gregwebs-oauth 0.3.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +102 -0
- data/License.txt +20 -0
- data/Manifest.txt +84 -0
- data/README.rdoc +71 -0
- data/Rakefile +36 -0
- data/TODO +31 -0
- data/bin/oauth +5 -0
- data/examples/yql.rb +44 -0
- data/lib/oauth.rb +4 -0
- data/lib/oauth/cli.rb +378 -0
- data/lib/oauth/client.rb +4 -0
- data/lib/oauth/client/action_controller_request.rb +54 -0
- data/lib/oauth/client/helper.rb +85 -0
- data/lib/oauth/client/net_http.rb +103 -0
- data/lib/oauth/consumer.rb +354 -0
- data/lib/oauth/errors.rb +3 -0
- data/lib/oauth/errors/error.rb +4 -0
- data/lib/oauth/errors/problem.rb +14 -0
- data/lib/oauth/errors/unauthorized.rb +12 -0
- data/lib/oauth/helper.rb +78 -0
- data/lib/oauth/oauth.rb +11 -0
- data/lib/oauth/oauth_test_helper.rb +25 -0
- data/lib/oauth/request_proxy.rb +24 -0
- data/lib/oauth/request_proxy/action_controller_request.rb +61 -0
- data/lib/oauth/request_proxy/base.rb +166 -0
- data/lib/oauth/request_proxy/jabber_request.rb +41 -0
- data/lib/oauth/request_proxy/mock_request.rb +44 -0
- data/lib/oauth/request_proxy/net_http.rb +68 -0
- data/lib/oauth/request_proxy/rack_request.rb +40 -0
- data/lib/oauth/server.rb +66 -0
- data/lib/oauth/signature.rb +40 -0
- data/lib/oauth/signature/base.rb +91 -0
- data/lib/oauth/signature/hmac/base.rb +12 -0
- data/lib/oauth/signature/hmac/md5.rb +9 -0
- data/lib/oauth/signature/hmac/rmd160.rb +9 -0
- data/lib/oauth/signature/hmac/sha1.rb +9 -0
- data/lib/oauth/signature/hmac/sha2.rb +9 -0
- data/lib/oauth/signature/md5.rb +13 -0
- data/lib/oauth/signature/plaintext.rb +23 -0
- data/lib/oauth/signature/rsa/sha1.rb +45 -0
- data/lib/oauth/signature/sha1.rb +13 -0
- data/lib/oauth/token.rb +7 -0
- data/lib/oauth/tokens/access_token.rb +68 -0
- data/lib/oauth/tokens/consumer_token.rb +33 -0
- data/lib/oauth/tokens/request_token.rb +32 -0
- data/lib/oauth/tokens/server_token.rb +9 -0
- data/lib/oauth/tokens/token.rb +17 -0
- data/lib/oauth/version.rb +3 -0
- data/oauth.gemspec +49 -0
- data/script/destroy +14 -0
- data/script/generate +14 -0
- data/script/txt2html +74 -0
- data/setup.rb +1585 -0
- data/tasks/deployment.rake +34 -0
- data/tasks/environment.rake +7 -0
- data/tasks/website.rake +17 -0
- data/test/cases/oauth_case.rb +19 -0
- data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
- data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
- data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
- data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
- data/test/keys/rsa.cert +11 -0
- data/test/keys/rsa.pem +16 -0
- data/test/test_access_token.rb +26 -0
- data/test/test_action_controller_request_proxy.rb +129 -0
- data/test/test_consumer.rb +362 -0
- data/test/test_helper.rb +14 -0
- data/test/test_hmac_sha1.rb +20 -0
- data/test/test_net_http_client.rb +185 -0
- data/test/test_net_http_request_proxy.rb +72 -0
- data/test/test_oauth_helper.rb +49 -0
- data/test/test_rack_request_proxy.rb +40 -0
- data/test/test_request_token.rb +51 -0
- data/test/test_rsa_sha1.rb +59 -0
- data/test/test_server.rb +40 -0
- data/test/test_signature.rb +19 -0
- data/test/test_signature_base.rb +32 -0
- data/test/test_signature_plain_text.rb +31 -0
- data/test/test_token.rb +14 -0
- data/website/index.html +87 -0
- data/website/index.txt +73 -0
- data/website/javascripts/rounded_corners_lite.inc.js +285 -0
- data/website/stylesheets/screen.css +138 -0
- data/website/template.rhtml +48 -0
- metadata +217 -0
@@ -0,0 +1,129 @@
|
|
1
|
+
gem 'actionpack','2.2.2'
|
2
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
3
|
+
|
4
|
+
