Home » Download » Modules » CRAM (Challenge-Response Authentication Mechanism) » Issues

Create tests for CRAM

Freso - March 8, 2008 - 23:10
Project:CRAM (Challenge-Response Authentication Mechanism)
Version:6.x-1.x-dev
Component:Code
Category:task
Priority:normal
Assigned:Unassigned
Status:active
Description

It would be nice for CRAM to use some tests. Some of these, namely the logging in, would require JavaScript parsing. Other things wouldn't. For now, this issue is just for adding possible use cases that would fit in some sort of unit testing environment.

I have a few in my mind:

  • "Plaintext" login (does the CRAM code corrupt core code?)
  • CRAM login without JavaScript (use cram_hmac_md5 on itself - if this doesn't work, something is very wrong!)
  • CRAM login with JavaScript
  • Checking that nonces are generated (that function is all PHP and SQL, so should be doable)
  • Check that cram_cron() works as intended (cleaning out expired nonces)

Some of these might not be good tests in themselves, but just storm the brain and cry out your ideas for what could be tested. :)

» Login or register to post comments

#1

selmanj - March 10, 2008 - 15:53
  • Check that the nonces go stale by trying to log in with an expired nonce.
  • Check that the md5 library works by using some well-known inputs and hashes for both md5 and hmac (probably only on the javascript side)
  • Make sure that switching between cram enabled and disabled works
Login or register to post comments
 
 

Drupal is a registered trademark of Dries Buytaert.