httpclient 2.2.5 → 2.2.6

data/README.txt

@@ -1,5 +1,5 @@
 httpclient - HTTP accessing library.
-Copyright (C) 2000-2011  NAKAMURA, Hiroshi  <nahi@ruby-lang.org>.
+Copyright (C) 2000-2012  NAKAMURA, Hiroshi  <nahi@ruby-lang.org>.
 
 'httpclient' gives something like the functionality of libwww-perl (LWP) in
 Ruby.  'httpclient' formerly known as 'http-access2'.
@@ -18,7 +18,7 @@ See HTTPClient for documentation.
   * MT-safe
   * streaming POST (POST with File/IO)
   * Digest auth
-  * Negotiate/NTLM auth for WWW-Authenticate (requires net/htlm module; rubyntlm gem)
+  * Negotiate/NTLM auth for WWW-Authenticate (requires net/ntlm module; rubyntlm gem)
   * NTLM auth for Proxy-Authenticate (requires 'win32/sspi' module; rubysspi gem)
   * extensible with filter interface
   * you don't have to care HTTP/1.1 persistent connection
@@ -95,6 +95,61 @@ Thanks in advance.
 
 == Changes
 
+= Changes in 2.2.6 =
+
+  August 14, 2012 - version 2.2.6
+
+    * Bug fixes
+
+      * Make get_content doesn't raise a BadResponseError for perfectly good
+	responses like 304 Not Modified. Thanks to Florian Hars.
+
+      * Add 'Content-Type: application/x-www-form-urlencoded' for the PUT
+	request that has urlencoded entity-body.
+
+    * Features
+
+      * Add HTTPClient::IncludeClient by Jonathan Rochkind, a mix-in for easily
+	adding a thread-safe lazily initialized class-level HTTPClient object
+	to your class.
+
+      * Proxy DigestAuth support. Thanks to Alexander Kotov and Florian Hars.
+
+      * Accept an array of strings (and IO-likes) as a query value
+	e.g. `{ x: 'a', y: [1,2,3] }` is encoded into `"x=a&y=1&y=2&y=3"`.
+	Thanks to Akinori MUSHA.
+
+      * Allow body for DELETE method.
+
+      * Allow :follow_redirect => true for HEAD request.
+
+      * Fill request parameters request_method, request_uri and request_query
+	as part of response Message::Header.
+
+= Changes in 2.2.5 =
+
+  May 06, 2012 - version 2.2.5
+
+    * Bug fixes
+    
+      * Added Magic encoding comment to hexdump.rb to avoid encoding error.
+      * Add workaround for JRuby issue on Windows (JRUBY-6136)
+	On Windows, calling File#size fails with an Unknown error (20047).
+	This workaround uses File#lstat instead.
+      * Require open-uri only on ruby 1.9, since it is not needed on 1.8.
+
+    * Features
+
+      * Allow symbol Header name for HTTP request.
+      * Dump more SSL certificate information under $DEBUG.
+      * Add HTTPClient::SSLConfig#ssl_version property.
+      * Add 'Accept: */*' header to request by default. Rails requies it.
+	It doesn't override given Accept header from API.
+      * Add HTTPClient::SSLConfig#set_default_paths. This method makes
+	HTTPClient instance to use OpenSSL's default trusted CA certificates.
+      * Allow to set Date header manually.
+	ex. clent.get(uri, :header => {'Date' => Time.now.httpdate})
+
 = Changes in 2.2.4 =
 
   Dec 08, 2011 - version 2.2.4

data/lib/httpclient.rb

@@ -577,7 +577,7 @@ class HTTPClient
   # follow HTTP redirect by yourself if you need.
   def get_content(uri, *args, &block)
     query, header = keyword_argument(args, :query, :header)
-    follow_redirect(:get, uri, query, nil, header || {}, &block).content
+    success_content(follow_redirect(:get, uri, query, nil, header || {}, &block))
   end
 
   # Posts a content.
@@ -607,12 +607,14 @@ class HTTPClient
   # post_content follows HTTP redirect status (see HTTP::Status.redirect?)
   # internally and try to post the content to redirected URL.  See
   # redirect_uri_callback= how HTTP redirection is handled.
+  # Bear in mind that you should not depend on post_content because it sends
+  # the same POST method to the new location which is prohibited in HTTP spec.
   #
   # If you need to get full HTTP response including HTTP status and headers,
   # use post method.
   def post_content(uri, *args, &block)
     body, header = keyword_argument(args, :body, :header)
-    follow_redirect(:post, uri, nil, body, header || {}, &block).content
+    success_content(follow_redirect(:post, uri, nil, body, header || {}, &block))
   end
 
   # A method for redirect uri callback.  How to use:
@@ -653,7 +655,7 @@ class HTTPClient
 
   # Sends HEAD request to the specified URL.  See request for arguments.
   def head(uri, *args)
-    request(:head, uri, argument_to_hash(args, :query, :header))
+    request(:head, uri, argument_to_hash(args, :query, :header, :follow_redirect))
   end
 
   # Sends GET request to the specified URL.  See request for arguments.
@@ -662,6 +664,8 @@ class HTTPClient
   end
 
   # Sends POST request to the specified URL.  See request for arguments.
+  # You should not depend on :follow_redirect => true for POST method.  It
+  # sends the same POST method to the new location which is prohibited in HTTP spec.
   def post(uri, *args, &block)
     request(:post, uri, argument_to_hash(args, :body, :header, :follow_redirect), &block)
   end
@@ -673,7 +677,7 @@ class HTTPClient
 
