]>
Commit | Line | Data |
---|---|---|
f6781456 JT |
1 | {-# LANGUAGE OverloadedStrings #-} |
2 | {-| | |
3 | Copyright : (c) 2015 Julien Tanguy | |
4 | License : BSD3 | |
5 | ||
6 | Maintainer : julien.tanguy@jhome.fr | |
7 | ||
8 | ||
9 | This test suite is based on the pymacaroons test suite: | |
10 | <https://github.com/ecordell/pymacaroons> | |
11 | -} | |
12 | module Crypto.Macaroon.Tests where | |
13 | ||
14 | import Data.Byteable | |
15 | import qualified Data.ByteString.Char8 as B8 | |
16 | import Data.Hex | |
17 | import Test.Tasty | |
18 | import Test.Tasty.HUnit | |
19 | ||
20 | import Crypto.Macaroon | |
a20c77f8 | 21 | import Crypto.Macaroon.Serializer.Base64 |
f6781456 JT |
22 | |
23 | tests :: TestTree | |
a20c77f8 JT |
24 | tests = testGroup "Crypto.Macaroon" [ basic |
25 | , minted | |
26 | , minted2 | |
27 | , minted3 | |
f6781456 JT |
28 | ] |
29 | ||
30 | ||
31 | m :: Macaroon | |
32 | m = create secret key loc | |
33 | where | |
34 | secret = B8.pack "this is our super secret key; only we should know it" | |
35 | key = B8.pack "we used our secret key" | |
36 | loc = B8.pack "http://mybank/" | |
37 | ||
a20c77f8 JT |
38 | basic :: TestTree |
39 | basic = testGroup "Basic macaroon" [ basicSignature | |
40 | , basicSerialize | |
41 | , basicDeserialize | |
42 | ] | |
43 | ||
44 | basicSignature = testCase "Signature" $ | |
2aede11a JT |
45 | "E3D9E02908526C4C0039AE15114115D97FDD68BF2BA379B342AAF0F617D0552F" @=? (hex . signature) m |
46 | ||
47 | basicSerialize = testCase "Serialization" $ | |
48 | "MDAxY2xvY2F0aW9uIGh0dHA6Ly9teWJhbmsvCjAwMjZpZGVudG\ | |
49 | \lmaWVyIHdlIHVzZWQgb3VyIHNlY3JldCBrZXkKMDAyZnNpZ25h\ | |
50 | \dHVyZSDj2eApCFJsTAA5rhURQRXZf91ovyujebNCqvD2F9BVLwo" @=? serialize m | |
51 | ||
a20c77f8 JT |
52 | basicDeserialize = testCase "Deserialization" $ |
53 | Right m @=? (deserialize . serialize) m | |
54 | ||
f6781456 JT |
55 | m2 :: Macaroon |
56 | m2 = addFirstPartyCaveat "test = caveat" m | |
57 | ||
a20c77f8 JT |
58 | minted :: TestTree |
59 | minted = testGroup "Macaroon with first party caveat" [ mintInspect | |
60 | , mintSerialize | |
61 | , mintDeserialize | |
62 | ] | |
63 | ||
64 | mintInspect = testCase "Inspect" $ | |
2aede11a JT |
65 | "location http://mybank/\nidentifier we used\ |
66 | \ our secret key\ncid test = caveat\nsignature\ | |
67 | \ 197BAC7A044AF33332865B9266E26D49\ | |
68 | \3BDD668A660E44D88CE1A998C23DBD67" @=? inspect m2 | |
69 | ||
70 | ||
a20c77f8 | 71 | mintSerialize = testCase "Serialization" $ |
2aede11a JT |
72 | "MDAxY2xvY2F0aW9uIGh0dHA6Ly9teWJhbmsvCjAwMjZpZGVudGlmaWVyIHdlIHVzZ\ |
73 | \WQgb3VyIHNlY3JldCBrZXkKMDAxNmNpZCB0ZXN0ID0gY2F2ZWF0CjAwMmZzaWduYXR1cmUgGXusegR\ | |
74 | \K8zMyhluSZuJtSTvdZopmDkTYjOGpmMI9vWcK" @=? serialize m2 | |
75 | ||
a20c77f8 JT |
76 | mintDeserialize = testCase "Deserialization" $ |
77 | Right m2 @=? (deserialize . serialize) m2 | |
78 | ||
2aede11a | 79 | |
f6781456 JT |
80 | m3 :: Macaroon |
81 | m3 = addFirstPartyCaveat "test = acaveat" m | |
82 | ||
a20c77f8 JT |
83 | minted2 :: TestTree |
84 | minted2 = testGroup "Macaroon with first party caveats" [ mint2Trimmed | |
85 | , mint2Des | |
86 | ] | |
87 | ||
88 | mint2Trimmed = testCase "Serialization" $ | |
2aede11a JT |
89 | "MDAxY2xvY2F0aW9uIGh0dHA6Ly9teWJhbmsvCjAwMjZpZGVudGlmaWVyIHdlIHVz\ |
90 | \ZWQgb3VyIHNlY3JldCBrZXkKMDAxN2NpZCB0ZXN0ID0gYWNhdmVhdAowMDJmc2ln\ | |
91 | \bmF0dXJlIJRJ_V3WNJQnqlVq5eez7spnltwU_AXs8NIRY739sHooCg" @=? serialize m3 | |
92 | ||
a20c77f8 JT |
93 | mint2Des = testCase "Deserialization" $ |
94 | Right m3 @=? (deserialize . serialize) m3 | |
2aede11a | 95 | |
f6781456 JT |
96 | m4 :: Macaroon |
97 | m4 = addThirdPartyCaveat caveat_key caveat_id caveat_loc n | |
98 | where | |
99 | n = addFirstPartyCaveat "account = 3735928559" $ create sec key loc | |
100 | key = B8.pack "we used our other secret key" | |
101 | loc = B8.pack "http://mybank/" | |
102 | sec = B8.pack "this is a different super-secret key; never use the same secret twice" | |
103 | caveat_key = B8.pack "4; guaranteed random by a fair toss of the dice" | |
104 | caveat_id = B8.pack "this was how we remind auth of key/pred" | |
105 | caveat_loc = B8.pack "http://auth.mybank/" | |
106 | ||
a20c77f8 JT |
107 | minted3 :: TestTree |
108 | minted3 = testGroup "Macaroon with first and third party caveats" [ mint3sig ] | |
109 | ||
f6781456 | 110 | |
a20c77f8 | 111 | mint3sig = testCase "Signature" $ |
f6781456 | 112 | "6B99EDB2EC6D7A4382071D7D41A0BF7DFA27D87D2F9FEA86E330D7850FFDA2B2" @=? (hex . signature) m4 |