Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
secure port handling and tests
  • Loading branch information
Nathan Hamblen committed Mar 28, 2012
1 parent f4b28ee commit a74507c
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 47 deletions.
50 changes: 38 additions & 12 deletions filter/src/test/scala/SslServerSpec.scala
Expand Up @@ -3,11 +3,13 @@ package unfiltered.server
import unfiltered.spec
import org.specs._

object SslServerSpec extends Specification with spec.jetty.Served with spec.SecureClient {
object SslServerSpec extends Specification with unfiltered.spec.Hosted with spec.SecureClient {
shareVariables()

import unfiltered.response._
import unfiltered.request._
import unfiltered.request.{Path => UFPath}
import unfiltered.jetty.Https
import unfiltered.jetty.{Https,Http=>UFHttp}
import unfiltered.util.Port
import org.apache.http.client.ClientProtocolException

Expand All @@ -18,24 +20,48 @@ object SslServerSpec extends Specification with spec.jetty.Served with spec.Secu
val keyStorePath = getClass.getResource("/keystore").getPath
val keyStorePasswd = "unfiltered"
val securePort = Port.any
val httpPort = Port.any

override val host = :/("localhost", securePort)
override val host = :/("localhost", httpPort)

override lazy val server = setup(new Https(securePort, "0.0.0.0") {
lazy val server = new Https(securePort, "0.0.0.0") {
filter(filt)
override lazy val keyStore = keyStorePath
override lazy val keyStorePassword = keyStorePasswd
})
}

def setup = { _.filter(unfiltered.filter.Planify {
case GET(UFPath("/")) => ResponseString("secret") ~> Ok
})}
lazy val httpServer = new UFHttp(httpPort, "0.0.0.0").filter(filt)

doBeforeSpec { server.start(); httpServer.start() }
doAfterSpec {
server.stop()
server.destroy()
httpServer.stop()
httpServer.destroy()
}

val filt = unfiltered.filter.Planify(secured.onPass(whatever))
def secured =
unfiltered.kit.Secure.redir[Any,Any]( {
case req @ UFPath(Seg("unprotected" :: Nil)) =>
Pass
case req @ UFPath(Seg("protected" :: Nil)) =>
ResponseString(req.isSecure.toString) ~> Ok
}, securePort)
def whatever = unfiltered.Cycle.Intent[Any,Any] {
case req =>
ResponseString(req.isSecure.toString) ~> Ok
}

"A Secure Server" should {
"respond to secure requests" in {
https(host.secure as_str) must_== "secret"
"redirect and serve to secure requests" in {
https(host / "protected" as_str) must_== "true"
}
"explicit pass to insecure" in {
https(host / "unprotected" as_str) must_== "false"
}
"refuse connection to unsecure requests" in {
https(host as_str) must throwA[ClientProtocolException]
"nonmatching pass to insecure" in {
https(host as_str) must_== "false"
}
}
}
11 changes: 9 additions & 2 deletions library/src/main/scala/kit/secure.scala
Expand Up @@ -4,13 +4,20 @@ import unfiltered.request._
import unfiltered.response._

object Secure {
def redir[A,B](intent: unfiltered.Cycle.Intent[A,B]) = {
def redir[A,B](intent: unfiltered.Cycle.Intent[A,B],
port: Int = -1) = {
intent.fold(
{ _ => Pass },
{
case (HTTPS(req), rf) => rf
case (req @ Host(host), rf) =>
Redirect("https://%s%s".format(host, req.uri))
val h = host.split(':')(0)
Redirect(
if (port > -1)
"https://%s:%d%s".format(h, port, req.uri)
else
"https://%s%s".format(h, req.uri)
)
}
)
}
Expand Down
33 changes: 0 additions & 33 deletions library/src/test/scala/SecureSpec.scala

This file was deleted.

0 comments on commit a74507c

Please sign in to comment.