Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added unit testo

  • Loading branch information...
commit 44017f15854f8c9e5b3e5ee9bc4616dc0daf9e10 1 parent f71c66f
Dominiek ter Heide authored
Showing with 178 additions and 34 deletions.
  1. +30 −34 lib/facebook.js
  2. +21 −0 spec/node.js
  3. +127 −0 spec/spec.plugins.facebook.js
View
64 lib/facebook.js
@@ -10,6 +10,32 @@ exports.FBSession = Class({
}
});
+exports.getFingerprintForCookie = function (apiKey, cookies) {
+ var fields = ['expires', 'session_key', 'ss', 'user'];
+ var fingerprint = '';
+ fields.sort();
+ for(var i in fields) {
+ fingerprint += fields[i]+'='+cookies[apiKey + '_' + fields[i]];
+ }
+ return fingerprint;
+}
+
+exports.getFingerprintForParams = function (params) {
+ var fields = [];
+ for(var i in params) {
+ if(i.match(/^fb_sig_/)) {
+ fields.push(i);
+ }
+ }
+ fields.sort();
+ var fingerprint = '';
+ fields.sort();
+ for(var i in fields) {
+ fingerprint += fields[i].replace(/^fb_sig_/, '')+'='+params[fields[i]];
+ }
+ return fingerprint;
+}
+
// --- Facebook
exports.Facebook = Plugin.extend({
@@ -25,32 +51,6 @@ exports.Facebook = Plugin.extend({
// --- Internal methods
- var getFingerprintForCookie = function (cookies) {
- var fields = ['expires', 'session_key', 'ss', 'user'];
- var fingerprint = '';
- fields.sort();
- for(var i in fields) {
- fingerprint += fields[i]+'='+cookies[apiKey + '_' + fields[i]];
- }
- return fingerprint;
- }
-
- var getFingerprintForParams = function (params) {
- var fields = [];
- for(var i in params) {
- if(i.match(/^fb_sig_/)) {
- fields.push(i);
- }
- }
- fields.sort();
- var fingerprint = '';
- fields.sort();
- for(var i in fields) {
- fingerprint += fields[i].replace(/^fb_sig_/, '')+'='+params[fields[i]];
- }
- return fingerprint;
- }
-
Request.include({
/**
@@ -64,8 +64,6 @@ exports.Facebook = Plugin.extend({
fbSession: function(options) {
var session = this.session.fbSession;
if(session)
- sys.puts("Cool, found existing session!")
- if(session)
return session;
if(this.fbAuthenticate()) {
var fbUserId = this.param('fb_sig_user') ? this.param('fb_sig_user') : this.cookie(apiKey + '_user')
@@ -90,18 +88,16 @@ exports.Facebook = Plugin.extend({
// Get a fingerprint and signature
var fingerprint = null;
var signature = null;
- if(cookies[apiKey]) {
- fingerprint = getFingerprintForCookie(cookies)
+ if(cookies && cookies[apiKey]) {
+ fingerprint = exports.getFingerprintForCookie(apiKey, cookies)
signature = cookies[apiKey]
}
- if(params['fb_sig']) {
- fingerprint = getFingerprintForParams(params)
+ if(params && params['fb_sig']) {
+ fingerprint = exports.getFingerprintForParams(params)
signature = params['fb_sig']
}
if(!fingerprint)
return null;
-
- sys.puts("fingerprint: "+fingerprint)
// Verify signature using apiSecret
var expected_signature = hashlib.md5(fingerprint+apiSecret);
View
21 spec/node.js
@@ -0,0 +1,21 @@
+
+require.paths.unshift('spec', '/opt/local/lib/ruby/gems/1.8/gems/jspec-3.3.2/lib', 'lib')
+require.paths.unshift('spec', 'lib', 'spec/lib')
+require.paths.unshift(__dirname + '/../lib')
+require.paths.unshift(__dirname + '/../lib/support')
+require.paths.unshift(__dirname + '/../lib/support/express/lib')
+require.paths.unshift(__dirname + '/../lib/support/hashlib/build/default')
+
+require('jspec')
+require("express")
+require("express/spec")
+
+print = puts
+quit = process.exit
+
+Express.environment = 'test'
+
+JSpec
+ .exec('./spec.plugins.facebook.js')
+ .run({ reporter: JSpec.reporters.Terminal, fixturePath: 'spec/fixtures' })
+ .report()
View
127 spec/spec.plugins.facebook.js
@@ -0,0 +1,127 @@
+
+describe 'Express'
+ before_each
+ reset()
+ facebook = require('facebook')
+ use(facebook.Facebook, {
+ apiKey: 'e1249f7d4bc25b8f90e5c9c7523e3ee1',
+ apiSecret: '4ae45734dd66fa85c7b189fc2d7d5b4c'
+ })
+
+ validCookies = {
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1": "5b820bb72e780318acb26ff375db4cc9",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_user": "687215451",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_ss": "lWYbyFp0GP8e7BgPa1aLDg__",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_session_key": "3.LIysipyTte6aXFBcStEixg__.3600.1267714800-687215451",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_expires": "1267714800"
