apigee-oauth 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +2 -0
- data/HISTORY +125 -0
- data/LICENSE +20 -0
- data/README.rdoc +70 -0
- data/Rakefile +35 -0
- data/TODO +32 -0
- data/bin/oauth +5 -0
- data/examples/yql.rb +44 -0
- data/lib/apigee-oauth.rb +12 -0
- data/lib/digest/hmac.rb +104 -0
- data/lib/oauth/cli.rb +378 -0
- data/lib/oauth/client.rb +4 -0
- data/lib/oauth/client/action_controller_request.rb +54 -0
- data/lib/oauth/client/em_http.rb +94 -0
- data/lib/oauth/client/helper.rb +91 -0
- data/lib/oauth/client/net_http.rb +127 -0
- data/lib/oauth/consumer.rb +383 -0
- data/lib/oauth/core_ext.rb +31 -0
- data/lib/oauth/errors.rb +3 -0
- data/lib/oauth/errors/error.rb +4 -0
- data/lib/oauth/errors/problem.rb +14 -0
- data/lib/oauth/errors/unauthorized.rb +12 -0
- data/lib/oauth/helper.rb +88 -0
- data/lib/oauth/oauth.rb +13 -0
- data/lib/oauth/oauth_test_helper.rb +25 -0
- data/lib/oauth/request_proxy.rb +24 -0
- data/lib/oauth/request_proxy/action_controller_request.rb +61 -0
- data/lib/oauth/request_proxy/base.rb +166 -0
- data/lib/oauth/request_proxy/curb_request.rb +55 -0
- data/lib/oauth/request_proxy/em_http_request.rb +67 -0
- data/lib/oauth/request_proxy/jabber_request.rb +41 -0
- data/lib/oauth/request_proxy/mock_request.rb +44 -0
- data/lib/oauth/request_proxy/net_http.rb +72 -0
- data/lib/oauth/request_proxy/rack_request.rb +40 -0
- data/lib/oauth/request_proxy/typhoeus_request.rb +53 -0
- data/lib/oauth/server.rb +66 -0
- data/lib/oauth/signature.rb +45 -0
- data/lib/oauth/signature/base.rb +110 -0
- data/lib/oauth/signature/hmac/base.rb +15 -0
- data/lib/oauth/signature/hmac/md5.rb +8 -0
- data/lib/oauth/signature/hmac/rmd160.rb +8 -0
- data/lib/oauth/signature/hmac/sha1.rb +9 -0
- data/lib/oauth/signature/hmac/sha2.rb +8 -0
- data/lib/oauth/signature/md5.rb +13 -0
- data/lib/oauth/signature/plaintext.rb +23 -0
- data/lib/oauth/signature/rsa/sha1.rb +46 -0
- data/lib/oauth/signature/sha1.rb +13 -0
- data/lib/oauth/token.rb +7 -0
- data/lib/oauth/tokens/access_token.rb +68 -0
- data/lib/oauth/tokens/consumer_token.rb +33 -0
- data/lib/oauth/tokens/request_token.rb +32 -0
- data/lib/oauth/tokens/server_token.rb +9 -0
- data/lib/oauth/tokens/token.rb +17 -0
- data/tasks/deployment.rake +34 -0
- data/tasks/environment.rake +7 -0
- data/tasks/website.rake +17 -0
- data/test/cases/oauth_case.rb +19 -0
- data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
- data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
- data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
- data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
- data/test/integration/consumer_test.rb +304 -0
- data/test/keys/rsa.cert +11 -0
- data/test/keys/rsa.pem +16 -0
- data/test/test_access_token.rb +26 -0
- data/test/test_action_controller_request_proxy.rb +132 -0
- data/test/test_consumer.rb +159 -0
- data/test/test_curb_request_proxy.rb +76 -0
- data/test/test_em_http_client.rb +79 -0
- data/test/test_em_http_request_proxy.rb +114 -0
- data/test/test_helper.rb +20 -0
- data/test/test_hmac_sha1.rb +20 -0
- data/test/test_net_http_client.rb +282 -0
- data/test/test_net_http_request_proxy.rb +72 -0
- data/test/test_oauth_helper.rb +49 -0
- data/test/test_rack_request_proxy.rb +40 -0
- data/test/test_request_token.rb +51 -0
- data/test/test_rsa_sha1.rb +59 -0
- data/test/test_server.rb +40 -0
- data/test/test_signature.rb +22 -0
- data/test/test_signature_base.rb +32 -0
- data/test/test_signature_plain_text.rb +31 -0
- data/test/test_token.rb +14 -0
- data/test/test_typhoeus_request_proxy.rb +80 -0
- metadata +287 -0
@@ -0,0 +1,114 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
begin
|
4
|
+
require 'em-http'
|
5
|
+
require 'oauth/request_proxy/em_http_request'
|
6
|
+
rescue LoadError => e
|
7
|
+
warn "! problem loading em-http, skipping these tests: #{e}"
|
8
|
+
return
|
9
|
+
end
|
10
|
+
|
11
|
+
|
12
|
+
