mojodna-oauth 0.3.2.1 → 0.3.2.2

data/History.txt

@@ -1,6 +1,10 @@
 == 0.3.3 / 0.4.0
 
 * Corrected OAuth XMPP namespace (Seth)
+* Improved error handling for invalid Authorization headers (Matt Sanford)
+* Fixed signatures for non-ASCII under $KCODE other than 'u' (Matt Sanford)
+* Fixed edge cases in ActionControllerRequestProxy where params were being
+  incorrectly signed (Marcos Wright Kuhns)
 
 == 0.3.2 2009-03-23
 

data/Manifest.txt

@@ -68,6 +68,7 @@ test/test_helper.rb
 test/test_hmac_sha1.rb
 test/test_net_http_client.rb
 test/test_net_http_request_proxy.rb
+test/test_oauth_helper.rb
 test/test_rack_request_proxy.rb
 test/test_request_token.rb
 test/test_rsa_sha1.rb

data/lib/oauth/consumer.rb

@@ -1,5 +1,6 @@
 require 'net/http'
 require 'net/https'
+require 'oauth/oauth'
 require 'oauth/client/net_http'
 require 'oauth/errors'
 

data/lib/oauth/helper.rb

@@ -38,6 +38,9 @@ module OAuth
       # decompose
       params = header[6,header.length].split(/[,=]/)
 
+      # odd number of arguments - must be a malformed header.
+      raise OAuth::Problem.new("Invalid authorization header") if params.size % 2 != 0
+
       # strip and unescape
       params.map! { |v| unescape(v.strip) }
 

data/lib/oauth/oauth.rb

@@ -3,5 +3,5 @@ module OAuth
   PARAMETERS = %w(oauth_consumer_key oauth_token oauth_signature_method oauth_timestamp oauth_nonce oauth_version oauth_signature)
 
   # reserved character regexp, per section 5.1
-  RESERVED_CHARACTERS = /[^\w\d\-\.\_\~]/
+  RESERVED_CHARACTERS = /[^a-zA-Z0-9\-\.\_\~]/
 end

data/lib/oauth/request_proxy/action_controller_request.rb

@@ -35,7 +35,7 @@ module OAuth::RequestProxy
       unless options[:clobber_request]
         params << header_params.to_query
         params << request.query_string unless request.query_string.blank?
-        if request.content_type == Mime::Type.lookup("application/x-www-form-urlencoded")
+        if request.post? && request.content_type == Mime::Type.lookup("application/x-www-form-urlencoded")
           params << request.raw_post
         end
       end

data/lib/oauth/version.rb

@@ -1,3 +1,3 @@
 module OAuth #:nodoc:
-  VERSION = '0.3.2.1'
+  VERSION = '0.3.2.2'
 end

data/oauth.gemspec

@@ -2,7 +2,7 @@
 
 Gem::Specification.new do |s|
   s.name = %q{oauth}
-  s.version = "0.3.2.1"
+  s.version = "0.3.2.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
@@ -12,7 +12,7 @@ Gem::Specification.new do |s|
   s.email = %q{oauth-ruby@googlegroups.com}
   s.executables = ["oauth"]
   s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "website/index.txt"]
-  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "examples/yql.rb", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/errors.rb", "lib/oauth/errors/error.rb", "lib/oauth/errors/problem.rb", "lib/oauth/errors/unauthorized.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/tokens/access_token.rb", "lib/oauth/tokens/consumer_token.rb", "lib/oauth/tokens/request_token.rb", "lib/oauth/tokens/server_token.rb", "lib/oauth/tokens/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
+  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "examples/yql.rb", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/errors.rb", "lib/oauth/errors/error.rb", "lib/oauth/errors/problem.rb", "lib/oauth/errors/unauthorized.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/tokens/access_token.rb", "lib/oauth/tokens/consumer_token.rb", "lib/oauth/tokens/request_token.rb", "lib/oauth/tokens/server_token.rb", "lib/oauth/tokens/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
   s.has_rdoc = true
   s.homepage = %q{http://oauth.rubyforge.org}
   s.rdoc_options = ["--main", "README.rdoc"]
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
   s.rubyforge_project = %q{oauth}
   s.rubygems_version = %q{1.3.1}
   s.summary = %q{OAuth Core Ruby implementation}
-  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
+  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
 