require 'oauth/request_proxy/action_controller_request'
|
5
|
+
require 'action_controller/test_process'
|
6
|
+
|
7
|
+
class ActionControllerRequestProxyTest < Test::Unit::TestCase
|
8
|
+
def request_proxy(request_method = :get, uri_params = {}, body_params = {})
|
9
|
+
request = ActionController::TestRequest.new
|
10
|
+
|
11
|
+
case request_method
|
12
|
+
when :post
|
13
|
+
request.env['REQUEST_METHOD'] = 'POST'
|
14
|
+
when :put
|
15
|
+
request.env['REQUEST_METHOD'] = 'PUT'
|
16
|
+
end
|
17
|
+
|
18
|
+
request.env['REQUEST_URI'] = '/'
|
19
|
+
request.env['RAW_POST_DATA'] = body_params.to_query
|
20
|
+
request.env['QUERY_STRING'] = body_params.to_query
|
21
|
+
request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
|
22
|
+
|
23
|
+
yield request if block_given?
|
24
|
+
OAuth::RequestProxy.proxy(request, :parameters => uri_params)
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_that_proxy_simple_get_request_works_with_query_params
|
28
|
+
request_proxy = request_proxy(:get, {'key'=>'value'})
|
29
|
+
|
30
|
+
expected_parameters = [["key", "value"]]
|
31
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
32
|
+
assert_equal 'GET', request_proxy.method
|
33
|
+
end
|
34
|
+
|
35
|
+
def test_that_proxy_simple_post_request_works_with_query_params
|
36
|
+
request_proxy = request_proxy(:post, {'key'=>'value'})
|
37
|
+
|
38
|
+
expected_parameters = [["key", "value"]]
|
39
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
40
|
+
assert_equal 'POST', request_proxy.method
|
41
|
+
end
|
42
|
+
|
43
|
+
def test_that_proxy_simple_put_request_works_with_query_params
|
44
|
+
request_proxy = request_proxy(:put, {'key'=>'value'})
|
45
|
+
|
46
|
+
expected_parameters = [["key", "value"]]
|
47
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
48
|
+
assert_equal 'PUT', request_proxy.method
|
49
|
+
end
|
50
|
+
|
51
|
+
def test_that_proxy_simple_get_request_works_with_post_params
|
52
|
+
request_proxy = request_proxy(:get, {}, {'key'=>'value'})
|
53
|
+
|
54
|
+
expected_parameters = []
|
55
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
56
|
+
assert_equal 'GET', request_proxy.method
|
57
|
+
end
|
58
|
+
|
59
|
+
def test_that_proxy_simple_post_request_works_with_post_params
|
60
|
+
request_proxy = request_proxy(:post, {}, {'key'=>'value'})
|
61
|
+
|
62
|
+
expected_parameters = [["key", "value"]]
|
63
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
64
|
+
assert_equal 'POST', request_proxy.method
|
65
|
+
end
|
66
|
+
|
67
|
+
def test_that_proxy_simple_put_request_works_with_post_params
|
68
|
+
request_proxy = request_proxy(:put, {}, {'key'=>'value'})
|
69
|
+
|
70
|
+
expected_parameters = []
|
71
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
72
|
+
assert_equal 'PUT', request_proxy.method
|
73
|
+
end
|
74
|
+
|
75
|
+
def test_that_proxy_simple_get_request_works_with_mixed_params
|
76
|
+
request_proxy = request_proxy(:get, {'key'=>'value'}, {'key2'=>'value2'})
|
77
|
+
|
78
|
+
expected_parameters = [["key", "value"]]
|
79
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
80
|
+
assert_equal 'GET', request_proxy.method
|
81
|
+
end
|
82
|
+
|
83
|
+
def test_that_proxy_simple_post_request_works_with_mixed_params
|
84
|
+
request_proxy = request_proxy(:post, {'key'=>'value'}, {'key2'=>'value2'})
|
85
|
+
|
86
|
+
expected_parameters = [["key", "value"],["key2", "value2"]]
|
87
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
88
|
+
assert_equal 'POST', request_proxy.method
|
89
|
+
end
|
90
|
+
|
91
|
+
def test_that_proxy_simple_put_request_works_with_mixed_params
|
92
|
+