   # Sends DELETE request to the specified URL.  See request for arguments.
   def delete(uri, *args, &block)
-    request(:delete, uri, argument_to_hash(args, :header), &block)
+    request(:delete, uri, argument_to_hash(args, :body, :header), &block)
   end
 
   # Sends OPTIONS request to the specified URL.  See request for arguments.
@@ -693,7 +697,7 @@ class HTTPClient
   
   # Sends TRACE request to the specified URL.  See request for arguments.
   def trace(uri, *args, &block)
-    request('TRACE', uri, argument_to_hash(args, :query, :body, :header), &block)
+    request('TRACE', uri, argument_to_hash(args, :query, :header), &block)
   end
 
   # Sends a request to the specified URL.
@@ -939,18 +943,24 @@ private
     while retry_number < @follow_redirect_count
       body.pos = pos if pos
       res = do_request(method, uri, query, body, header, &filtered_block)
-      if HTTP::Status.successful?(res.status)
-        return res
-      elsif HTTP::Status.redirect?(res.status)
+      if HTTP::Status.redirect?(res.status)
         uri = urify(@redirect_uri_callback.call(uri, res))
         retry_number += 1
       else
-        raise BadResponseError.new("unexpected response: #{res.header.inspect}", res)
+        return res
       end
     end
     raise BadResponseError.new("retry count exceeded", res)
   end
 
+  def success_content(res)
+    if HTTP::Status.successful?(res.status)
+      return res.content
+    else
+      raise BadResponseError.new("unexpected response: #{res.header.inspect}", res)
+    end
+  end
+
   def protect_keep_alive_disconnected
     begin
       yield
@@ -984,7 +994,7 @@ private
             header = override_header(header, 'Content-Type', content_type)
           end
         end
-      elsif method == 'POST'
+      else
         if file_in_form_data?(body)
           boundary = create_boundary
           content_type = "multipart/form-data; boundary=#{boundary}"
@@ -1051,11 +1061,11 @@ private
     end
     if str = @test_loopback_response.shift
       dump_dummy_request_response(req.http_body.dump, str) if @debug_dev
-      conn.push(HTTP::Message.new_response(str))
+      conn.push(HTTP::Message.new_response(str, req.header))
       return
     end
     content = block ? nil : ''
-    res = HTTP::Message.new_response(content)
+    res = HTTP::Message.new_response(content, req.header)
     @debug_dev << "= Request\n\n" if @debug_dev
     sess = @session_manager.query(req, proxy)
     res.peer_cert = sess.ssl_peer_cert
@@ -1087,11 +1097,11 @@ private
     end
     if str = @test_loopback_response.shift
       dump_dummy_request_response(req.http_body.dump, str) if @debug_dev
-      conn.push(HTTP::Message.new_response(StringIO.new(str)))
+      conn.push(HTTP::Message.new_response(StringIO.new(str), req.header))
       return
     end
     piper, pipew = IO.pipe
-    res = HTTP::Message.new_response(piper)
+    res = HTTP::Message.new_response(piper, req.header)
     @debug_dev << "= Request\n\n" if @debug_dev
     sess = @session_manager.query(req, proxy)
     res.peer_cert = sess.ssl_peer_cert

data/lib/httpclient/auth.rb

@@ -120,6 +120,10 @@ class HTTPClient
 
     # Filter API implementation.  Traps HTTP response and parses
     # 'WWW-Authenticate' header.
+    #
+    # This remembers the challenges for all authentication methods
+    # available to the client. On the subsequent retry of the request,
+    # filter_request will select the strongest method.
     def filter_response(req, res)
       command = nil
       if res.status == HTTP::Status::UNAUTHORIZED
@@ -156,17 +160,19 @@ class HTTPClient
   # SSPINegotiateAuth requires 'win32/sspi' module.
   class ProxyAuth < AuthFilterBase
     attr_reader :basic_auth
+    attr_reader :digest_auth
     attr_reader :negotiate_auth
     attr_reader :sspi_negotiate_auth
 
     # Creates new ProxyAuth.
     def initialize
-      @basic_auth = BasicAuth.new
+      @basic_auth = ProxyBasicAuth.new
       @negotiate_auth = NegotiateAuth.new
       @ntlm_auth = NegotiateAuth.new('NTLM')
       @sspi_negotiate_auth = SSPINegotiateAuth.new
+      @digest_auth = ProxyDigestAuth.new
       # sort authenticators by priority
-      @authenticator = [@negotiate_auth, @ntlm_auth, @sspi_negotiate_auth, @basic_auth]
+      @authenticator = [@negotiate_auth, @ntlm_auth, @sspi_negotiate_auth, @digest_auth, @basic_auth]
     end
 
     # Resets challenge state.  See sub filters for more details.
@@ -281,6 +287,25 @@ class HTTPClient
     end
   end
 
+  class ProxyBasicAuth < BasicAuth
+
+    def set(uri, user, passwd)
+      @set = true
+      @cred = ["#{user}:#{passwd}"].pack('m').tr("\n", '')
+    end
+
+    def get(req)
+      target_uri = req.header.request_uri
+      return nil unless @challengeable['challenged']
+      @cred
+    end
+
+    # Challenge handler: remember URL for response.
+    def challenge(uri, param_str = nil)
+      @challengeable['challenged'] = true
+      true
+    end
+  end
 