   if s.respond_to? :specification_version then
     current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION

data/test/test_action_controller_request_proxy.rb

@@ -5,34 +5,116 @@ require 'action_controller/test_process'
 
 class ActionControllerRequestProxyTest < Test::Unit::TestCase
 
-  def request_proxy(parameters={})
-    request = ActionController::TestRequest.new({}, parameters)
+  def request_proxy(request_method = :get, uri_params = {}, body_params = {})
+    request = ActionController::TestRequest.new
+
+    case request_method
+    when :post
+      request.env['REQUEST_METHOD'] = 'POST'
+    when :put
+      request.env['REQUEST_METHOD'] = 'PUT'
+    end
+
+    request.env['RAW_POST_DATA'] = body_params.to_query
     request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
+
     yield request if block_given?
-    OAuth::RequestProxy.proxy(request)
+    OAuth::RequestProxy.proxy(request, :parameters=>uri_params)
+  end
+
+  def test_that_proxy_simple_get_request_works_with_query_params
+    request_proxy = request_proxy(:get, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works_with_query_params
+    request_proxy = request_proxy(:post, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_query_params
+    request_proxy = request_proxy(:put, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'PUT', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_post_params
+    request_proxy = request_proxy(:get, {}, {'key'=>'value'})
+
+    expected_parameters = []
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works_with_post_params
+    request_proxy = request_proxy(:post, {}, {'key'=>'value'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_post_params
+    request_proxy = request_proxy(:put, {}, {'key'=>'value'})
+
+    expected_parameters = []
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'PUT', request_proxy.method
   end
- 
+
+  def test_that_proxy_simple_put_request_works_with_mixed_params
+    request_proxy = request_proxy(:get, {'key'=>'value'}, {'key2'=>'value2'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works_with_mixed_params
+    request_proxy = request_proxy(:post, {'key'=>'value'}, {'key2'=>'value2'})
+
+    expected_parameters = [["key", "value"],["key2", "value2"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_mixed_params
+    request_proxy = request_proxy(:put, {'key'=>'value'}, {'key2'=>'value2'})
+
+    expected_parameters = [["key", "value"]]
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'PUT', request_proxy.method
+  end
+
   def test_parameter_keys_should_preserve_brackets_from_hash
     assert_equal(
       [["message[body]", "This is a test"]],
-      request_proxy({ :message => { :body => 'This is a test' }}).parameters_for_signature
+      request_proxy(:post, { :message => { :body => 'This is a test' }}).parameters_for_signature
     )
   end
-  
+
   def test_parameter_values_with_amps_should_not_break_parameter_parsing
     assert_equal(
       [['message[body]', 'http://foo.com/?a=b&c=d']],
-      request_proxy({ :message => { :body => 'http://foo.com/?a=b&c=d'}}).parameters_for_signature
+      request_proxy(:post, { :message => { :body => 'http://foo.com/?a=b&c=d'}}).parameters_for_signature
     )
   end
 
   def test_parameter_keys_should_preserve_brackets_from_array
     assert_equal(
       [["foo[]", "123"], ["foo[]", "456"]],
-      request_proxy({ :foo => [123, 456] }).parameters_for_signature.sort
+      request_proxy(:post, { :foo => [123, 456] }).parameters_for_signature.sort
     )
   end
-  
+
   def test_query_string_parameter_values_should_be_cgi_unescaped
     request = request_proxy do |r|
       r.env['QUERY_STRING'] = 'url=http%3A%2F%2Ffoo.com%2F%3Fa%3Db%26c%3Dd'

data/test/test_net_http_client.rb

@@ -16,7 +16,7 @@ class NetHTTPClientTest < Test::Unit::TestCase
   def test_that_using_auth_headers_on_get_requests_works
     request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
     request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
-    
+
     assert_equal 'GET', request.method
     assert_equal '/test?key=value', request.path
     assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
@@ -32,17 +32,6 @@ class NetHTTPClientTest < Test::Unit::TestCase
     assert_equal 'key=value', request.body
     assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
   end
- 
-  def test_that_using_post_params_works
-    request = Net::HTTP::Post.new(@request_uri.path)
-    request.set_form_data( @request_parameters )
-    request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
-
-    assert_equal 'POST', request.method
-    assert_equal '/test', request.path
-    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
-    assert_equal nil, request['authorization']
-  end
 
   def test_that_using_get_params_works
     request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
@@ -56,7 +45,18 @@ class NetHTTPClientTest < Test::Unit::TestCase
     assert_equal nil, request['authorization']
   end
 