request_proxy = request_proxy(:put, {'key'=>'value'}, {'key2'=>'value2'})
|
93
|
+
|
94
|
+
expected_parameters = [["key", "value"]]
|
95
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
96
|
+
assert_equal 'PUT', request_proxy.method
|
97
|
+
end
|
98
|
+
|
99
|
+
def test_parameter_keys_should_preserve_brackets_from_hash
|
100
|
+
assert_equal(
|
101
|
+
[["message[body]", "This is a test"]],
|
102
|
+
request_proxy(:post, { :message => { :body => 'This is a test' }}).parameters_for_signature
|
103
|
+
)
|
104
|
+
end
|
105
|
+
|
106
|
+
def test_parameter_values_with_amps_should_not_break_parameter_parsing
|
107
|
+
assert_equal(
|
108
|
+
[['message[body]', 'http://foo.com/?a=b&c=d']],
|
109
|
+
request_proxy(:post, { :message => { :body => 'http://foo.com/?a=b&c=d'}}).parameters_for_signature
|
110
|
+
)
|
111
|
+
end
|
112
|
+
|
113
|
+
def test_parameter_keys_should_preserve_brackets_from_array
|
114
|
+
assert_equal(
|
115
|
+
[["foo[]", "123"], ["foo[]", "456"]],
|
116
|
+
request_proxy(:post, { :foo => [123, 456] }).parameters_for_signature.sort
|
117
|
+
)
|
118
|
+
end
|
119
|
+
|
120
|
+
def test_query_string_parameter_values_should_be_cgi_unescaped
|
121
|
+
request = request_proxy do |r|
|
122
|
+
r.env['QUERY_STRING'] = 'url=http%3A%2F%2Ffoo.com%2F%3Fa%3Db%26c%3Dd'
|
123
|
+
end
|
124
|
+
assert_equal(
|
125
|
+
[['url', 'http://foo.com/?a=b&c=d']],
|
126
|
+
request.parameters_for_signature.sort
|
127
|
+
)
|
128
|
+
end
|
129
|
+
end
|
@@ -0,0 +1,362 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper'
|
2
|
+
|
3
|
+
require 'stringio'
|
4
|
+
|
5
|
+
# This performs testing against Andy Smith's test server http://term.ie/oauth/example/
|
6
|
+
# Thanks Andy.
|
7
|
+
# This also means you have to be online to be able to run these.
|
8
|
+
class ConsumerTest < Test::Unit::TestCase
|
9
|
+
def setup
|
10
|
+
@consumer=OAuth::Consumer.new(
|
11
|
+
'consumer_key_86cad9', '5888bf0345e5d237',
|
12
|
+
{
|
13
|
+
:site=>"http://blabla.bla",
|
14
|
+
:proxy=>"http://user:password@proxy.bla:8080",
|
15
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
16
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
17
|
+
:authorize_path=>"/oauth/example/authorize.php",
|
18
|
+
:scheme=>:header,
|
19
|
+
:http_method=>:get
|
20
|
+
})
|
21
|
+
@token = OAuth::ConsumerToken.new(@consumer,'token_411a7f', '3196ffd991c8ebdb')
|
22
|
+
@request_uri = URI.parse('http://example.com/test?key=value')
|
23
|
+
@request_parameters = { 'key' => 'value' }
|
24
|
+
@nonce = 225579211881198842005988698334675835446
|
25
|
+
@timestamp = "1199645624"
|
26
|
+
@consumer.http=Net::HTTP.new(@request_uri.host, @request_uri.port)
|
27
|
+
end
|
28
|
+
|
29
|
+
def test_initializer
|
30
|
+
assert_equal "consumer_key_86cad9",@consumer.key
|
31
|
+
assert_equal "5888bf0345e5d237",@consumer.secret
|
32
|
+
assert_equal "http://blabla.bla",@consumer.site
|
33
|
+
assert_equal "http://user:password@proxy.bla:8080",@consumer.proxy
|
34
|
+
assert_equal "/oauth/example/request_token.php",@consumer.request_token_path
|
35
|
+
assert_equal "/oauth/example/access_token.php",@consumer.access_token_path
|
36
|
+
assert_equal "http://blabla.bla/oauth/example/request_token.php",@consumer.request_token_url
|
37
|
+
assert_equal "http://blabla.bla/oauth/example/access_token.php",@consumer.access_token_url
|
38
|
+
assert_equal "http://blabla.bla/oauth/example/authorize.php",@consumer.authorize_url
|
39
|
+
assert_equal :header,@consumer.scheme
|
40
|
+
assert_equal :get,@consumer.http_method
|
41
|
+
end
|
42
|
+
|
43
|
+
def test_defaults
|
44
|
+
@consumer=OAuth::Consumer.new(
|
45
|
+