   # Authentication filter for handling DigestAuth negotiation.
   # Used in WWWAuth.
@@ -352,9 +377,12 @@ class HTTPClient
       path = req.header.create_query_uri
       a_1 = "#{user}:#{param['realm']}:#{passwd}"
       a_2 = "#{method}:#{path}"
+      qop = param['qop']
       nonce = param['nonce']
-      cnonce = generate_cnonce()
-      @nonce_count += 1
+      cnonce = nil
+      if qop || param['algorithm'] =~ /MD5-sess/
+        cnonce = generate_cnonce()
+      end
       a_1_md5sum = Digest::MD5.hexdigest(a_1)
       if param['algorithm'] =~ /MD5-sess/
         a_1_md5sum = Digest::MD5.hexdigest("#{a_1_md5sum}:#{nonce}:#{cnonce}")
@@ -365,18 +393,25 @@ class HTTPClient
       message_digest = []
       message_digest << a_1_md5sum
       message_digest << nonce
-      message_digest << ('%08x' % @nonce_count)
-      message_digest << cnonce
-      message_digest << param['qop']
+      if qop
+        @nonce_count += 1
+        message_digest << ('%08x' % @nonce_count)
+        message_digest << cnonce
+        message_digest << param['qop']
+      end
       message_digest << Digest::MD5.hexdigest(a_2)
       header = []
       header << "username=\"#{user}\""
       header << "realm=\"#{param['realm']}\""
       header << "nonce=\"#{nonce}\""
       header << "uri=\"#{path}\""
-      header << "cnonce=\"#{cnonce}\""
-      header << "nc=#{'%08x' % @nonce_count}"
-      header << "qop=#{param['qop']}"
+      if cnonce
+        header << "cnonce=\"#{cnonce}\""
+      end
+      if qop
+        header << "nc=#{'%08x' % @nonce_count}"
+        header << "qop=#{param['qop']}"
+      end
       header << "response=\"#{Digest::MD5.hexdigest(message_digest.join(":"))}\""
       header << "algorithm=#{algorithm}"
       header << "opaque=\"#{param['opaque']}\"" if param.key?('opaque')
@@ -404,6 +439,39 @@ class HTTPClient
   end
 
 
+  # Authentication filter for handling DigestAuth negotiation.
+  # Ignores uri argument. Used in ProxyAuth.
+  class ProxyDigestAuth < DigestAuth
+
+    # overrides DigestAuth#set. sets default user name and password. uri is not used.
+    def set(uri, user, passwd)
+      @set = true
+      @auth = [user, passwd]
+    end
+
+    # overrides DigestAuth#get. Uses default user name and password
+    # regardless of target uri if the proxy has required authentication
+    # before
+    def get(req)
+      target_uri = req.header.request_uri
+      param = @challenge
+      return nil unless param
+      user, passwd = @auth
+      return nil unless user
+      calc_cred(req, user, passwd, param)
+    end
+
+    def reset_challenge
+      @challenge = nil
+    end
+
+    def challenge(uri, param_str)
+      @challenge = parse_challenge_param(param_str)
+      true
+    end
+
+  end
+
   # Authentication filter for handling Negotiate/NTLM negotiation.
   # Used in WWWAuth and ProxyAuth.
   #

data/lib/httpclient/http.rb

@@ -199,9 +199,14 @@ module HTTP
       end
 
       # Initialize this instance as a response.
-      def init_response(status_code)
+      def init_response(status_code, req)
         @is_request = false
         self.status_code = status_code
+        if req
+          @request_method = req.request_method
+          @request_uri = req.request_uri
+          @request_query = req.request_query
+        end
       end
 
       # Sets status code and reason phrase.
@@ -456,7 +461,7 @@ module HTTP
       end
 
       # Initialize this instance as a response.
-      def init_response(body = nil)
+      def init_response(body)
         @body = body
         if @body.respond_to?(:bytesize)
           @size = @body.bytesize
@@ -549,7 +554,7 @@ module HTTP
 
       def remember_pos(io)
         # IO may not support it (ex. IO.pipe)
-        @positions[io] = io.pos rescue nil
+        @positions[io] = io.pos if io.respond_to?(:pos)
       end
 
       def reset_pos(io)
@@ -721,9 +726,9 @@ module HTTP
 
       # Creates a Message instance of response.
       # body:: a String or an IO of response message body.
-      def new_response(body)
+      def new_response(body, req = nil)
         m = new
-        m.http_header.init_response(Status::OK)
+        m.http_header.init_response(Status::OK, req)
         m.http_body = Body.new
         m.http_body.init_response(body)
         m.http_header.body_size = m.http_body.size || 0
@@ -821,13 +826,36 @@ module HTTP
         end
       end
 
+      def Array.try_convert(value)
+        return value if value.instance_of?(Array)
+        return nil if !value.respond_to?(:to_ary)
+        converted = value.to_ary
+        return converted if converted.instance_of?(Array)
+
+        cname = value.class.name
+        raise TypeError, "can't convert %s to %s (%s#%s gives %s)" %
+          [cname, Array.name, cname, :to_ary, converted.class.name]
+      end unless Array.respond_to?(:try_convert)
+
       def escape_query(query) # :nodoc:
-        query.collect { |attr, value|
-          if value.respond_to?(:read)
-            value = value.read
+        pairs = []
+        query.each { |attr, value|
+          left = escape(attr.to_s) << '='
+          if values = Array.try_convert(value)
+            values.each { |value|
+              if value.respond_to?(:read)
+                value = value.read
+              end
+              pairs.push(left + escape(value.to_s))
+            }
+          else
+            if value.respond_to?(:read)
+              value = value.read
+            end
+            pairs.push(left << escape(value.to_s))
           end
-          escape(attr.to_s) << '=' << escape(value.to_s)
-        }.join('&')
+        }
+        pairs.join('&')
       end
 