class EmHttpRequestProxyTest < Test::Unit::TestCase
|
13
|
+
|
14
|
+
def test_request_proxy_works_with_simple_request
|
15
|
+
proxy = create_request_proxy
|
16
|
+
assert_equal({}, proxy.parameters)
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_request_proxy_works_with_query_string_params
|
20
|
+
assert_equal({"name" => ["Fred"]}, create_request_proxy(:query => "name=Fred").parameters)
|
21
|
+
assert_equal({"name" => ["Fred"]}, create_request_proxy(:query => {:name => "Fred"}).parameters)
|
22
|
+
proxy = create_request_proxy(:query => {:name => "Fred"}, :uri => "http://example.com/?awesome=true")
|
23
|
+
assert_equal({"name" => ["Fred"], "awesome" => ["true"]}, proxy.parameters)
|
24
|
+
end
|
25
|
+
|
26
|
+
def test_request_proxy_works_with_post_body_params_with_correct_content_type
|
27
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "POST"
|
28
|
+
assert_equal({}, proxy.parameters)
|
29
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "POST", :body => "a=1"
|
30
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
31
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "POST", :body => {"a" => 1}
|
32
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
33
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "PUT"
|
34
|
+
assert_equal({}, proxy.parameters)
|
35
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "PUT", :body => "a=1"
|
36
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
37
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "PUT", :body => {"a" => 1}
|
38
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
39
|
+
end
|
40
|
+
|
41
|
+
def test_request_proxy_ignore_post_body_with_invalid_content_type
|
42
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "POST"
|
43
|
+
assert_equal({}, proxy.parameters)
|
44
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "POST", :body => "a=1"
|
45
|
+
assert_equal({}, proxy.parameters)
|
46
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "POST", :body => {"a" => 1}
|
47
|
+
assert_equal({}, proxy.parameters)
|
48
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "PUT"
|
49
|
+
assert_equal({}, proxy.parameters)
|
50
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "PUT", :body => "a=1"
|
51
|
+
assert_equal({}, proxy.parameters)
|
52
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "PUT", :body => {"a" => 1}
|
53
|
+
assert_equal({}, proxy.parameters)
|
54
|
+
end
|
55
|
+
|
56
|
+
def test_request_proxy_ignores_post_body_with_invalid_method
|
57
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "DELETE"
|
58
|
+
assert_equal({}, proxy.parameters)
|
59
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "DELETE", :body => "a=1"
|
60
|
+
assert_equal({}, proxy.parameters)
|
61
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "DELETE", :body => {"a" => 1}
|
62
|
+
assert_equal({}, proxy.parameters)
|
63
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "GET"
|
64
|
+
assert_equal({}, proxy.parameters)
|
65
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "GET", :body => "a=1"
|
66
|
+
assert_equal({}, proxy.parameters)
|
67
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "GET", :body => {"a" => 1}
|
68
|
+
assert_equal({}, proxy.parameters)
|
69
|
+
end
|
70
|
+
|
71
|
+
def test_request_proxy_works_with_argument_params
|
72
|
+
assert_equal({"a" => ["1"]}, create_request_proxy(:proxy_options => {:parameters => {"a" => "1"}}).parameters)
|
73
|
+
end
|
74
|
+
|
75
|
+
def test_request_proxy_works_with_mixed_params
|
76
|
+
proxy = create_request_proxy(:proxy_options => {:parameters => {"a" => "1"}},:query => {"c" => "1"}, :uri => "http://example.com/test?b=1")
|
77
|
+
assert_equal({"a" => ["1"], "b" => ["1"], "c" => ["1"]}, proxy.parameters)
|
78
|
+
proxy = create_request_proxy(:proxy_options => {:parameters => {"a" => "1"}}, :body => {"b" => "1"}, :query => {"c" => "1"},
|
79
|
+