"key",
|
46
|
+
"secret",
|
47
|
+
{
|
48
|
+
:site=>"http://twitter.com"
|
49
|
+
})
|
50
|
+
assert_equal "key",@consumer.key
|
51
|
+
assert_equal "secret",@consumer.secret
|
52
|
+
assert_equal "http://twitter.com",@consumer.site
|
53
|
+
assert_nil @consumer.proxy
|
54
|
+
assert_equal "/oauth/request_token",@consumer.request_token_path
|
55
|
+
assert_equal "/oauth/access_token",@consumer.access_token_path
|
56
|
+
assert_equal "http://twitter.com/oauth/request_token",@consumer.request_token_url
|
57
|
+
assert_equal "http://twitter.com/oauth/access_token",@consumer.access_token_url
|
58
|
+
assert_equal "http://twitter.com/oauth/authorize",@consumer.authorize_url
|
59
|
+
assert_equal :header,@consumer.scheme
|
60
|
+
assert_equal :post,@consumer.http_method
|
61
|
+
end
|
62
|
+
|
63
|
+
def test_override_paths
|
64
|
+
@consumer=OAuth::Consumer.new(
|
65
|
+
"key",
|
66
|
+
"secret",
|
67
|
+
{
|
68
|
+
:site=>"http://twitter.com",
|
69
|
+
:request_token_url=>"http://oauth.twitter.com/request_token",
|
70
|
+
:access_token_url=>"http://oauth.twitter.com/access_token",
|
71
|
+
:authorize_url=>"http://site.twitter.com/authorize"
|
72
|
+
})
|
73
|
+
assert_equal "key",@consumer.key
|
74
|
+
assert_equal "secret",@consumer.secret
|
75
|
+
assert_equal "http://twitter.com",@consumer.site
|
76
|
+
assert_equal "/oauth/request_token",@consumer.request_token_path
|
77
|
+
assert_equal "/oauth/access_token",@consumer.access_token_path
|
78
|
+
assert_equal "http://oauth.twitter.com/request_token",@consumer.request_token_url
|
79
|
+
assert_equal "http://oauth.twitter.com/access_token",@consumer.access_token_url
|
80
|
+
assert_equal "http://site.twitter.com/authorize",@consumer.authorize_url
|
81
|
+
assert_equal :header,@consumer.scheme
|
82
|
+
assert_equal :post,@consumer.http_method
|
83
|
+
end
|
84
|
+
|
85
|
+
def test_that_signing_auth_headers_on_get_requests_works
|
86
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
87
|
+
@token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
|
88
|
+
|
89
|
+
assert_equal 'GET', request.method
|
90
|
+
assert_equal '/test?key=value', request.path
|
91
|
+
assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
92
|
+
end
|
93
|
+
|
94
|
+
def test_that_setting_signature_method_on_consumer_effects_signing
|
95
|
+
require 'oauth/signature/plaintext'
|
96
|
+
request = Net::HTTP::Get.new(@request_uri.path)
|
97
|
+
consumer = @consumer.dup
|
98
|
+
consumer.options[:signature_method] = 'PLAINTEXT'
|
99
|
+
token = OAuth::ConsumerToken.new(consumer, 'token_411a7f', '3196ffd991c8ebdb')
|
100
|
+
token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
|
101
|
+
|
102
|
+
assert_no_match( /oauth_signature_method="HMAC-SHA1"/, request['authorization'])
|
103
|
+
assert_match( /oauth_signature_method="PLAINTEXT"/, request['authorization'])
|
104
|
+
end
|
105
|
+
|
106
|
+
def test_that_setting_signature_method_on_consumer_effects_signature_base_string
|
107
|
+
require 'oauth/signature/plaintext'
|
108
|
+
request = Net::HTTP::Get.new(@request_uri.path)
|
109
|
+
consumer = @consumer.dup
|
110
|
+
consumer.options[:signature_method] = 'PLAINTEXT'
|
111
|
+
|
112
|
+
request = Net::HTTP::Get.new('/')
|
113
|
+
signature_base_string = consumer.signature_base_string(request)
|
114
|
+
|
115
|
+
assert_no_match( /HMAC-SHA1/, signature_base_string)
|
116
|
+
assert_equal( "#{consumer.secret}%26", signature_base_string)
|
117
|
+
end
|
118
|
+
|
119
|
+
def test_that_plaintext_signature_works
|
120
|
+
require 'oauth/signature/plaintext'
|
121
|
+
consumer = OAuth::Consumer.new("key", "secret",
|
122