       # from CGI.escape

data/lib/httpclient/include_client.rb

@@ -0,0 +1,83 @@
+# It is useful to re-use a HTTPClient instance for multiple requests, to
+# re-use HTTP 1.1 persistent connections. 
+#
+# To do that, you sometimes want to store an HTTPClient instance in a global/
+# class variable location, so it can be accessed and re-used. 
+#
+# This mix-in makes it easy to create class-level access to one or more
+# HTTPClient instances. The HTTPClient instances are lazily initialized
+# on first use (to, for instance, avoid interfering with WebMock/VCR),
+# and are initialized in a thread-safe manner. Note that a 
+# HTTPClient, once initialized, is safe for use in multiple threads.
+#
+# Note that you `extend` HTTPClient::IncludeClient, not `include. 
+#
+#    require 'httpclient/include_client'
+#    class Widget
+#       extend HTTPClient::IncludeClient
+#
+#       include_http_client
+#       # and/or, specify more stuff
+#       include_http_client('http://myproxy:8080', :method_name => :my_client) do |client|
+#          # any init you want
+#          client.set_cookie_store nil
+#          client.
+#       end
+#    end
+#
+# That creates two HTTPClient instances available at the class level.
+# The first will be available from Widget.http_client (default method
+# name for `include_http_client`), with default initialization. 
+#
+# The second will be available at Widget.my_client, with the init arguments
+# provided, further initialized by the block provided. 
+#
+# In addition to a class-level method, for convenience instance-level methods
+# are also provided. Widget.http_client is identical to Widget.new.http_client
+#
+#
+class HTTPClient
+  module IncludeClient
+        
+
+    def include_http_client(*args, &block)
+      # We're going to dynamically define a class
+      # to hold our state, namespaced, as well as possibly dynamic
+      # name of cover method. 
+      method_name = (args.last.delete(:method_name) if args.last.kind_of? Hash) || :http_client
+      args.pop if args.last == {} # if last arg was named methods now empty, remove it.       
+      
+      # By the amazingness of closures, we can create these things
+      # in local vars here and use em in our method, we don't even
+      # need iVars for state. 
+      client_instance = nil
+      client_mutex = Mutex.new
+      client_args = args
+      client_block = block
+
+      # to define a _class method_ on the specific class that's currently
+      # `self`, we have to use this bit of metaprogramming, sorry. 
+      (class << self; self ; end).instance_eval do      
+        define_method(method_name) do                            
+          # implementation copied from ruby stdlib singleton
+          # to create this global obj thread-safely.
+          return client_instance if client_instance
+          client_mutex.synchronize do
+            return client_instance if client_instance
+            # init HTTPClient with specified args/block  
+            client_instance = HTTPClient.new(*client_args)
+            client_block.call(client_instance) if client_block
+          end
+          return client_instance
+        end
+      end
+      
+      # And for convenience, an  _instance method_ on the class that just
+      # delegates to the class method. 
+      define_method(method_name) do
+        self.class.send(method_name)
+      end
+          
+    end
+  end
+end

data/lib/httpclient/session.rb

@@ -316,6 +316,18 @@ class HTTPClient
       end
     end
 
+    def ssl_version
+      @ssl_socket.ssl_version if @ssl_socket.respond_to?(:ssl_version)
+    end
+
+    def ssl_cipher
+      @ssl_socket.cipher
+    end
+
+    def ssl_state
+      @ssl_socket.state
+    end
+
     def peer_cert
       @ssl_socket.peer_cert
     end
@@ -741,7 +753,15 @@ class HTTPClient
             else
               @socket = create_ssl_socket(@socket)
               connect_ssl_proxy(@socket, URI.parse(@dest.to_s)) if @proxy
-              @socket.ssl_connect(@dest.host)
+              begin
+                @socket.ssl_connect(@dest.host)
+              ensure
+                if $DEBUG
+                  warn("Protocol version: #{@socket.ssl_version}")
+                  warn("Cipher: #{@socket.ssl_cipher.inspect}")
+                  warn("State: #{@socket.ssl_state}")
+                end
+              end
               @socket.post_connection_check(@dest)
               @ssl_peer_cert = @socket.peer_cert
             end