:uri => "http://example.com/test?d=1", :method => "POST", :head => {"Content-Type" => "application/x-www-form-urlencoded"})
|
80
|
+
assert_equal({"a" => ["1"], "b" => ["1"], "c" => ["1"], "d" => ["1"]}, proxy.parameters)
|
81
|
+
end
|
82
|
+
|
83
|
+
def test_request_has_the_correct_uri
|
84
|
+
assert_equal "http://example.com/", create_request_proxy.uri
|
85
|
+
assert_equal "http://example.com/?a=1", create_request_proxy(:query => "a=1").uri
|
86
|
+
assert_equal "http://example.com/?a=1", create_request_proxy(:query => {"a" => "1"}).uri
|
87
|
+
|
88
|
+
end
|
89
|
+
|
90
|
+
def test_request_proxy_has_correct_method
|
91
|
+
assert_equal "GET", create_request_proxy(:method => "GET").method
|
92
|
+
assert_equal "PUT", create_request_proxy(:method => "PUT").method
|
93
|
+
assert_equal "POST", create_request_proxy(:method => "POST").method
|
94
|
+
assert_equal "DELETE", create_request_proxy(:method => "DELETE").method
|
95
|
+
end
|
96
|
+
|
97
|
+
protected
|
98
|
+
|
99
|
+
def create_client(options = {})
|
100
|
+
method = options.delete(:method) || "GET"
|
101
|
+
uri = options.delete(:uri) || "http://example.com/"
|
102
|
+
client = EventMachine::HttpClient.new("")
|
103
|
+
client.uri = URI.parse(uri)
|
104
|
+
client.method = method.to_s.upcase
|
105
|
+
client.options = options
|
106
|
+
client
|
107
|
+
end
|
108
|
+
|
109
|
+
def create_request_proxy(opts = {})
|
110
|
+
arguments = opts.delete(:proxy_options) || {}
|
111
|
+
OAuth::RequestProxy.proxy(create_client(opts), arguments)
|
112
|
+
end
|
113
|
+
|
114
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'test/unit'
|
2
|
+
require 'rubygems'
|
3
|
+
|
4
|
+
$LOAD_PATH << File.dirname(__FILE__) + '/../lib/'
|
5
|
+
require 'oauth'
|
6
|
+
require 'mocha'
|
7
|
+
require 'stringio'
|
8
|
+
|
9
|
+
class Test::Unit::TestCase
|
10
|
+
|
11
|
+
def assert_matching_headers(expected, actual)
|
12
|
+
# transform into sorted arrays
|
13
|
+
auth_intro, auth_params = actual.split(' ', 2)
|
14
|
+
assert_equal auth_intro, 'OAuth'
|
15
|
+
expected = expected.split(/(,|\s)/).reject {|v| v == '' || v =~ /^[\,\s]+/}.sort
|
16
|
+
auth_params = auth_params.split(/(,|\s)/).reject {|v| v == '' || v =~ /^[\,\s]+/}.sort
|
17
|
+
assert_equal expected, auth_params
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
2
|
+
|
3
|
+
class TestSignatureHmacSha1 < Test::Unit::TestCase
|
4
|
+
def test_that_hmac_sha1_implements_hmac_sha1
|
5
|
+
assert OAuth::Signature.available_methods.include?('hmac-sha1')
|
6
|
+
end
|
7
|
+
|
8
|
+
def test_that_get_request_from_oauth_test_cases_produces_matching_signature
|
9
|
+
request = Net::HTTP::Get.new('/photos?file=vacation.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_token=nnch734d00sl2jdk&oauth_timestamp=1191242096&oauth_nonce=kllo9940pd9333jh&oauth_signature_method=HMAC-SHA1')
|
10
|
+
|
11
|
+
consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', 'kd94hf93k423kf44')
|
12
|
+
token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
|
13
|
+
|
14
|
+
signature = OAuth::Signature.sign(request, { :consumer => consumer,
|
15
|
+
:token => token,
|
16
|
+
:uri => 'http://photos.example.net/photos' } )
|
17
|
+
|
18
|
+
assert_equal 'tR3+Ty81lMeYAr/Fid0kMTYa/WM=', signature
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,282 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
2
|
+
|
3
|
+
class NetHTTPClientTest < Test::Unit::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
@consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
|
7
|
+
@token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
|
8
|
+
@request_uri = URI.parse('http://example.com/test?key=value')
|
9
|
+
@request_parameters = { 'key' => 'value' }
|
10
|
+
@nonce = 225579211881198842005988698334675835446
|
11
|
+
@timestamp = "1199645624"
|
12
|
+
@http = Net::HTTP.new(@request_uri.host, @request_uri.port)
|
13
|
+
end
|
14
|
+
|
15
|
+
def test_that_using_auth_headers_on_get_requests_works
