oauth-instructure 0.4.8
Sign up to get free protection for your applications and to get access to all the features.
- data/.gemtest +0 -0
- data/Gemfile +16 -0
- data/Gemfile.lock +47 -0
- data/HISTORY +174 -0
- data/LICENSE +20 -0
- data/README.rdoc +75 -0
- data/Rakefile +37 -0
- data/TODO +32 -0
- data/bin/oauth +5 -0
- data/examples/yql.rb +44 -0
- data/lib/digest/hmac.rb +104 -0
- data/lib/oauth.rb +13 -0
- data/lib/oauth/cli.rb +378 -0
- data/lib/oauth/client.rb +4 -0
- data/lib/oauth/client/action_pack.rb +9 -0
- data/lib/oauth/client/em_http.rb +120 -0
- data/lib/oauth/client/helper.rb +91 -0
- data/lib/oauth/client/net_http.rb +120 -0
- data/lib/oauth/consumer.rb +389 -0
- data/lib/oauth/core_ext.rb +31 -0
- data/lib/oauth/errors.rb +3 -0
- data/lib/oauth/errors/error.rb +4 -0
- data/lib/oauth/errors/problem.rb +14 -0
- data/lib/oauth/errors/unauthorized.rb +12 -0
- data/lib/oauth/helper.rb +109 -0
- data/lib/oauth/oauth.rb +13 -0
- data/lib/oauth/oauth_test_helper.rb +25 -0
- data/lib/oauth/request_proxy.rb +24 -0
- data/lib/oauth/request_proxy/action_controller_request.rb +116 -0
- data/lib/oauth/request_proxy/action_dispatch_request.rb +113 -0
- data/lib/oauth/request_proxy/base.rb +174 -0
- data/lib/oauth/request_proxy/curb_request.rb +55 -0
- data/lib/oauth/request_proxy/em_http_request.rb +66 -0
- data/lib/oauth/request_proxy/jabber_request.rb +41 -0
- data/lib/oauth/request_proxy/mock_request.rb +44 -0
- data/lib/oauth/request_proxy/net_http.rb +73 -0
- data/lib/oauth/request_proxy/rack_request.rb +44 -0
- data/lib/oauth/request_proxy/typhoeus_request.rb +53 -0
- data/lib/oauth/server.rb +66 -0
- data/lib/oauth/signature.rb +45 -0
- data/lib/oauth/signature/base.rb +110 -0
- data/lib/oauth/signature/hmac/base.rb +15 -0
- data/lib/oauth/signature/hmac/md5.rb +8 -0
- data/lib/oauth/signature/hmac/rmd160.rb +8 -0
- data/lib/oauth/signature/hmac/sha1.rb +9 -0
- data/lib/oauth/signature/hmac/sha2.rb +8 -0
- data/lib/oauth/signature/md5.rb +13 -0
- data/lib/oauth/signature/plaintext.rb +23 -0
- data/lib/oauth/signature/rsa/sha1.rb +46 -0
- data/lib/oauth/signature/sha1.rb +13 -0
- data/lib/oauth/token.rb +7 -0
- data/lib/oauth/tokens/access_token.rb +71 -0
- data/lib/oauth/tokens/consumer_token.rb +33 -0
- data/lib/oauth/tokens/request_token.rb +32 -0
- data/lib/oauth/tokens/server_token.rb +9 -0
- data/lib/oauth/tokens/token.rb +17 -0
- data/oauth.gemspec +148 -0
- data/tasks/deployment.rake +34 -0
- data/tasks/environment.rake +7 -0
- data/tasks/website.rake +17 -0
- data/test/cases/oauth_case.rb +19 -0
- data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
- data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
- data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
- data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
- data/test/integration/consumer_test.rb +307 -0
- data/test/keys/rsa.cert +11 -0
- data/test/keys/rsa.pem +16 -0
- data/test/test_access_token.rb +26 -0
- data/test/test_action_controller_request_proxy.rb +133 -0
- data/test/test_consumer.rb +220 -0
- data/test/test_curb_request_proxy.rb +77 -0
- data/test/test_em_http_client.rb +80 -0
- data/test/test_em_http_request_proxy.rb +115 -0
- data/test/test_helper.rb +28 -0
- data/test/test_hmac_sha1.rb +20 -0
- data/test/test_net_http_client.rb +292 -0
- data/test/test_net_http_request_proxy.rb +72 -0
- data/test/test_oauth_helper.rb +94 -0
- data/test/test_rack_request_proxy.rb +40 -0
- data/test/test_request_token.rb +51 -0
- data/test/test_rsa_sha1.rb +59 -0
- data/test/test_server.rb +40 -0
- data/test/test_signature.rb +22 -0
- data/test/test_signature_base.rb +32 -0
- data/test/test_signature_plain_text.rb +31 -0
- data/test/test_token.rb +14 -0
- data/test/test_typhoeus_request_proxy.rb +80 -0
- metadata +274 -0
@@ -0,0 +1,80 @@
|
|
1
|
+
require File.expand_path('../test_helper', __FILE__)
|
2
|
+
begin
|
3
|
+
|
4
|
+
require 'oauth/client/em_http'
|
5
|
+
|
6
|
+
class EmHttpClientTest < Test::Unit::TestCase
|
7
|
+
|
8
|
+
def setup
|
9
|
+
@consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
|
10
|
+
@token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
|
11
|
+
@request_uri = URI.parse('http://example.com/test?key=value')
|
12
|
+
@request_parameters = { 'key' => 'value' }
|
13
|
+
@nonce = 225579211881198842005988698334675835446
|
14
|
+
@timestamp = "1199645624"
|
15
|
+
# This is really unneeded I guess.
|
16
|
+
@http = Net::HTTP.new(@request_uri.host, @request_uri.port)
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_that_using_auth_headers_on_get_requests_works
|
20
|
+
request = create_client
|
21
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
22
|
+
|
23
|
+
assert_equal 'GET', request.method
|
24
|
+
assert_equal '/test', request.normalize_uri.path
|
25
|
+
assert_equal "key=value", request.normalize_uri.query
|
26
|
+
assert_equal_authz_headers "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"", authz_header(request)
|
27
|
+
end
|
28
|
+
|
29
|
+
def test_that_using_auth_headers_on_get_requests_works_with_plaintext
|
30
|
+
require 'oauth/signature/plaintext'
|
31
|
+
c = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237',{
|
32
|
+
:signature_method => 'PLAINTEXT'
|
33
|
+
})
|
34
|
+
request = create_client
|
35
|
+
request.oauth!(@http, c, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
36
|
+
|
37
|
+
assert_equal 'GET', request.method
|
38
|
+
assert_equal '/test', request.normalize_uri.path
|
39
|
+
assert_equal "key=value", request.normalize_uri.query
|
40
|
+
assert_equal_authz_headers "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"PLAINTEXT\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", authz_header(request)
|
41
|
+
end
|
42
|
+
|
43
|
+
def test_that_using_auth_headers_on_post_requests_works
|
44
|
+
request = create_client(:uri => "http://example.com/test", :method => "POST", :body => @request_parameters, :head => {"Content-Type" => "application/x-www-form-urlencoded"})
|
45
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
46
|
+
|
47
|
+
assert_equal 'POST', request.method
|
48
|
+
assert_equal '/test', request.uri.path
|
49
|
+
assert_equal 'key=value', request.normalize_body
|
50
|
+
assert_equal_authz_headers "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"", authz_header(request)
|
51
|
+
end
|
52
|
+
|
53
|
+
protected
|
54
|
+
|
55
|
+
def create_client(options = {})
|
56
|
+
method = options.delete(:method) || "GET"
|
57
|
+
uri = options.delete(:uri) || @request_uri.to_s
|
58
|
+
client = EventMachine::HttpClient.new("")
|
59
|
+
client.uri = URI.parse(uri)
|
60
|
+
client.method = method.to_s.upcase
|
61
|
+
client.options = options
|
62
|
+
client
|
63
|
+
end
|
64
|
+
|
65
|
+
def authz_header(request)
|
66
|
+
headers = request.options[:head] || {}
|
67
|
+
headers['Authorization'].to_s
|
68
|
+
end
|
69
|
+
|
70
|
+
def assert_equal_authz_headers(expected, actual)
|
71
|
+
assert !actual.nil?
|
72
|
+
assert_equal expected[0,6], actual[0, 6]
|
73
|
+
assert_equal expected[6..1].split(', ').sort, actual[6..1].split(', ').sort
|
74
|
+
end
|
75
|
+
|
76
|
+
end
|
77
|
+
|
78
|
+
rescue LoadError => e
|
79
|
+
warn "! problem loading em-http, skipping these tests: #{e}"
|
80
|
+
end
|
@@ -0,0 +1,115 @@
|
|
1
|
+
require File.expand_path('../test_helper', __FILE__)
|
2
|
+
|
3
|
+
begin
|
4
|
+
|
5
|
+
require 'em-http'
|
6
|
+
require 'oauth/request_proxy/em_http_request'
|
7
|
+
|
8
|
+
|
9
|
+
class EmHttpRequestProxyTest < Test::Unit::TestCase
|
10
|
+
|
11
|
+
def test_request_proxy_works_with_simple_request
|
12
|
+
proxy = create_request_proxy
|
13
|
+
assert_equal({}, proxy.parameters)
|
14
|
+
end
|
15
|
+
|
16
|
+
def test_request_proxy_works_with_query_string_params
|
17
|
+
assert_equal({"name" => ["Fred"]}, create_request_proxy(:query => "name=Fred").parameters)
|
18
|
+
assert_equal({"name" => ["Fred"]}, create_request_proxy(:query => {:name => "Fred"}).parameters)
|
19
|
+
proxy = create_request_proxy(:query => {:name => "Fred"}, :uri => "http://example.com/?awesome=true")
|
20
|
+
assert_equal({"name" => ["Fred"], "awesome" => ["true"]}, proxy.parameters)
|
21
|
+
end
|
22
|
+
|
23
|
+
def test_request_proxy_works_with_post_body_params_with_correct_content_type
|
24
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "POST"
|
25
|
+
assert_equal({}, proxy.parameters)
|
26
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "POST", :body => "a=1"
|
27
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
28
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "POST", :body => {"a" => 1}
|
29
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
30
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "PUT"
|
31
|
+
assert_equal({}, proxy.parameters)
|
32
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "PUT", :body => "a=1"
|
33
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
34
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "PUT", :body => {"a" => 1}
|
35
|
+
assert_equal({"a" => ["1"]}, proxy.parameters)
|
36
|
+
end
|
37
|
+
|
38
|
+
def test_request_proxy_ignore_post_body_with_invalid_content_type
|
39
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "POST"
|
40
|
+
assert_equal({}, proxy.parameters)
|
41
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "POST", :body => "a=1"
|
42
|
+
assert_equal({}, proxy.parameters)
|
43
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "POST", :body => {"a" => 1}
|
44
|
+
assert_equal({}, proxy.parameters)
|
45
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "PUT"
|
46
|
+
assert_equal({}, proxy.parameters)
|
47
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "PUT", :body => "a=1"
|
48
|
+
assert_equal({}, proxy.parameters)
|
49
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'text/plain'}, :method => "PUT", :body => {"a" => 1}
|
50
|
+
assert_equal({}, proxy.parameters)
|
51
|
+
end
|
52
|
+
|
53
|
+
def test_request_proxy_ignores_post_body_with_invalid_method
|
54
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "DELETE"
|
55
|
+
assert_equal({}, proxy.parameters)
|
56
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "DELETE", :body => "a=1"
|
57
|
+
assert_equal({}, proxy.parameters)
|
58
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "DELETE", :body => {"a" => 1}
|
59
|
+
assert_equal({}, proxy.parameters)
|
60
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "GET"
|
61
|
+
assert_equal({}, proxy.parameters)
|
62
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "GET", :body => "a=1"
|
63
|
+
assert_equal({}, proxy.parameters)
|
64
|
+
proxy = create_request_proxy :head => {'Content-Type' => 'application/x-www-form-urlencoded'}, :method => "GET", :body => {"a" => 1}
|
65
|
+
assert_equal({}, proxy.parameters)
|
66
|
+
end
|
67
|
+
|
68
|
+
def test_request_proxy_works_with_argument_params
|
69
|
+
assert_equal({"a" => ["1"]}, create_request_proxy(:proxy_options => {:parameters => {"a" => "1"}}).parameters)
|
70
|
+
end
|
71
|
+
|
72
|
+
def test_request_proxy_works_with_mixed_params
|
73
|
+
proxy = create_request_proxy(:proxy_options => {:parameters => {"a" => "1"}},:query => {"c" => "1"}, :uri => "http://example.com/test?b=1")
|
74
|
+
assert_equal({"a" => ["1"], "b" => ["1"], "c" => ["1"]}, proxy.parameters)
|
75
|
+
proxy = create_request_proxy(:proxy_options => {:parameters => {"a" => "1"}}, :body => {"b" => "1"}, :query => {"c" => "1"},
|
76
|
+
:uri => "http://example.com/test?d=1", :method => "POST", :head => {"Content-Type" => "application/x-www-form-urlencoded"})
|
77
|
+
assert_equal({"a" => ["1"], "b" => ["1"], "c" => ["1"], "d" => ["1"]}, proxy.parameters)
|
78
|
+
end
|
79
|
+
|
80
|
+
def test_request_has_the_correct_uri
|
81
|
+
assert_equal "http://example.com/", create_request_proxy.uri
|
82
|
+
assert_equal "http://example.com/?a=1", create_request_proxy(:query => "a=1").uri
|
83
|
+
assert_equal "http://example.com/?a=1", create_request_proxy(:query => {"a" => "1"}).uri
|
84
|
+
|
85
|
+
end
|
86
|
+
|
87
|
+
def test_request_proxy_has_correct_method
|
88
|
+
assert_equal "GET", create_request_proxy(:method => "GET").method
|
89
|
+
assert_equal "PUT", create_request_proxy(:method => "PUT").method
|
90
|
+
assert_equal "POST", create_request_proxy(:method => "POST").method
|
91
|
+
assert_equal "DELETE", create_request_proxy(:method => "DELETE").method
|
92
|
+
end
|
93
|
+
|
94
|
+
protected
|
95
|
+
|
96
|
+
def create_client(options = {})
|
97
|
+
method = options.delete(:method) || "GET"
|
98
|
+
uri = options.delete(:uri) || "http://example.com/"
|
99
|
+
client = EventMachine::HttpClient.new("")
|
100
|
+
client.uri = URI.parse(uri)
|
101
|
+
client.method = method.to_s.upcase
|
102
|
+
client.options = options
|
103
|
+
client
|
104
|
+
end
|
105
|
+
|
106
|
+
def create_request_proxy(opts = {})
|
107
|
+
arguments = opts.delete(:proxy_options) || {}
|
108
|
+
OAuth::RequestProxy.proxy(create_client(opts), arguments)
|
109
|
+
end
|
110
|
+
|
111
|
+
end
|
112
|
+
|
113
|
+
rescue LoadError => e
|
114
|
+
warn "! problem loading em-http, skipping these tests: #{e}"
|
115
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'test/unit'
|
2
|
+
require 'rubygems'
|
3
|
+
|
4
|
+
$LOAD_PATH << File.dirname(__FILE__) + '/../lib/'
|
5
|
+
require 'oauth'
|
6
|
+
require 'mocha'
|
7
|
+
require 'stringio'
|
8
|
+
require 'webmock'
|
9
|
+
|
10
|
+
class Test::Unit::TestCase
|
11
|
+
include WebMock::API
|
12
|
+
|
13
|
+
def assert_matching_headers(expected, actual)
|
14
|
+
# transform into sorted arrays
|
15
|
+
auth_intro, auth_params = actual.split(' ', 2)
|
16
|
+
assert_equal auth_intro, 'OAuth'
|
17
|
+
expected = expected.split(/(,|\s)/).reject {|v| v == '' || v =~ /^[\,\s]+/}.sort
|
18
|
+
auth_params = auth_params.split(/(,|\s)/).reject {|v| v == '' || v =~ /^[\,\s]+/}.sort
|
19
|
+
assert_equal expected, auth_params
|
20
|
+
end
|
21
|
+
|
22
|
+
def stub_test_ie
|
23
|
+
stub_request(:any, "http://term.ie/oauth/example/request_token.php").to_return(:body => "oauth_token=requestkey&oauth_token_secret=requestsecret")
|
24
|
+
stub_request(:post, "http://term.ie/oauth/example/access_token.php").to_return(:body => "oauth_token=accesskey&oauth_token_secret=accesssecret")
|
25
|
+
stub_request(:get, %r{http://term\.ie/oauth/example/echo_api\.php\?.+}).to_return(lambda {|request| {:body => request.uri.query}})
|
26
|
+
stub_request(:post, "http://term.ie/oauth/example/echo_api.php").to_return(lambda {|request| {:body => request.body}})
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require File.expand_path('../test_helper', __FILE__)
|
2
|
+
|
3
|
+
class TestSignatureHmacSha1 < Test::Unit::TestCase
|
4
|
+
def test_that_hmac_sha1_implements_hmac_sha1
|
5
|
+
assert OAuth::Signature.available_methods.include?('hmac-sha1')
|
6
|
+
end
|
7
|
+
|
8
|
+
def test_that_get_request_from_oauth_test_cases_produces_matching_signature
|
9
|
+
request = Net::HTTP::Get.new('/photos?file=vacation.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_token=nnch734d00sl2jdk&oauth_timestamp=1191242096&oauth_nonce=kllo9940pd9333jh&oauth_signature_method=HMAC-SHA1')
|
10
|
+
|
11
|
+
consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', 'kd94hf93k423kf44')
|
12
|
+
token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
|
13
|
+
|
14
|
+
signature = OAuth::Signature.sign(request, { :consumer => consumer,
|
15
|
+
:token => token,
|
16
|
+
:uri => 'http://photos.example.net/photos' } )
|
17
|
+
|
18
|
+
assert_equal 'tR3+Ty81lMeYAr/Fid0kMTYa/WM=', signature
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,292 @@
|
|
1
|
+
require File.expand_path('../test_helper', __FILE__)
|
2
|
+
|
3
|
+
class NetHTTPClientTest < Test::Unit::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
@consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
|
7
|
+
@token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
|
8
|
+
@request_uri = URI.parse('http://example.com/test?key=value')
|
9
|
+
@request_parameters = { 'key' => 'value' }
|
10
|
+
@nonce = 225579211881198842005988698334675835446
|
11
|
+
@timestamp = "1199645624"
|
12
|
+
@http = Net::HTTP.new(@request_uri.host, @request_uri.port)
|
13
|
+
end
|
14
|
+
|
15
|
+
def test_that_using_auth_headers_on_get_requests_works
|
16
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
17
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
18
|
+
|
19
|
+
assert_equal 'GET', request.method
|
20
|
+
assert_equal '/test?key=value', request.path
|
21
|
+
correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\""
|
22
|
+
auth_intro, auth_params = request['authorization'].split(' ', 2)
|
23
|
+
assert_equal auth_intro, 'OAuth'
|
24
|
+
assert_matching_headers correct_sorted_params, request['authorization']
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_that_using_auth_headers_on_get_requests_works_with_plaintext
|
28
|
+
require 'oauth/signature/plaintext'
|
29
|
+
c = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237',{
|
30
|
+
:signature_method => 'PLAINTEXT'
|
31
|
+
})
|
32
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
33
|
+
request.oauth!(@http, c, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
34
|
+
|
35
|
+
assert_equal 'GET', request.method
|
36
|
+
assert_equal '/test?key=value', request.path
|
37
|
+
assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"PLAINTEXT\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
|
38
|
+
end
|
39
|
+
|
40
|
+
def test_that_using_auth_headers_on_post_requests_works
|
41
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
42
|
+
request.set_form_data( @request_parameters )
|
43
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
44
|
+
|
45
|
+
assert_equal 'POST', request.method
|
46
|
+
assert_equal '/test', request.path
|
47
|
+
assert_equal 'key=value', request.body
|
48
|
+
correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\""
|
49
|
+
assert_matching_headers correct_sorted_params, request['authorization']
|
50
|
+
end
|
51
|
+
|
52
|
+
def test_that_using_auth_headers_on_post_requests_with_data_works
|
53
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
54
|
+
request.body = "data"
|
55
|
+
request.content_type = 'text/ascii'
|
56
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
57
|
+
|
58
|
+
assert_equal 'POST', request.method
|
59
|
+
assert_equal '/test', request.path
|
60
|
+
assert_equal 'data', request.body
|
61
|
+
assert_equal 'text/ascii', request.content_type
|
62
|
+
assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_body_hash=\"oXyaqmHoChv3HQ2FCvTluqmAC70%3D\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"0DA6pGTapdHSqC15RZelY5rNLDw%3D\", oauth_version=\"1.0\"", request['authorization']
|
63
|
+
end
|
64
|
+
|
65
|
+
def test_that_body_hash_is_obmitted_when_no_algorithm_is_defined
|
66
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
67
|
+
request.body = "data"
|
68
|
+
request.content_type = 'text/ascii'
|
69
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'plaintext'})
|
70
|
+
|
71
|
+
assert_equal 'POST', request.method
|
72
|
+
assert_equal '/test', request.path
|
73
|
+
assert_equal 'data', request.body
|
74
|
+
assert_equal 'text/ascii', request.content_type
|
75
|
+
assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"plaintext\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
|
76
|
+
end
|
77
|
+
|
78
|
+
def test_that_version_is_added_to_existing_user_agent
|
79
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
80
|
+
request['User-Agent'] = "MyApp"
|
81
|
+
request.set_form_data( @request_parameters )
|
82
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
83
|
+
|
84
|
+
assert_equal "MyApp (OAuth gem v#{OAuth::VERSION})", request['User-Agent']
|
85
|
+
end
|
86
|
+
|
87
|
+
def test_that_version_is_set_when_no_user_agent
|
88
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
89
|
+
request.set_form_data( @request_parameters )
|
90
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
91
|
+
|
92
|
+
assert_equal "OAuth gem v#{OAuth::VERSION}", request['User-Agent']
|
93
|
+
end
|
94
|
+
|
95
|
+
def test_that_using_get_params_works
|
96
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
97
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
|
98
|
+
|
99
|
+
assert_equal 'GET', request.method
|
100
|
+
uri = URI.parse(request.path)
|
101
|
+
assert_equal '/test', uri.path
|
102
|
+
assert_equal nil, uri.fragment
|
103
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
|
104
|
+
assert_equal nil, request['authorization']
|
105
|
+
end
|
106
|
+
|
107
|
+
def test_that_using_get_params_works_with_plaintext
|
108
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
109
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
110
|
+
|
111
|
+
assert_equal 'GET', request.method
|
112
|
+
uri = URI.parse(request.path)
|
113
|
+
assert_equal '/test', uri.path
|
114
|
+
assert_equal nil, uri.fragment
|
115
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
|
116
|
+
assert_equal nil, request['authorization']
|
117
|
+
end
|
118
|
+
|
119
|
+
def test_that_using_post_params_works
|
120
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
121
|
+
request.set_form_data( @request_parameters )
|
122
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
|
123
|
+
|
124
|
+
assert_equal 'POST', request.method
|
125
|
+
assert_equal '/test', request.path
|
126
|
+
assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
|
127
|
+
assert_equal nil, request['authorization']
|
128
|
+
end
|
129
|
+
|
130
|
+
def test_that_using_post_params_works_with_plaintext
|
131
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
132
|
+
request.set_form_data( @request_parameters )
|
133
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
|
134
|
+
|
135
|
+
assert_equal 'POST', request.method
|
136
|
+
assert_equal '/test', request.path
|
137
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
138
|
+
assert_equal nil, request['authorization']
|
139
|
+
end
|
140
|
+
|
141
|
+
def test_that_using_post_body_works
|
142
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
143
|
+
request['content-type'] = 'application/x-www-form-urlencoded'
|
144
|
+
request.body = 'this is a test of the emergency broad cast system. This is only a test.'