data/lib/httpclient/version.rb

@@ -1,3 +1,3 @@
 class HTTPClient
-  VERSION = '2.2.5'
+  VERSION = '2.2.6'
 end

data/sample/oauth_salesforce_10.rb

@@ -0,0 +1,63 @@
+require 'oauthclient'
+
+# Get your own consumer token from http://twitter.com/apps
+consumer_key = '3MVG9y6x0357HledNGHa9tJrrlOmpCSo5alTv4W4AG1M0f9a8cGBIwo5wN2bQ7hjAEsjD7SBWf3H2Oycc9Qql'
+consumer_secret = '1404017425765973464'
+
+callback = ARGV.shift # can be nil for OAuth 1.0. (not 1.0a)
+request_token_url = 'https://login.salesforce.com/_nc_external/system/security/oauth/RequestTokenHandler'
+oob_authorize_url = 'https://login.salesforce.com/setup/secur/RemoteAccessAuthorizationPage.apexp'
+access_token_url = 'https://login.salesforce.com/_nc_external/system/security/oauth/AccessTokenHandler'
+
+STDOUT.sync = true
+
+# create OAuth client.
+client = OAuthClient.new
+client.oauth_config.consumer_key = consumer_key
+client.oauth_config.consumer_secret = consumer_secret
+client.oauth_config.signature_method = 'HMAC-SHA1'
+client.oauth_config.http_method = :get # Twitter does not allow :post
+client.debug_dev = STDERR if $DEBUG
+
+client.ssl_config.ssl_version = "TLSv1_1"
+
+# Get request token.
+res = client.get_request_token(request_token_url, callback)
+p res.status
+p res.oauth_params
+p res.content
+p client.oauth_config
+token = res.oauth_params['oauth_token']
+secret = res.oauth_params['oauth_token_secret']
+raise if token.nil? or secret.nil?
+
+# You need to confirm authorization out of band.
+puts
+puts "Go here and do confirm: #{oob_authorize_url}?oauth_token=#{token}&oauth_consumer_key=#{consumer_key}"
+puts "Type oauth_verifier/PIN (if given) and hit [enter] to go"
+verifier = gets.chomp
+verifier = nil if verifier.empty?
+
+# Get access token.
+# FYI: You may need to re-construct OAuthClient instance here.
+#      In normal web app flow, getting access token and getting request token
+#      must be done in different HTTP requests.
+#  client = OAuthClient.new
+#  client.oauth_config.consumer_key = consumer_key
+#  client.oauth_config.consumer_secret = consumer_secret
+#  client.oauth_config.signature_method = 'HMAC-SHA1'
+#  client.oauth_config.http_method = :get # Twitter does not allow :post
+res = client.get_access_token(access_token_url, token, secret, verifier)
+p res.status
+p res.oauth_params
+p res.content
+p client.oauth_config
+id = res.oauth_params['user_id']
+
+puts
+puts "Access token usage example"
+puts "Hit [enter] to go"
+gets
+
+# Access to a protected resource. (DM)
+puts client.get("http://twitter.com/direct_messages.json")

data/test/helper.rb

@@ -1,9 +1,12 @@
 # -*- encoding: utf-8 -*-
 require 'test/unit'
-require 'simplecov'
-require 'simplecov-rcov'
-SimpleCov.formatter = SimpleCov::Formatter::RcovFormatter
-SimpleCov.start
+begin
+  require 'simplecov'
+  require 'simplecov-rcov'
+  SimpleCov.formatter = SimpleCov::Formatter::RcovFormatter
+  SimpleCov.start
+rescue LoadError
+end
 
 require 'httpclient'
 require 'webrick'

data/test/test_auth.rb

@@ -1,5 +1,5 @@
 require File.expand_path('helper', File.dirname(__FILE__))
-
+require 'digest/md5'
 
 class TestAuth < Test::Unit::TestCase
   include Helper
@@ -56,6 +56,23 @@ class TestAuth < Test::Unit::TestCase
       :UserDB => htdigest_userdb
     )
     @server_thread = start_server_thread(@server)
+
+    @proxy_digest_auth = WEBrick::HTTPAuth::ProxyDigestAuth.new(
+      :Logger => @proxylogger,
+      :Algorithm => 'MD5',
+      :Realm => 'auth',
+      :UserDB => htdigest_userdb
+    )
+
+    @proxyserver = WEBrick::HTTPProxyServer.new(
+      :ProxyAuthProc => @proxy_digest_auth.method(:authenticate).to_proc,
+      :BindAddress => "localhost",
+      :Logger => @proxylogger,
+      :Port => 0,
+      :AccessLog => []
+    )
+    @proxyport = @proxyserver.config[:Port]
+    @proxyserver_thread = start_server_thread(@proxyserver)
   end
 
   def do_basic_auth(req, res)
@@ -105,12 +122,32 @@ class TestAuth < Test::Unit::TestCase
     end
   end
 
+  def test_basic_auth_reuses_credentials
+    c = HTTPClient.new
+    c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
+    assert_equal('basic_auth OK', c.get_content("http://localhost:#{serverport}/basic_auth/"))
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    c.debug_dev = str = ''
+    c.get_content("http://localhost:#{serverport}/basic_auth/sub/dir/")
+    assert_match /Authorization: Basic YWRtaW46YWRtaW4=/, str
+  end
+
   def test_digest_auth
     c = HTTPClient.new
     c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
     assert_equal('digest_auth OK', c.get_content("http://localhost:#{serverport}/digest_auth"))
   end
 
+  def test_digest_auth_reuses_credentials
+    c = HTTPClient.new
+    c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
+    assert_equal('digest_auth OK', c.get_content("http://localhost:#{serverport}/digest_auth/"))
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    c.debug_dev = str = ''
+    c.get_content("http://localhost:#{serverport}/digest_auth/sub/dir/")
+    assert_match /Authorization: Digest/, str
+  end
+
   def test_digest_auth_with_block
     c = HTTPClient.new
     c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
@@ -147,6 +184,16 @@ class TestAuth < Test::Unit::TestCase
     assert_equal('digest_auth OKbar=baz', c.get_content("http://localhost:#{serverport}/digest_auth/foo?bar=baz"))
   end
 