|
+
:site => "http://term.ie", :signature_method => 'PLAINTEXT')
|
123
|
+
access_token = OAuth::AccessToken.new(consumer, 'accesskey', 'accesssecret')
|
124
|
+
response = access_token.get("/oauth/example/echo_api.php?echo=hello")
|
125
|
+
|
126
|
+
assert_equal 'echo=hello', response.body
|
127
|
+
end
|
128
|
+
|
129
|
+
def test_that_signing_auth_headers_on_post_requests_works
|
130
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
131
|
+
request.set_form_data( @request_parameters )
|
132
|
+
@token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
|
133
|
+
# assert_equal "",request.oauth_helper.signature_base_string
|
134
|
+
|
135
|
+
assert_equal 'POST', request.method
|
136
|
+
assert_equal '/test', request.path
|
137
|
+
assert_equal 'key=value', request.body
|
138
|
+
assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
139
|
+
end
|
140
|
+
|
141
|
+
def test_that_signing_post_params_works
|
142
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
143
|
+
request.set_form_data( @request_parameters )
|
144
|
+
@token.sign!(request, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
|
145
|
+
|
146
|
+
assert_equal 'POST', request.method
|
147
|
+
assert_equal '/test', request.path
|
148
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
149
|
+
assert_equal nil, request['authorization']
|
150
|
+
end
|
151
|
+
|
152
|
+
def test_that_using_auth_headers_on_get_on_create_signed_requests_works
|
153
|
+
request=@consumer.create_signed_request(:get,@request_uri.path+ "?" + request_parameters_to_s,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters)
|
154
|
+
|
155
|
+
assert_equal 'GET', request.method
|
156
|
+
assert_equal '/test?key=value', request.path
|
157
|
+
assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
158
|
+
end
|
159
|
+
|
160
|
+
def test_that_using_auth_headers_on_post_on_create_signed_requests_works
|
161
|
+
request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
|
162
|
+
assert_equal 'POST', request.method
|
163
|
+
assert_equal '/test', request.path
|
164
|
+
assert_equal 'key=value', request.body
|
165
|
+
assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
166
|
+
end
|
167
|
+
|
168
|
+
def test_that_signing_post_params_works_2
|
169
|
+
request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
|
170
|
+
|
171
|
+
assert_equal 'POST', request.method
|
172
|
+
assert_equal '/test', request.path
|
173
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
174
|
+
assert_equal nil, request['authorization']
|
175
|
+
end
|
176
|
+
|
177
|
+
def test_step_by_step_token_request
|
178
|
+
@consumer=OAuth::Consumer.new(
|
179
|
+
"key",
|
180
|
+
"secret",
|
181
|
+
{
|
182
|
+
:site=>"http://term.ie",
|
183
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
184
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
185
|
+
:authorize_path=>"/oauth/example/authorize.php",
|
186
|
+
:scheme=>:header
|
187
|
+
})
|
188
|
+
options={:nonce=>'nonce',:timestamp=>Time.now.to_i.to_s}
|
189
|
+
|
190
|
+
request = Net::HTTP::Get.new("/oauth/example/request_token.php")
|
191
|
+
signature_base_string=@consumer.signature_base_string(request,nil,options)
|
192
|
+
assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{options[:nonce]}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{options[:timestamp]}%26oauth_version%3D1.0",signature_base_string
|
193
|
+
@consumer.sign!(request, nil,options)
|
194
|
+
|
195
|
+
assert_equal 'GET', request.method
|
196
|
+
assert_equal nil, request.body
|
197
|
+
response=@consumer.http.request(request)
|
198
|
+
assert_equal "200",response.code