|
16
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
17
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
18
|
+
|
19
|
+
assert_equal 'GET', request.method
|
20
|
+
assert_equal '/test?key=value', request.path
|
21
|
+
correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\""
|
22
|
+
auth_intro, auth_params = request['authorization'].split(' ', 2)
|
23
|
+
assert_equal auth_intro, 'OAuth'
|
24
|
+
assert_matching_headers correct_sorted_params, request['authorization']
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_that_using_auth_headers_on_get_requests_works_with_plaintext
|
28
|
+
require 'oauth/signature/plaintext'
|
29
|
+
c = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237',{
|
30
|
+
:signature_method => 'PLAINTEXT'
|
31
|
+
})
|
32
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
33
|
+
request.oauth!(@http, c, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
34
|
+
|
35
|
+
assert_equal 'GET', request.method
|
36
|
+
assert_equal '/test?key=value', request.path
|
37
|
+
assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"PLAINTEXT\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"", request['authorization']
|
38
|
+
end
|
39
|
+
|
40
|
+
def test_that_using_auth_headers_on_get_requests_works_with_plaintext
|
41
|
+
require 'oauth/signature/plaintext'
|
42
|
+
c = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237',{
|
43
|
+
:signature_method => 'PLAINTEXT'
|
44
|
+
})
|
45
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
46
|
+
request.oauth!(@http, c, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
47
|
+
|
48
|
+
assert_equal 'GET', request.method
|
49
|
+
assert_equal '/test?key=value', request.path
|
50
|
+
assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"PLAINTEXT\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
|
51
|
+
end
|
52
|
+
|
53
|
+
def test_that_using_auth_headers_on_post_requests_works
|
54
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
55
|
+
request.set_form_data( @request_parameters )
|
56
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
57
|
+
|
58
|
+
assert_equal 'POST', request.method
|
59
|
+
assert_equal '/test', request.path
|
60
|
+
assert_equal 'key=value', request.body
|
61
|
+
correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\""
|
62
|
+
assert_matching_headers correct_sorted_params, request['authorization']
|
63
|
+
end
|
64
|
+
|
65
|
+
def test_that_using_auth_headers_on_post_requests_with_data_works
|
66
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
67
|
+
request.body = "data"
|
68
|
+
request.content_type = 'text/ascii'
|
69
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
70
|
+
|
71
|
+
assert_equal 'POST', request.method
|
72
|
+
assert_equal '/test', request.path
|
73
|
+
assert_equal 'data', request.body
|
74
|
+
assert_equal 'text/ascii', request.content_type
|
75
|
+
assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_body_hash=\"oXyaqmHoChv3HQ2FCvTluqmAC70%3D\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"0DA6pGTapdHSqC15RZelY5rNLDw%3D\", oauth_version=\"1.0\"", request['authorization']
|
76
|
+
end
|
77
|
+
|
78
|
+
def test_that_body_hash_is_obmitted_when_no_algorithm_is_defined
|
79
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
80
|
+
request.body = "data"
|
81
|
+
request.content_type = 'text/ascii'
|
82
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'plaintext'})
|
83
|
+
|
84
|
+
assert_equal 'POST', request.method
|
85
|
+
assert_equal '/test', request.path
|
86
|
+
assert_equal 'data', request.body
|
87
|
+
assert_equal 'text/ascii', request.content_type
|
88
|
+
assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"plaintext\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
|
89
|
+
end
|
90
|
+
|
91
|
+
def test_that_version_is_added_to_existing_user_agent
|
92
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
93
|
