+ ['v1token', 'v2token'].each do |token_method|
+ test "correct signatures are given for #{token_method}" do
+ token = api_client_authorizations(:active).send(token_method)
+ authorize_with_token token
+ get :show, {id: collections(:foo_file).uuid}
+ assert_response :success
+ assert_signed_manifest json_response['manifest_text'], 'foo_file', token: token
+ end
+
+ test "signatures with #{token_method} are accepted" do
+ token = api_client_authorizations(:active).send(token_method)
+ signed = Blob.sign_locator(
+ 'acbd18db4cc2f85cedef654fccc4a4d8+3',
+ key: Rails.configuration.blob_signing_key,
+ api_token: token)
+ authorize_with_token token
+ put :update, {
+ id: collections(:collection_owned_by_active).uuid,
+ collection: {
+ manifest_text: ". #{signed} 0:3:foo.txt\n",
+ },
+ }
+ assert_response :success
+ assert_signed_manifest json_response['manifest_text'], 'updated', token: token
+ end
+ end
+