|
199
|
+
assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
|
200
|
+
end
|
201
|
+
|
202
|
+
def test_get_token_sequence
|
203
|
+
@consumer=OAuth::Consumer.new(
|
204
|
+
"key",
|
205
|
+
"secret",
|
206
|
+
{
|
207
|
+
:site=>"http://term.ie",
|
208
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
209
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
210
|
+
:authorize_path=>"/oauth/example/authorize.php"
|
211
|
+
})
|
212
|
+
assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
|
213
|
+
assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
|
214
|
+
|
215
|
+
assert !@consumer.request_token_url?, "Should not use fully qualified request token url"
|
216
|
+
assert !@consumer.access_token_url?, "Should not use fully qualified access token url"
|
217
|
+
assert !@consumer.authorize_url?, "Should not use fully qualified url"
|
218
|
+
|
219
|
+
@request_token=@consumer.get_request_token
|
220
|
+
assert_not_nil @request_token
|
221
|
+
assert_equal "requestkey",@request_token.token
|
222
|
+
assert_equal "requestsecret",@request_token.secret
|
223
|
+
assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
|
224
|
+
|
225
|
+
@access_token=@request_token.get_access_token
|
226
|
+
assert_not_nil @access_token
|
227
|
+
assert_equal "accesskey",@access_token.token
|
228
|
+
assert_equal "accesssecret",@access_token.secret
|
229
|
+
|
230
|
+
@response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
|
231
|
+
assert_not_nil @response
|
232
|
+
assert_equal "200",@response.code
|
233
|
+
assert_equal( "ok=hello&test=this",@response.body)
|
234
|
+
|
235
|
+
@response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
|
236
|
+
assert_not_nil @response
|
237
|
+
assert_equal "200",@response.code
|
238
|
+
assert_equal( "ok=hello&test=this",@response.body)
|
239
|
+
end
|
240
|
+
|
241
|
+
def test_get_token_sequence_using_fqdn
|
242
|
+
@consumer=OAuth::Consumer.new(
|
243
|
+
"key",
|
244
|
+
"secret",
|
245
|
+
{
|
246
|
+
:site=>"http://term.ie",
|
247
|
+
:request_token_url=>"http://term.ie/oauth/example/request_token.php",
|
248
|
+
:access_token_url=>"http://term.ie/oauth/example/access_token.php",
|
249
|
+
:authorize_url=>"http://term.ie/oauth/example/authorize.php"
|
250
|
+
})
|
251
|
+
assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
|
252
|
+
assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
|
253
|
+
|
254
|
+
assert @consumer.request_token_url?, "Should use fully qualified request token url"
|
255
|
+
assert @consumer.access_token_url?, "Should use fully qualified access token url"
|
256
|
+
assert @consumer.authorize_url?, "Should use fully qualified url"
|
257
|
+
|
258
|
+
@request_token=@consumer.get_request_token
|
259
|
+
assert_not_nil @request_token
|
260
|
+
assert_equal "requestkey",@request_token.token
|
261
|
+
assert_equal "requestsecret",@request_token.secret
|
262
|
+
assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
|
263
|
+
|
264
|
+
@access_token=@request_token.get_access_token
|
265
|
+
assert_not_nil @access_token
|
266
|
+
assert_equal "accesskey",@access_token.token
|
267
|
+
assert_equal "accesssecret",@access_token.secret
|
268
|
+
|
269
|
+
@response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
|
270
|
+
assert_not_nil @response
|
271
|
+
assert_equal "200",@response.code
|
272
|
+
assert_equal( "ok=hello&test=this",@response.body)
|
273
|
+
|
274
|
+
@response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
|
275
|
+
assert_not_nil @response
|
276
|
+
assert_equal "200",@response.code
|
277
|
+
assert_equal( "ok=hello&test=this",@response.body)