+
request['User-Agent'] = "MyApp"
|
94
|
+
request.set_form_data( @request_parameters )
|
95
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
96
|
+
|
97
|
+
assert_equal "MyApp (OAuth gem v#{OAuth::VERSION})", request['User-Agent']
|
98
|
+
end
|
99
|
+
|
100
|
+
def test_that_version_is_set_when_no_user_agent
|
101
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
102
|
+
request.set_form_data( @request_parameters )
|
103
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
104
|
+
|
105
|
+
assert_equal "OAuth gem v#{OAuth::VERSION}", request['User-Agent']
|
106
|
+
end
|
107
|
+
|
108
|
+
def test_that_using_get_params_works
|
109
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
110
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
|
111
|
+
|
112
|
+
assert_equal 'GET', request.method
|
113
|
+
uri = URI.parse(request.path)
|
114
|
+
assert_equal '/test', uri.path
|
115
|
+
assert_equal nil, uri.fragment
|
116
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
|
117
|
+
assert_equal nil, request['authorization']
|
118
|
+
end
|
119
|
+
|
120
|
+
def test_that_using_get_params_works_with_plaintext
|
121
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
122
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
123
|
+
|
124
|
+
assert_equal 'GET', request.method
|
125
|
+
uri = URI.parse(request.path)
|
126
|
+
assert_equal '/test', uri.path
|
127
|
+
assert_equal nil, uri.fragment
|
128
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
|
129
|
+
assert_equal nil, request['authorization']
|
130
|
+
end
|
131
|
+
|
132
|
+
def test_that_using_post_params_works
|
133
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
134
|
+
request.set_form_data( @request_parameters )
|
135
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
|
136
|
+
|
137
|
+
assert_equal 'POST', request.method
|
138
|
+
assert_equal '/test', request.path
|
139
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
140
|
+
assert_equal nil, request['authorization']
|
141
|
+
end
|
142
|
+
|
143
|
+
def test_that_using_post_params_works_with_plaintext
|
144
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
145
|
+
request.set_form_data( @request_parameters )
|
146
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
147
|
+
|
148
|
+
assert_equal 'POST', request.method
|
149
|
+
assert_equal '/test', request.path
|
150
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
151
|
+
assert_equal nil, request['authorization']
|
152
|
+
end
|
153
|
+
|
154
|
+
def test_that_using_post_with_uri_params_works
|
155
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
156
|
+
request.set_form_data( {} ) # just to make sure we have a correct mime type and thus no body hash
|
157
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
|
158
|
+
|
159
|
+
assert_equal 'POST', request.method
|
160
|
+
uri = URI.parse(request.path)
|
161
|
+
assert_equal '/test', uri.path
|
162
|
+
assert_equal nil, uri.fragment
|
163
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
164
|
+
assert_equal "", request.body
|
165
|
+
assert_equal nil, request['authorization']
|
166
|
+
end
|
167
|
+
|
168
|
+
def test_that_using_post_with_uri_and_form_params_works
|
169
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
170
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
171
|
+
request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
|
172
|
+
|
173
|
+
assert_equal 'POST', request.method
|
174
|
+
uri = URI.parse(request.path)
|
175
|
+
assert_equal '/test', uri.path
|
176
|
+
assert_equal nil, uri.fragment
|
177
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
178
|
+
assert_equal "key2=value2", request.body
|
179
|
+
assert_equal nil, request['authorization']
|
180
|
+
end
|
181
|
+
|
182
|
+
def test_that_using_post_with_uri_and_data_works
|
183
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
184
|
+
request.body = "data"
|
185
|
+