+  def test_perfer_digest
+    c = HTTPClient.new
+    c.set_auth('http://example.com/', 'admin', 'admin')
+    c.test_loopback_http_response << "HTTP/1.0 401 Unauthorized\nWWW-Authenticate: Basic realm=\"foo\"\nWWW-Authenticate: Digest realm=\"foo\", nonce=\"nonce\", stale=false\nContent-Length: 2\n\nNG"
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    c.debug_dev = str = ''
+    c.get_content('http://example.com/')
+    assert_match(/^Authorization: Digest/, str)
+  end
+
   def test_digest_sess_auth
     c = HTTPClient.new
     c.set_auth("http://localhost:#{serverport}/", 'admin', 'admin')
@@ -163,6 +210,81 @@ class TestAuth < Test::Unit::TestCase
     assert_match(/Proxy-Authorization: Basic YWRtaW46YWRtaW4=/, str)
   end
 
+  def test_proxy_auth_reuses_credentials
+    c = HTTPClient.new
+    c.set_proxy_auth('admin', 'admin')
+    c.test_loopback_http_response << "HTTP/1.0 407 Unauthorized\nProxy-Authenticate: Basic realm=\"foo\"\nContent-Length: 2\n\nNG"
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    c.get_content('http://www1.example.com/')
+    c.debug_dev = str = ''
+    c.get_content('http://www2.example.com/')
+    assert_match(/Proxy-Authorization: Basic YWRtaW46YWRtaW4=/, str)
+  end
+
+  def test_digest_proxy_auth_loop
+    c = HTTPClient.new
+    c.set_proxy_auth('admin', 'admin')
+    c.test_loopback_http_response << "HTTP/1.0 407 Unauthorized\nProxy-Authenticate: Digest realm=\"foo\", nonce=\"nonce\", stale=false\nContent-Length: 2\n\nNG"
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    md5 = Digest::MD5.new
+    ha1 = md5.hexdigest("admin:foo:admin")
+    ha2 = md5.hexdigest("GET:/")
+    response = md5.hexdigest("#{ha1}:nonce:#{ha2}")
+    c.debug_dev = str = ''
+    c.get_content('http://example.com/')
+    assert_match(/Proxy-Authorization: Digest/, str)
+    assert_match(%r"response=\"#{response}\"", str)
+  end
+
+  def test_digest_proxy_auth
+    c=HTTPClient.new("http://localhost:#{proxyport}/")
+    c.set_proxy_auth('admin', 'admin')
+    c.set_auth("http://127.0.0.1:#{serverport}/", 'admin', 'admin')
+    assert_equal('basic_auth OK', c.get_content("http://127.0.0.1:#{serverport}/basic_auth"))
+  end
+
+  def test_digest_proxy_invalid_auth
+    c=HTTPClient.new("http://localhost:#{proxyport}/")
+    c.set_proxy_auth('admin', 'wrong')
+    c.set_auth("http://127.0.0.1:#{serverport}/", 'admin', 'admin')
+    assert_raises(HTTPClient::BadResponseError) do
+      c.get_content("http://127.0.0.1:#{serverport}/basic_auth")
+    end
+  end
+
+  def test_prefer_digest_to_basic_proxy_auth
+    c = HTTPClient.new
+    c.set_proxy_auth('admin', 'admin')
+    c.test_loopback_http_response << "HTTP/1.0 407 Unauthorized\nProxy-Authenticate: Digest realm=\"foo\", nonce=\"nonce\", stale=false\nProxy-Authenticate: Basic realm=\"bar\"\nContent-Length: 2\n\nNG"
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    md5 = Digest::MD5.new
+    ha1 = md5.hexdigest("admin:foo:admin")
+    ha2 = md5.hexdigest("GET:/")
+    response = md5.hexdigest("#{ha1}:nonce:#{ha2}")
+    c.debug_dev = str = ''
+    c.get_content('http://example.com/')
+    assert_match(/Proxy-Authorization: Digest/, str)
+    assert_match(%r"response=\"#{response}\"", str)
+  end
+
+  def test_digest_proxy_auth_reuses_credentials
+    c = HTTPClient.new
+    c.set_proxy_auth('admin', 'admin')
+    c.test_loopback_http_response << "HTTP/1.0 407 Unauthorized\nProxy-Authenticate: Digest realm=\"foo\", nonce=\"nonce\", stale=false\nContent-Length: 2\n\nNG"
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    c.test_loopback_http_response << "HTTP/1.0 200 OK\nContent-Length: 2\n\nOK"
+    md5 = Digest::MD5.new
+    ha1 = md5.hexdigest("admin:foo:admin")
+    ha2 = md5.hexdigest("GET:/")
+    response = md5.hexdigest("#{ha1}:nonce:#{ha2}")
+    c.get_content('http://www1.example.com/')
+    c.debug_dev = str = ''
+    c.get_content('http://www2.example.com/')
+    assert_match(/Proxy-Authorization: Digest/, str)
+    assert_match(%r"response=\"#{response}\"", str)
+  end
+
   def test_oauth
     c = HTTPClient.new
     config = HTTPClient::OAuth::Config.new(

data/test/test_httpclient.rb

@@ -134,6 +134,14 @@ class TestHTTPClient < Test::Unit::TestCase
     assert_equal("Host: foo", lines[4]) # use given param
   end
 
+  def test_redirect_returns_not_modified
+    assert_nothing_raised do
+      timeout(2) do
+        @client.get(serverurl + 'status', {:status => 306}, {:follow_redirect => true})
+      end
+    end
+  end
+
   def test_protocol_version_http11
     assert_equal(nil, @client.protocol_version)
     str = ""
@@ -167,7 +175,7 @@ class TestHTTPClient < Test::Unit::TestCase
     setup_proxyserver
     escape_noproxy do
       assert_raises(URI::InvalidURIError) do
-       	@client.proxy = "http://"
+        @client.proxy = "http://"
       end
       @client.proxy = ""
       assert_nil(@client.proxy)
@@ -387,6 +395,17 @@ EOS
     assert_equal('message body 1', res.content)
   end
 
