rushlinneu/running SSL in capybara

## running SSL in capybara
brycesenz commented on Jul 18, 2013
In my Rails app, I use the force_ssl configuration in my environment files, and force_ssl in most of my controllers (in my test environment as well). Getting this to work with Capybara has been a pain - the server would just time out.

I finally got things working, but it required two things: (1) configuring the Capybara server to use a local SSL certificate that I'd made, and (2) overriding the responsive? method for the server to send HTTPS requests.

Here's the code I ended up using. I put all of it into my spec_helper.rb file just for simplicity.

module Capybara
  class Server
    def responsive?
      return false if @server_thread && @server_thread.join(0)

      http = Net::HTTP.new(host, @port)
      http.use_ssl = true
      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
      res = http.get('/__identify__')

      if res.is_a?(Net::HTTPSuccess) or res.is_a?(Net::HTTPRedirection)
        return res.body == @app.object_id.to_s
      end
    rescue SystemCallError
      return false
    end
  end
end

def run_ssl_server(app, port)
  require 'webrick/https'
  require 'rack/handler/webrick'

  new_opts = {
    :Port => port,
    :environment => (ENV['RAILS_ENV'] || "test").dup,
    :daemonize => false,
    :debugger => false,
    :config => File.expand_path("config.ru"),
    :AccessLog => [],
    :Logger => WEBrick::Log::new(nil, 0),
    :SSLEnable => true,
    :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
    :SSLPrivateKey => OpenSSL::PKey::RSA.new(File.open("myserver.key").read),
    :SSLCertificate => OpenSSL::X509::Certificate.new(File.open("myserver.crt").read),
    :SSLCertName => [["US", WEBrick::Utils::getservername]],
  }

  Rack::Handler::WEBrick.run(app, new_opts)
end

Capybara.server_port = 3001
Capybara.app_host = "https://localhost:%d" % Capybara.server_port
Capybara.server do |app, port|
  run_ssl_server(app, port)
end
Does this configuration make sense, or did I overlook some better way of achieving the same thing? And if it makes sense, is there any interest in merging in the ability to specify the responsive? function to respond to SSL?
	brycesenz commented on Jul 18, 2013
	In my Rails app, I use the force_ssl configuration in my environment files, and force_ssl in most of my controllers (in my test environment as well). Getting this to work with Capybara has been a pain - the server would just time out.

	I finally got things working, but it required two things: (1) configuring the Capybara server to use a local SSL certificate that I'd made, and (2) overriding the responsive? method for the server to send HTTPS requests.

	Here's the code I ended up using. I put all of it into my spec_helper.rb file just for simplicity.

	module Capybara
	class Server
	def responsive?
	return false if @server_thread && @server_thread.join(0)

	http = Net::HTTP.new(host, @port)
	http.use_ssl = true
	http.verify_mode = OpenSSL::SSL::VERIFY_NONE
	res = http.get('/__identify__')

	if res.is_a?(Net::HTTPSuccess) or res.is_a?(Net::HTTPRedirection)
	return res.body == @app.object_id.to_s
	end
	rescue SystemCallError
	return false
	end
	end
	end

	def run_ssl_server(app, port)
	require 'webrick/https'
	require 'rack/handler/webrick'

	new_opts = {
	:Port => port,
	:environment => (ENV['RAILS_ENV'] \|\| "test").dup,
	:daemonize => false,
	:debugger => false,
	:config => File.expand_path("config.ru"),
	:AccessLog => [],
	:Logger => WEBrick::Log::new(nil, 0),
	:SSLEnable => true,
	:SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
	:SSLPrivateKey => OpenSSL::PKey::RSA.new(File.open("myserver.key").read),
	:SSLCertificate => OpenSSL::X509::Certificate.new(File.open("myserver.crt").read),
	:SSLCertName => [["US", WEBrick::Utils::getservername]],
	}

	Rack::Handler::WEBrick.run(app, new_opts)
	end

	Capybara.server_port = 3001
	Capybara.app_host = "https://localhost:%d" % Capybara.server_port
	Capybara.server do \|app, port\|
	run_ssl_server(app, port)
	end
	Does this configuration make sense, or did I overlook some better way of achieving the same thing? And if it makes sense, is there any interest in merging in the ability to specify the responsive? function to respond to SSL?