-  def test_that_using_get_params_works_with_post_requests
+  def test_that_using_post_params_works
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_post_with_uri_params_works
     request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
     request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
 
@@ -69,7 +69,7 @@ class NetHTTPClientTest < Test::Unit::TestCase
     assert_equal nil, request['authorization']
   end
 
-  def test_that_using_get_params_works_with_post_requests_that_have_post_bodies
+  def test_that_using_post_with_uri_and_form_params_works
     request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
     request.set_form_data( { 'key2' => 'value2' } )
     request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
@@ -82,8 +82,8 @@ class NetHTTPClientTest < Test::Unit::TestCase
     assert_equal "key2=value2", request.body
     assert_equal nil, request['authorization']
   end
-  
-  
+
+
   def test_example_from_specs
     consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
     token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
@@ -101,22 +101,22 @@ class NetHTTPClientTest < Test::Unit::TestCase
 
     assert_equal 'GET', request.method
     assert_equal 'OAuth realm="http://photos.example.net/", oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort, request['authorization'].split(', ').sort
-    
+
   end
-  
+
   def test_step_by_step_token_request
-    consumer=OAuth::Consumer.new( 
+    consumer=OAuth::Consumer.new(
         "key",
         "secret")
     request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
     nonce = rand(2**128).to_s
     timestamp = Time.now.to_i.to_s
     http = Net::HTTP.new(request_uri.host, request_uri.port)
- 
+
     request = Net::HTTP::Get.new(request_uri.path)
     signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
     assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_version%3D1.0",signature_base_string
- 
+
 #    request = Net::HTTP::Get.new(request_uri.path)
     request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
     assert_equal 'GET', request.method
@@ -129,7 +129,7 @@ class NetHTTPClientTest < Test::Unit::TestCase
 #    assert_equal request['authorization'],response.body
     assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
   end
-  
+
   def test_that_put_bodies_not_signed
     request = Net::HTTP::Put.new(@request_uri.path)
     request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
@@ -144,14 +144,14 @@ class NetHTTPClientTest < Test::Unit::TestCase
     signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
     assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
   end
-  
+
   def test_that_post_bodies_signed_if_form_urlencoded
     request = Net::HTTP::Post.new(@request_uri.path)
     request.set_form_data( { 'key2' => 'value2' } )
     signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
     assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
   end
-  
+
   def test_that_post_bodies_not_signed_if_other_content_type
     request = Net::HTTP::Post.new(@request_uri.path)
     request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"

data/test/test_net_http_request_proxy.rb

@@ -8,29 +8,64 @@ class NetHTTPRequestProxyTest < Test::Unit::TestCase
     request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
 
     expected_parameters = {'key' => ['value']}
-    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
     assert_equal 'http://example.com/test', request_proxy.normalized_uri
     assert_equal 'GET', request_proxy.method
   end
 
-  def test_that_proxy_simple_post_request_works
+  def test_that_proxy_simple_post_request_works_with_arguments
     request = Net::HTTP::Post.new('/test')
     params = {'key' => 'value'}
     request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
 
     expected_parameters = {'key' => ['value']}
-    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
     assert_equal 'http://example.com/test', request_proxy.normalized_uri
     assert_equal 'POST', request_proxy.method
   end
 