+  def test_request_uri_in_response
+    @client.test_loopback_http_response << "HTTP/1.0 200 OK\ncontent-length: 100\n\nmessage body"
+    assert_equal(URI('http://google.com/'), @client.get('http://google.com/').header.request_uri)
+  end
+
+  def test_request_uri_in_response_when_redirect
+    expected = URI(serverurl + 'hello')
+    assert_equal(expected, @client.get(serverurl + 'redirect1', :follow_redirect => true).header.request_uri)
+    assert_equal(expected, @client.get(serverurl + 'redirect2', :follow_redirect => true).header.request_uri)
+  end
+
   def test_redirect_non_https
     url = serverurl + 'redirect1'
     https_url = URI.parse(url)
@@ -584,6 +603,13 @@ EOS
     assert_nil(res.contenttype)
   end
 
+  def test_head_follow_redirect
+    expected = URI(serverurl + 'hello')
+    assert_equal(expected, @client.head(serverurl + 'hello', :follow_redirect => true).header.request_uri)
+    assert_equal(expected, @client.head(serverurl + 'redirect1', :follow_redirect => true).header.request_uri)
+    assert_equal(expected, @client.head(serverurl + 'redirect2', :follow_redirect => true).header.request_uri)
+  end
+
   def test_get_follow_redirect
     assert_equal('hello', @client.get(serverurl + 'hello', :follow_redirect => true).body)
     assert_equal('hello', @client.get(serverurl + 'redirect1', :follow_redirect => true).body)
@@ -777,8 +803,10 @@ EOS
   def test_put
     assert_equal("put", @client.put(serverurl + 'servlet').content)
     param = {'1'=>'2', '3'=>'4'}
+    @client.debug_dev = str = ''
     res = @client.put(serverurl + 'servlet', param)
     assert_equal(param, params(res.header["x-query"][0]))
+    assert_equal('Content-Type: application/x-www-form-urlencoded', str.split(/\r?\n/)[5])
   end
 
   def test_put_bytesize
@@ -799,6 +827,14 @@ EOS
     assert_equal("delete", @client.delete(serverurl + 'servlet').content)
   end
 
+  # Not prohibited by spec, but normally it's ignored
+  def test_delete_with_body
+    param = {'1'=>'2', '3'=>'4'}
+    @client.debug_dev = str = ''
+    assert_equal("delete", @client.delete(serverurl + 'servlet', param).content)
+    assert_equal({'1' => ['2'], '3' => ['4']}, HTTP::Message.parse(str.split(/\r?\n\r?\n/)[2]))
+  end
+
   def test_delete_async
     conn = @client.delete_async(serverurl + 'servlet')
     Thread.pass while !conn.finished?
@@ -882,6 +918,18 @@ EOS
     assert_equal({}, check_query_get(''))
     assert_equal({'1'=>'2'}, check_query_get({1=>StringIO.new('2')}))
     assert_equal({'1'=>'2', '3'=>'4'}, check_query_get(StringIO.new('3=4&1=2')))
+
+    hash = check_query_get({"a"=>["A","a"], "B"=>"b"})
+    assert_equal({'a'=>'A', 'B'=>'b'}, hash)
+    assert_equal(['A','a'], hash['a'].to_ary)
+
+    hash = check_query_get({"a"=>WEBrick::HTTPUtils::FormData.new("A","a"), "B"=>"b"})
+    assert_equal({'a'=>'A', 'B'=>'b'}, hash)
+    assert_equal(['A','a'], hash['a'].to_ary)
+
+    hash = check_query_get({"a"=>[StringIO.new("A"),StringIO.new("a")], "B"=>StringIO.new("b")})
+    assert_equal({'a'=>'A', 'B'=>'b'}, hash)
+    assert_equal(['A','a'], hash['a'].to_ary)
   end
 
   def test_post_body
@@ -1002,7 +1050,7 @@ EOS
   def test_cookies
     cookiefile = File.join(File.dirname(File.expand_path(__FILE__)), 'test_cookies_file')
     File.open(cookiefile, "wb") do |f|
-      f << "http://rubyforge.org/account/login.php	session_ser	LjEwMy45Ni40Ni0q%2A-fa0537de8cc31	2000000000	.rubyforge.org	/	13\n"
+      f << "http://rubyforge.org/account/login.php\tsession_ser\tLjEwMy45Ni40Ni0q%2A-fa0537de8cc31\t2000000000\t.rubyforge.org\t/\t13\n"
     end
     @client.set_cookie_store(cookiefile)
     cookie = @client.cookie_manager.cookies.first
@@ -1014,7 +1062,7 @@ EOS
     @client.get_content('http://rubyforge.org/account/login.php')
     @client.save_cookie_store
     str = File.read(cookiefile)
-    assert_match(%r(http://rubyforge.org/account/login.php	foo	bar	1924873200	rubyforge.org	/account	1), str)
+    assert_match(%r(http://rubyforge.org/account/login.php\tfoo\tbar\t1924873200\trubyforge.org\t/account\t1), str)
     File.unlink(cookiefile)
   end
 