+ }
+
+ tamperedCookies = {
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1": "5b820bb72e780318acb26ff375db4cc9",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_user": "687215453",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_ss": "lWYbyFp0GP8e7BgPa1aLDg__",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_session_key": "3.LIysipyTte6aXFBcStEixg__.3600.1267714800-687215451",
+ "e1249f7d4bc25b8f90e5c9c7523e3ee1_expires": "1267714800"
+ }
+
+ validParams = {
+ "fb_sig_in_iframe": 1,
+ "fb_sig_iframe_key": "7d0665438e81d8eceb98c1e31fca80c1",
+ "fb_sig_locale": "en_US",
+ "fb_sig_in_new_facebook": 1,
+ "fb_sig_time": 1267707311.2722,
+ "fb_sig_added": 1,
+ "fb_sig_profile_update_time": 1257283845,
+ "fb_sig_expires": 1267711200,
+ "fb_sig_user": 687215451,
+ "fb_sig_session_key": "2._iAVUxKTc6ASHM_UQJZddA__.3600.1267711200-687215451",
+ "fb_sig_ss": "I667xeojG4lgcEfzc5TcZw__",
+ "fb_sig_cookie_sig": "e379d598512da632c49946041a3a6847",
+ "fb_sig_ext_perms": "auto_publish_recent_activity",
+ "fb_sig_api_key": "e1249f7d4bc25b8f90e5c9c7523e3ee1",
+ "fb_sig_app_id": 341436568738,
+ "fb_sig": "24188c7a57d420ad27beba0f22d00289"
+ }
+
+ tamperedParams = {
+ "fb_sig_in_iframe": 1,
+ "fb_sig_iframe_key": "7d0665438e81d8eceb98c1e31fca80c1",
+ "fb_sig_locale": "en_US",
+ "fb_sig_in_new_facebook": 1,
+ "fb_sig_time": 1267707311.2722,
+ "fb_sig_added": 1,
+ "fb_sig_profile_update_time": 1257283845,
+ "fb_sig_expires": 1267711200,
+ "fb_sig_user": 687215448,
+ "fb_sig_session_key": "2._iAVUxKTc6ASHM_UQJZddA__.3600.1267711200-687215451",
+ "fb_sig_ss": "I667xeojG4lgcEfzc5TcZw__",
+ "fb_sig_cookie_sig": "e379d598512da632c49946041a3a6847",
+ "fb_sig_ext_perms": "auto_publish_recent_activity",
+ "fb_sig_api_key": "e1249f7d4bc25b8f90e5c9c7523e3ee1",
+ "fb_sig_app_id": 341436568738,
+ "fb_sig": "24188c7a57d420ad27beba0f22d00289"
+ }
+ end
+
+ describe 'Facebook'
+
+ describe 'getFingerprintForParams'
+
+ it 'should return a well formatted fingerprint'
+ var fingerprint = facebook.getFingerprintForParams(validParams)
+ fingerprint.should.eql("added=1api_key=e1249f7d4bc25b8f90e5c9c7523e3ee1app_id=341436568738cookie_sig=e379d598512da632c49946041a3a6847expires=1267711200ext_perms=auto_publish_recent_activityiframe_key=7d0665438e81d8eceb98c1e31fca80c1in_iframe=1in_new_facebook=1locale=en_USprofile_update_time=1257283845session_key=2._iAVUxKTc6ASHM_UQJZddA__.3600.1267711200-687215451ss=I667xeojG4lgcEfzc5TcZw__time=1267707311.2722user=687215451")
+ end
+
+ end
+
+ describe 'getFingerprintForCookie'
+
+ it 'should return a well formatted fingerprint'
+ var fingerprint = facebook.getFingerprintForCookie('e1249f7d4bc25b8f90e5c9c7523e3ee1', validCookies)
+ fingerprint.should.eql("expires=1267714800session_key=3.LIysipyTte6aXFBcStEixg__.3600.1267714800-687215451ss=lWYbyFp0GP8e7BgPa1aLDg__user=687215451")
+ end
+
+ end
+
+ describe 'Request'
+
+ describe 'fbAuthenticate'
+
+ it 'should return true on a request with a valid cookie'
+ get('/fbSession', function () {
+ this.cookies = validCookies
+ return this.fbAuthenticate() + ''
+ })
+ get('/fbSession', {}).body.should.eql 'true'
+ end
+
+ it 'should return false on a request with a tampered cookie'
+ get('/fbSession', function () {
+ this.cookies = tamperedCookies
+ return this.fbAuthenticate() + ''
+ })
+ get('/fbSession', {}).body.should.eql 'false'
+ end
+
+ it 'should return true on a request with valid params'
+ get('/fbSession', function () {
+ this.params.get = validParams
+ return this.fbAuthenticate() + ''
+ })
+ get('/fbSession', {}).body.should.eql 'true'
+ end
+
+ it 'should return false on a request with tampered params'
+ get('/fbSession', function () {
+ this.params.get = tamperedParams
+ return this.fbAuthenticate() + ''
+ })
+ get('/fbSession', {}).body.should.eql 'false'
+ end
+
+ end
+
+ end
+
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.