-  def test_that_proxy_post_and_get_request_works
+  def test_that_proxy_simple_post_request_works_with_form_data
+    request = Net::HTTP::Post.new('/test')
+    params = {'key' => 'value'}
+    request.set_form_data(params)
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_argugments
+    request = Net::HTTP::Put.new('/test')
+    params = {'key' => 'value'}
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'PUT', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_form_data
+    request = Net::HTTP::Put.new('/test')
+    params = {'key' => 'value'}
+    request.set_form_data(params)
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
+
+    expected_parameters = {}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'PUT', request_proxy.method
+  end
+
+  def test_that_proxy_post_request_works_with_mixed_parameter_sources
     request = Net::HTTP::Post.new('/test?key=value')
-    params = {'key2' => 'value2'}
-    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => params})
+    request.set_form_data({'key2' => 'value2'})
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => {'key3' => 'value3'}})
 
-    expected_parameters = {'key' => ['value'], 'key2' => ['value2']}
-    assert_equal expected_parameters, request_proxy.parameters
+    expected_parameters = {'key' => ['value'], 'key2' => ['value2'], 'key3' => ['value3']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
     assert_equal 'http://example.com/test', request_proxy.normalized_uri
     assert_equal 'POST', request_proxy.method
   end

data/test/test_oauth_helper.rb

@@ -0,0 +1,43 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/helper'
+
+class TestOAuthHelper < Test::Unit::TestCase
+
+  def test_parse_valid_header
+    header = 'OAuth ' \
+             'realm="http://example.com/method", ' \
+             'oauth_consumer_key="vince_clortho", ' \
+             'oauth_token="token_value", ' \
+             'oauth_signature_method="HMAC-SHA1", ' \
+             'oauth_signature="signature_here", ' \
+             'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
+             'oauth_version="1.0" '
+
+    params = OAuth::Helper.parse_header(header)
+
+    assert_equal "http://example.com/method", params['realm']
+  end
+
+  def test_parse_header_ill_formed
+    header = "OAuth garbage"
+
+    assert_raise OAuth::Problem do
+      OAuth::Helper.parse_header(header)
+    end
+  end
+
+  def test_parse_header_contains_equals
+    header = 'OAuth ' \
+             'realm="http://example.com/method", ' \
+             'oauth_consumer_key="vince_clortho", ' \
+             'oauth_token="token_value", ' \
+             'oauth_signature_method="HMAC-SHA1", ' \
+             'oauth_signature="signature_here_with_=", ' \
+             'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
+             'oauth_version="1.0" '
+
+    assert_raise OAuth::Problem do
+      OAuth::Helper.parse_header(header)
+    end
+  end
+end

data/test/test_signature.rb

@@ -1,11 +1,19 @@
-require File.dirname(__FILE__) + '/test_helper.rb'
-
-class TestOauth < Test::Unit::TestCase
-
-  def setup
-  end
-  
-  def test_truth
-    assert true
-  end
-end
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class TestOauth < Test::Unit::TestCase
+
+  def test_parameter_escaping_kcode_invariant
+    old = $KCODE
+    begin
+      %w(n N e E s S u U).each do |kcode|
+        $KCODE = kcode
+        assert_equal '%E3%81%82', OAuth::Helper.escape('あ'),
+                      "Failed to correctly escape Japanese under $KCODE = #{kcode}"
+        assert_equal '%C3%A9', OAuth::Helper.escape('é'),
+                      "Failed to correctly escape e+acute under $KCODE = #{kcode}"
+      end
+    ensure
+      $KCODE = old
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: mojodna-oauth
 version: !ruby/object:Gem::Version 
-  version: 0.3.2.1
+  version: 0.3.2.2
 platform: ruby
 authors: 
 - Pelle Braendgaard
@@ -150,6 +150,7 @@ files:
 - test/test_hmac_sha1.rb
 - test/test_net_http_client.rb
 - test/test_net_http_request_proxy.rb
+- test/test_oauth_helper.rb
 - test/test_rack_request_proxy.rb
 - test/test_request_token.rb
 - test/test_rsa_sha1.rb
@@ -202,6 +203,7 @@ test_files:
 - test/test_hmac_sha1.rb
 - test/test_net_http_client.rb
 - test/test_net_http_request_proxy.rb
+- test/test_oauth_helper.rb
 - test/test_rack_request_proxy.rb
 - test/test_request_token.rb
 - test/test_rsa_sha1.rb