@@ -1460,8 +1508,8 @@ private
     @serverport = @server.config[:Port]
     [:hello, :sleep, :servlet_redirect, :redirect1, :redirect2, :redirect3, :redirect_self, :relative_redirect, :chunked, :largebody, :status, :compressed, :charset].each do |sym|
       @server.mount(
-	"/#{sym}",
-	WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
+        "/#{sym}",
+        WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
       )
     end
     @server.mount('/servlet', TestServlet.new(@server))
@@ -1489,11 +1537,11 @@ private
   end
 
   def do_servlet_redirect(req, res)
-    res.set_redirect(WEBrick::HTTPStatus::Found, serverurl + "servlet") 
+    res.set_redirect(WEBrick::HTTPStatus::Found, serverurl + "servlet")
   end
 
   def do_redirect1(req, res)
-    res.set_redirect(WEBrick::HTTPStatus::MovedPermanently, serverurl + "hello") 
+    res.set_redirect(WEBrick::HTTPStatus::MovedPermanently, serverurl + "hello")
   end
 
   def do_redirect2(req, res)
@@ -1501,15 +1549,15 @@ private
   end
 
   def do_redirect3(req, res)
-    res.set_redirect(WEBrick::HTTPStatus::Found, serverurl + "hello") 
+    res.set_redirect(WEBrick::HTTPStatus::Found, serverurl + "hello")
   end
 
   def do_redirect_self(req, res)
-    res.set_redirect(WEBrick::HTTPStatus::Found, serverurl + "redirect_self") 
+    res.set_redirect(WEBrick::HTTPStatus::Found, serverurl + "redirect_self")
   end
 
   def do_relative_redirect(req, res)
-    res.set_redirect(WEBrick::HTTPStatus::Found, "hello") 
+    res.set_redirect(WEBrick::HTTPStatus::Found, "hello")
   end
 
   def do_chunked(req, res)
@@ -1555,7 +1603,7 @@ private
     end
 
     def do_HEAD(req, res)
-      res["x-head"] = 'head'	# use this for test purpose only.
+      res["x-head"] = 'head'    # use this for test purpose only.
       res["x-query"] = query_response(req)
     end
 
@@ -1615,9 +1663,9 @@ private
     def query_escape(query)
       escaped = []
       query.sort_by { |k, v| k }.collect do |k, v|
-	v.to_ary.each do |ve|
-	  escaped << CGI.escape(k) + '=' + CGI.escape(ve)
-	end
+        v.to_ary.each do |ve|
+          escaped << CGI.escape(k) + '=' + CGI.escape(ve)
+        end
       end
       escaped.join('&')
     end

data/test/test_include_client.rb

@@ -0,0 +1,52 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('helper', File.dirname(__FILE__))
+
+require 'httpclient/include_client'
+class TestIncludeClient < Test::Unit::TestCase
+  class Widget
+      extend HTTPClient::IncludeClient
+
+      include_http_client("http://example.com") do |client|
+        client.cookie_manager = nil
+        client.agent_name = "iMonkey 4k"
+      end
+  end
+
+  class OtherWidget
+    extend HTTPClient::IncludeClient
+
+    include_http_client
+    include_http_client(:method_name => :other_http_client)
+  end
+  
+  class UnrelatedBlankClass ; end
+
+  def test_client_class_level_singleton
+    assert_equal Widget.http_client.object_id, Widget.http_client.object_id
+
+    assert_equal Widget.http_client.object_id, Widget.new.http_client.object_id
+
+    assert_not_equal Widget.http_client.object_id, OtherWidget.http_client.object_id
+  end
+
+  def test_configured
+    assert_equal Widget.http_client.agent_name, "iMonkey 4k"
+    assert_nil Widget.http_client.cookie_manager
+    assert_equal Widget.http_client.proxy.to_s, "http://example.com"
+  end
+  
+  def test_two_includes
+    assert_not_equal OtherWidget.http_client.object_id, OtherWidget.other_http_client.object_id
+    
+    assert_equal OtherWidget.other_http_client.object_id, OtherWidget.new.other_http_client.object_id          
+  end
+  
+  # meta-programming gone wrong sometimes accidentally
+  # adds the class method to _everyone_, a mistake we've made before. 
+  def test_not_infected_class_hieararchy
+    assert ! Class.respond_to?(:http_client)
+    assert ! UnrelatedBlankClass.respond_to?(:http_client)
+  end
+
+
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: httpclient
 version: !ruby/object:Gem::Version
-  version: 2.2.5
+  version: 2.2.6
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-05-06 00:00:00.000000000 Z
+date: 2012-08-14 00:00:00.000000000 Z
 dependencies: []
 description: 
 email: nahi@ruby-lang.org
@@ -24,6 +24,7 @@ files:
 - lib/httpclient/timeout.rb
 - lib/httpclient/version.rb
 - lib/httpclient/connection.rb
+- lib/httpclient/include_client.rb
 - lib/httpclient/session.rb
 - lib/httpclient/cacert.p7s
 - lib/httpclient/cookie.rb
@@ -46,6 +47,7 @@ files:
 - sample/ssl/htdocs/index.html
 - sample/ssl/0cert.pem
 - sample/ssl/webrick_httpsd.rb
+- sample/oauth_salesforce_10.rb
 - sample/thread.rb
 - sample/oauth_friendfeed.rb
 - sample/oauth_twitter.rb
@@ -63,6 +65,7 @@ files:
 - test/htpasswd
 - test/test_auth.rb
 - test/client.key
+- test/test_include_client.rb
 - test/helper.rb
 - test/ca.cert
 - test/sslsvr.rb
@@ -85,7 +88,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -3213102379838367907
+      hash: 1629827102590288352
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -94,7 +97,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -3213102379838367907
+      hash: 1629827102590288352
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.23