From 8e913da106467930da21b82b40d65cdf688b18f8 Mon Sep 17 00:00:00 2001 From: Bruno Michel <bmichel@menfin.info> Date: Fri, 23 Aug 2019 17:12:17 +0200 Subject: [PATCH] Fix the sharing tests Add to the sharings tests a ruby implementation to derive the password on the client side. --- tests/integration/Gemfile | 1 + tests/integration/Gemfile.lock | 4 +++- tests/integration/boot.rb | 1 + tests/integration/lib/accept.rb | 2 +- tests/integration/lib/instance.rb | 12 ++++++++++++ 5 files changed, 18 insertions(+), 2 deletions(-) diff --git a/tests/integration/Gemfile b/tests/integration/Gemfile index 5cfd9d5c9..3bbffdf95 100644 --- a/tests/integration/Gemfile +++ b/tests/integration/Gemfile @@ -5,6 +5,7 @@ gem "faker" gem "faye-websocket" gem "mimemagic" gem "minitest" +gem "pbkdf2-ruby" gem "pry" gem "pry-rescue" gem "pry-stack_explorer" diff --git a/tests/integration/Gemfile.lock b/tests/integration/Gemfile.lock index ed300ae12..9c0d200e1 100644 --- a/tests/integration/Gemfile.lock +++ b/tests/integration/Gemfile.lock @@ -27,6 +27,7 @@ GEM mimemagic (0.3.2) minitest (5.11.3) netrc (0.11.0) + pbkdf2-ruby (0.2.1) pry (0.11.3) coderay (~> 1.1.0) method_source (~> 0.9.0) @@ -56,10 +57,11 @@ DEPENDENCIES faye-websocket mimemagic minitest + pbkdf2-ruby pry pry-rescue pry-stack_explorer rest-client BUNDLED WITH - 1.15.1 + 1.16.4 diff --git a/tests/integration/boot.rb b/tests/integration/boot.rb index 6924c745a..e7c48b955 100644 --- a/tests/integration/boot.rb +++ b/tests/integration/boot.rb @@ -5,6 +5,7 @@ require 'faker' require 'fileutils' require 'mimemagic' require 'json' +require 'pbkdf2' require 'pry' require 'rest-client' diff --git a/tests/integration/lib/accept.rb b/tests/integration/lib/accept.rb index f682a4b4c..14bad8a3f 100644 --- a/tests/integration/lib/accept.rb +++ b/tests/integration/lib/accept.rb @@ -31,7 +31,7 @@ class Accept client = RestClient::Resource.new @inst.url res = client["/auth/login"].get csrf_token = res.cookies["_csrf"] - body = { csrf_token: csrf_token, passphrase: @inst.passphrase } + body = { csrf_token: csrf_token, passphrase: @inst.derived_passphrase } params = { cookies: res.cookies, accept: :json } res2 = client["/auth/login"].post body, params res2.cookies["cozysessid"] diff --git a/tests/integration/lib/instance.rb b/tests/integration/lib/instance.rb index 82efc36d3..ab7580434 100644 --- a/tests/integration/lib/instance.rb +++ b/tests/integration/lib/instance.rb @@ -72,7 +72,19 @@ class Instance Accept.new(sharing, sharer).on self end + def fsck @stack.fsck self end + + # See https://github.com/jcs/rubywarden/blob/master/API.md#example + def derived_passphrase + PBKDF2.new do |p| + p.password = passphrase + p.salt = "me@" + domain.split(':').first + p.iterations = 10_000 # See pkg/crypto/pbkdf2.go + p.hash_function = OpenSSL::Digest::SHA256 + p.key_length = (256 / 8) + end.bin_string + end end -- GitLab