request.content_type = 'text/ascii'
|
186
|
+
request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
|
187
|
+
|
188
|
+
assert_equal 'POST', request.method
|
189
|
+
uri = URI.parse(request.path)
|
190
|
+
assert_equal '/test', uri.path
|
191
|
+
assert_equal nil, uri.fragment
|
192
|
+
assert_equal "data", request.body
|
193
|
+
assert_equal 'text/ascii', request.content_type
|
194
|
+
assert_equal "key=value&oauth_body_hash=oXyaqmHoChv3HQ2FCvTluqmAC70%3D&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=MHRKU42iVHU4Ke9kBUDa9Zw6IAM%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
195
|
+
assert_equal nil, request['authorization']
|
196
|
+
end
|
197
|
+
|
198
|
+
|
199
|
+
def test_example_from_specs
|
200
|
+
consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
|
201
|
+
token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
|
202
|
+
request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
|
203
|
+
nonce = 'kllo9940pd9333jh'
|
204
|
+
timestamp = "1191242096"
|
205
|
+
http = Net::HTTP.new(request_uri.host, request_uri.port)
|
206
|
+
|
207
|
+
request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
|
208
|
+
signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
|
209
|
+
assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
|
210
|
+
|
211
|
+
# request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
|
212
|
+
request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp, :realm=>"http://photos.example.net/"})
|
213
|
+
|
214
|
+
assert_equal 'GET', request.method
|
215
|
+
correct_sorted_params = 'oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort
|
216
|
+
correct_sorted_params.unshift 'OAuth realm="http://photos.example.net/"'
|
217
|
+
assert_equal correct_sorted_params, request['authorization'].split(', ').sort
|
218
|
+
end
|
219
|
+
|
220
|
+
def test_step_by_step_token_request
|
221
|
+
consumer=OAuth::Consumer.new(
|
222
|
+
"key",
|
223
|
+
"secret")
|
224
|
+
request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
|
225
|
+
nonce = rand(2**128).to_s
|
226
|
+
timestamp = Time.now.to_i.to_s
|
227
|
+
http = Net::HTTP.new(request_uri.host, request_uri.port)
|
228
|
+
|
229
|
+
request = Net::HTTP::Get.new(request_uri.path)
|
230
|
+
signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
|
231
|
+
assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_version%3D1.0",signature_base_string
|
232
|
+
|
233
|
+
# request = Net::HTTP::Get.new(request_uri.path)
|
234
|
+
request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
|
235
|
+
assert_equal 'GET', request.method
|
236
|
+
assert_nil request.body
|
237
|
+
assert_nil request['authorization']
|
238
|
+
# assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
|
239
|
+
|
240
|
+
response=http.request(request)
|
241
|
+
assert_equal "200",response.code
|
242
|
+
# assert_equal request['authorization'],response.body
|
243
|
+
assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
|
244
|
+
end
|
245
|
+
|
246
|
+
def test_that_put_bodies_signed
|
247
|
+
request = Net::HTTP::Put.new(@request_uri.path)
|
248
|
+
request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
|
249
|
+
request["Content-Type"] = "application/xml"
|
250
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
251
|
+
assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
252
|
+
end
|
253
|
+
|
254
|
+
def test_that_put_bodies_not_signed_even_if_form_urlencoded
|
255
|
+
request = Net::HTTP::Put.new(@request_uri.path)
|
256
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
257
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
258
|
+
assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
259
|
+
end
|
260
|
+
|
261
|
+
def test_that_post_bodies_signed_if_form_urlencoded
|
262
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
263
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
264
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
