#219

Committed 01 Nov 2024 05:48PM UTC coverage: 67.887% (-29.6%) from 97.504%

Build # #219

Build Type

push

Run Details

408 of 601 relevant lines covered (67.89%)

0.68 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

43.48

/app/lib/basic_auth/token.rb

module BasicAuth
  class Token
    attr_accessor :basic_token, :scope

    def initialize(basic_token:, scope: nil)
      @basic_token = basic_token
      @scope = scope
    end

    def valid?
      if scope == 'admin'
        valid_as_admin?
      else
        valid_non_admin?
      end
    end

  private

    def valid_as_admin?
      secure_is_equal?(basic_token, admin_token)
    rescue RuntimeError => e
      puts "Rescued error: #{e.inspect}"
      false
    end

    def admin_token
      ENV.fetch('SALON_ADMIN_BASIC_AUTH_TOKEN'){ raise 'Must set SALON_ADMIN_BASIC_AUTH_TOKEN' } 
    end

    def valid_non_admin?
      secure_is_equal?(basic_token, non_admin_token) || valid_as_admin?
    rescue RuntimeError => e
      puts "Rescued error: #{e.inspect}"
      false
    end

    def non_admin_token
      ENV.fetch('SALON_BASIC_AUTH_TOKEN'){ raise 'Must set SALON_BASIC_AUTH_TOKEN' } 
    end

    def secure_is_equal?(token1, token2)
      Digest::SHA256.digest(token1) == Digest::SHA256.digest(token2)
    end

  end
end

1	module BasicAuth	1✔
2	class Token	1✔
3	attr_accessor :basic_token, :scope	1✔
4
5	def initialize(basic_token:, scope: nil)	1✔
6	@basic_token = basic_token	×
7	@scope = scope	×
8	end
9
10	def valid?	1✔
11	if scope == 'admin'	×
12	valid_as_admin?	×
13	else
14	valid_non_admin?	×
15	end
16	end
17
18	private	1✔
19
20	def valid_as_admin?	1✔
21	secure_is_equal?(basic_token, admin_token)	×
22	rescue RuntimeError => e
23	puts "Rescued error: #{e.inspect}"	×
24	false	×
25	end
26
27	def admin_token	1✔
28	ENV.fetch('SALON_ADMIN_BASIC_AUTH_TOKEN'){ raise 'Must set SALON_ADMIN_BASIC_AUTH_TOKEN' }	×
29	end
30
31	def valid_non_admin?	1✔
32	secure_is_equal?(basic_token, non_admin_token) \|\| valid_as_admin?	×
33	rescue RuntimeError => e
34	puts "Rescued error: #{e.inspect}"	×
35	false	×
36	end
37
38	def non_admin_token	1✔
39	ENV.fetch('SALON_BASIC_AUTH_TOKEN'){ raise 'Must set SALON_BASIC_AUTH_TOKEN' }	×
40	end
41
42	def secure_is_equal?(token1, token2)
43	Digest::SHA256.digest(token1) == Digest::SHA256.digest(token2)
44	end
45
46	end
47	end

NYULibraries / salon / #219

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous