password'})
      expect(adaptor.connection).to receive(:open).and_yield(adaptor.connection)
      expect(adaptor.connection).to receive(:search).with(args).and_return([rs])
      expect(adaptor.connection).to receive(:bind).with({:username => 'new dn', :password => args[:password], :method => :simple}).and_return(true)
      expect(adaptor.bind_as(args)).to eq(rs)
    end

    it 'should bind sasl' do
      adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["GSS-SPNEGO"], bind_dn: 'bind_dn', password: 'password'})
      expect(adaptor.connection).to receive(:open).and_yield(adaptor.connection)
      expect(adaptor.connection).to receive(:search).with(args).and_return([rs])
      expect(adaptor.connection).to receive(:bind).and_return(true)
      expect(adaptor.bind_as(args)).to eq(rs)
    end
  end
end