265
|
+
assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
266
|
+
end
|
267
|
+
|
268
|
+
def test_that_post_bodies_signed_if_other_content_type
|
269
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
270
|
+
request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
|
271
|
+
request["Content-Type"] = "application/xml"
|
272
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
273
|
+
assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
274
|
+
end
|
275
|
+
|
276
|
+
protected
|
277
|
+
|
278
|
+
def request_parameters_to_s
|
279
|
+
@request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
|
280
|
+
end
|
281
|
+
|
282
|
+
end
|
@@ -0,0 +1,72 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
2
|
+
|
3
|
+
class NetHTTPRequestProxyTest < Test::Unit::TestCase
|
4
|
+
|
5
|
+
def test_that_proxy_simple_get_request_works
|
6
|
+
request = Net::HTTP::Get.new('/test?key=value')
|
7
|
+
request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
|
8
|
+
|
9
|
+
expected_parameters = {'key' => ['value']}
|
10
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
11
|
+
assert_equal 'http://example.com/test', request_proxy.normalized_uri
|
12
|
+
assert_equal 'GET', request_proxy.method
|
13
|
+
end
|
14
|
+
|
15
|
+
def test_that_proxy_simple_post_request_works_with_arguments
|
16
|
+
request = Net::HTTP::Post.new('/test')
|
17
|
+
params = {'key' => 'value'}
|
18
|
+
request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
|
19
|
+
|
20
|
+
expected_parameters = {'key' => ['value']}
|
21
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
22
|
+
assert_equal 'http://example.com/test', request_proxy.normalized_uri
|
23
|
+
assert_equal 'POST', request_proxy.method
|
24
|
+
end
|
25
|
+
|
26
|
+
def test_that_proxy_simple_post_request_works_with_form_data
|
27
|
+
request = Net::HTTP::Post.new('/test')
|
28
|
+
params = {'key' => 'value'}
|
29
|
+
request.set_form_data(params)
|
30
|
+
request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
|
31
|
+
|
32
|
+
expected_parameters = {'key' => ['value']}
|
33
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
34
|
+
assert_equal 'http://example.com/test', request_proxy.normalized_uri
|
35
|
+
assert_equal 'POST', request_proxy.method
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_that_proxy_simple_put_request_works_with_argugments
|
39
|
+
request = Net::HTTP::Put.new('/test')
|
40
|
+
params = {'key' => 'value'}
|
41
|
+
request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
|
42
|
+
|
43
|
+
expected_parameters = {'key' => ['value']}
|
44
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
45
|
+
assert_equal 'http://example.com/test', request_proxy.normalized_uri
|
46
|
+
assert_equal 'PUT', request_proxy.method
|
47
|
+
end
|
48
|
+
|
49
|
+
def test_that_proxy_simple_put_request_works_with_form_data
|
50
|
+
request = Net::HTTP::Put.new('/test')
|
51
|
+
params = {'key' => 'value'}
|
52
|
+
request.set_form_data(params)
|
53
|
+
request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
|
54
|
+
|
55
|
+
expected_parameters = {}
|
56
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
57
|
+
assert_equal 'http://example.com/test', request_proxy.normalized_uri
|
58
|
+
assert_equal 'PUT', request_proxy.method
|
59
|
+
end
|
60
|
+
|
61
|
+
def test_that_proxy_post_request_uses_post_parameters
|
62
|
+
request = Net::HTTP::Post.new('/test?key=value')
|
63
|
+
request.set_form_data({'key2' => 'value2'})
|
64
|
+
request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => {'key3' => 'value3'}})
|
65
|
+
|
66
|
+
expected_parameters = {'key' => ['value'], 'key2' => ['value2'], 'key3' => ['value3']}
|
67
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
68
|
+
assert_equal 'http://example.com/test', request_proxy.normalized_uri
|
69
|
+
assert_equal 'POST', request_proxy.method
|
70
|
+
end
|
71
|
+
|
72
|
+
end
|