|
278
|
+
end
|
279
|
+
|
280
|
+
|
281
|
+
# This test does an actual https request (the result doesn't matter)
|
282
|
+
# to initialize the same way as get_request_token does. Can be any
|
283
|
+
# site that supports https.
|
284
|
+
#
|
285
|
+
# It also generates "warning: using default DH parameters." which I
|
286
|
+
# don't know how to get rid of
|
287
|
+
# def test_serialization_with_https
|
288
|
+
# consumer = OAuth::Consumer.new('token', 'secret', :site => 'https://plazes.net')
|
289
|
+
# consumer.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
290
|
+
# consumer.http.get('/')
|
291
|
+
#
|
292
|
+
# assert_nothing_raised do
|
293
|
+
# # Specifically this should not raise TypeError: no marshal_dump
|
294
|
+
# # is defined for class OpenSSL::SSL::SSLContext
|
295
|
+
# Marshal.dump(consumer)
|
296
|
+
# end
|
297
|
+
# end
|
298
|
+
#
|
299
|
+
def test_get_request_token_with_custom_arguments
|
300
|
+
@consumer=OAuth::Consumer.new(
|
301
|
+
"key",
|
302
|
+
"secret",
|
303
|
+
{
|
304
|
+
:site=>"http://term.ie",
|
305
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
306
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
307
|
+
:authorize_path=>"/oauth/example/authorize.php"
|
308
|
+
})
|
309
|
+
|
310
|
+
|
311
|
+
debug = ""
|
312
|
+
@consumer.http.set_debug_output(debug)
|
313
|
+
|
314
|
+
# get_request_token should receive our custom request_options and *arguments parameters from get_request_token.
|
315
|
+
@consumer.get_request_token({}, {:scope => "http://www.google.com/calendar/feeds http://picasaweb.google.com/data"})
|
316
|
+
|
317
|
+
# Because this is a POST request, create_http_request should take the first element of *arguments
|
318
|
+
# and turn it into URL-encoded data in the body of the POST.
|
319
|
+
assert_match( /^<- "scope=http%3a%2f%2fwww.google.com%2fcalendar%2ffeeds%20http%3a%2f%2fpicasaweb.google.com%2fdata"/,
|
320
|
+
debug)
|
321
|
+
end
|
322
|
+
|
323
|
+
def test_post_with_body_stream
|
324
|
+
@consumer=OAuth::Consumer.new(
|
325
|
+
"key",
|
326
|
+
"secret",
|
327
|
+
{
|
328
|
+
:site=>"http://term.ie",
|
329
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
330
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
331
|
+
:authorize_path=>"/oauth/example/authorize.php"
|
332
|
+
})
|
333
|
+
|
334
|
+
|
335
|
+
@request_token=@consumer.get_request_token
|
336
|
+
@access_token=@request_token.get_access_token
|
337
|
+
|
338
|
+
request_body_string = "Hello, hello, hello"
|
339
|
+
request_body_stream = StringIO.new( request_body_string )
|
340
|
+
|
341
|
+
@response=@access_token.post("/oauth/example/echo_api.php",request_body_stream)
|
342
|
+
assert_not_nil @response
|
343
|
+
assert_equal "200",@response.code
|
344
|
+
|
345
|
+
request_body_file = File.open(__FILE__)
|
346
|
+
|
347
|
+
@response=@access_token.post("/oauth/example/echo_api.php",request_body_file)
|
348
|
+
assert_not_nil @response
|
349
|
+
assert_equal "200",@response.code
|
350
|
+
|
351
|
+
# unfortunately I don't know of a way to test that the body data was received correctly since the test server at http://term.ie
|
352
|
+
# echos back any non-oauth parameters but not the body. However, this does test that the request is still correctly signed
|
353
|
+
# (including the Content-Length header) and that the server received Content-Length bytes of body since it won't process the
|
354
|
+
# request & respond until the full body length is received.
|
355
|
+
end
|
356
|
+
|
357
|
+
protected
|
358
|
+
|
359
|
+
def request_parameters_to_s
|
360
|
+
@request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
|
361
|
+
end
|
362
|
+
end
|