|
145
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
146
|
+
|
147
|
+
assert_equal 'POST', request.method
|
148
|
+
assert_equal '/test', request.path
|
149
|
+
assert_match /OAuth oauth_consumer_key="consumer_key_86cad9", oauth_nonce="225579211881198842005988698334675835446", oauth_signature="%2[fF]DMMBOJzQ6JmEaXlAXDLGtD1z2I%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1199645624", oauth_token="token_411a7f", oauth_version="1.0"/, request['authorization'].split("&").sort.join("&")
|
150
|
+
# assert_equal nil, request['authorization']
|
151
|
+
end
|
152
|
+
|
153
|
+
def test_that_using_post_with_uri_params_works
|
154
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
155
|
+
request.set_form_data( {} ) # just to make sure we have a correct mime type and thus no body hash
|
156
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
|
157
|
+
|
158
|
+
assert_equal 'POST', request.method
|
159
|
+
uri = URI.parse(request.path)
|
160
|
+
assert_equal '/test', uri.path
|
161
|
+
assert_equal nil, uri.fragment
|
162
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
163
|
+
assert_equal "", request.body
|
164
|
+
assert_equal nil, request['authorization']
|
165
|
+
end
|
166
|
+
|
167
|
+
def test_that_using_post_with_uri_and_form_params_works
|
168
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
169
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
170
|
+
request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
|
171
|
+
|
172
|
+
assert_equal 'POST', request.method
|
173
|
+
uri = URI.parse(request.path)
|
174
|
+
assert_equal '/test', uri.path
|
175
|
+
assert_equal nil, uri.fragment
|
176
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
177
|
+
assert_equal "key2=value2", request.body
|
178
|
+
assert_equal nil, request['authorization']
|
179
|
+
end
|
180
|
+
|
181
|
+
def test_that_using_post_with_uri_and_data_works
|
182
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
183
|
+
request.body = "data"
|
184
|
+
request.content_type = 'text/ascii'
|
185
|
+
request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
|
186
|
+
|
187
|
+
assert_equal 'POST', request.method
|
188
|
+
uri = URI.parse(request.path)
|
189
|
+
assert_equal '/test', uri.path
|
190
|
+
assert_equal nil, uri.fragment
|
191
|
+
assert_equal "data", request.body
|
192
|
+
assert_equal 'text/ascii', request.content_type
|
193
|
+
assert_equal "key=value&oauth_body_hash=oXyaqmHoChv3HQ2FCvTluqmAC70%3D&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=MHRKU42iVHU4Ke9kBUDa9Zw6IAM%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
194
|
+
assert_equal nil, request['authorization']
|
195
|
+
end
|
196
|
+
|
197
|
+
|
198
|
+
def test_example_from_specs
|
199
|
+
consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
|
200
|
+
token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
|
201
|
+
request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
|
202
|
+
nonce = 'kllo9940pd9333jh'
|
203
|
+
timestamp = "1191242096"
|
204
|
+
http = Net::HTTP.new(request_uri.host, request_uri.port)
|
205
|
+
|
206
|
+
request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
|
207
|
+
signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
|
208
|
+
assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
|
209
|
+
|
210
|
+
# request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
|
211
|
+
request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp, :realm=>"http://photos.example.net/"})
|
212
|
+
|
213
|
+
assert_equal 'GET', request.method
|
214
|
+
correct_sorted_params = 'oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort
|
215
|
+
correct_sorted_params.unshift 'OAuth realm="http://photos.example.net/"'
|
216
|
+
assert_equal correct_sorted_params, request['authorization'].split(', ').sort
|
217
|
+
end
|
218
|
+
|
219
|
+
def test_step_by_step_token_request
|
220
|
+
token_response = "oauth_token=requestkey&oauth_token_secret=requestsecret"
|
221
|
+
stub_request(:get, %r{http://term\.ie/oauth/example/request_token\.php(\?.*)?}).to_return(:body => token_response)
|
222
|
+
|
223
|
+
consumer=OAuth::Consumer.new(
|
224
|
+
"key",
|
225
|
+
"secret")
|
226
|
+
request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
|
227
|
+
nonce = rand(2**128).to_s
|
228
|
+
timestamp = Time.now.to_i.to_s
|
229
|
+
http = Net::HTTP.new(request_uri.host, request_uri.port)
|
230
|
+
|
231
|
+
request = Net::HTTP::Get.new(request_uri.path)
|
232
|
+
signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
|
233
|
+
assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_version%3D1.0",signature_base_string
|
234
|
+
|
235
|
+
# request = Net::HTTP::Get.new(request_uri.path)
|
236
|
+
request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
|
237
|
+
assert_equal 'GET', request.method
|
238
|
+
assert_nil request.body
|
239
|
+
assert_nil request['authorization']
|
240
|
+
# assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
|
241
|
+
|
242
|
+
response=http.request(request)
|
243
|
+
assert_equal "200",response.code
|
244
|
+
# assert_equal request['authorization'],response.body
|
245
|
+
assert_equal token_response, response.body
|
246
|
+
end
|
247
|
+
|
248
|
+
def test_that_put_bodies_signed
|
249
|
+
request = Net::HTTP::Put.new(@request_uri.path)
|
250
|
+
request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
|
251
|
+
request["Content-Type"] = "application/xml"
|
252
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
253
|
+
assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
254
|
+
end
|
255
|
+
|
256
|
+
def test_that_put_bodies_not_signed_even_if_form_urlencoded
|
257
|
+
request = Net::HTTP::Put.new(@request_uri.path)
|
258
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
259
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
260
|
+
assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
261
|
+
end
|
262
|
+
|
263
|
+
def test_that_post_bodies_signed_if_form_urlencoded
|
264
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
265
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
266
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
267
|
+
assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
268
|
+
end
|
269
|
+
|
270
|
+
def test_that_post_bodies_signed_if_other_content_type
|
271
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
272
|
+
request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
|
273
|
+
request["Content-Type"] = "application/xml"
|
274
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
275
|
+
assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
|
276
|
+
end
|
277
|
+
|
278
|
+
def test_that_site_address_is_not_modified_in_place
|
279
|
+
options = { :site => 'http://twitter.com', :request_endpoint => 'http://api.twitter.com' }
|
280
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
281
|
+
request.oauth!(@http, @consumer, @token, options)
|
282
|
+
assert_equal "http://twitter.com", options[:site]
|
283
|
+
assert_equal "http://api.twitter.com", options[:request_endpoint]
|
284
|
+
end
|
285
|
+
|
286
|
+
protected
|
287
|
+
|
288
|
+
def request_parameters_to_s
|
289
|
+
@request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
|
290
|
+
end
|
291
|
+
|
292
|
+
end
|