oauth 0.1.1 → 0.2.0

data/test/test_helper.rb

@@ -1,2 +1,6 @@
 require 'test/unit'
 require File.dirname(__FILE__) + '/../lib/oauth'
+
+def requests(request)
+  Marshal.load(File.read(File.dirname(__FILE__) + '/fixtures/' + request))
+end

data/test/test_hmac_sha1.rb

@@ -0,0 +1,21 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/signature/hmac/sha1'
+
+class TestSignatureHmacSha1 < Test::Unit::TestCase
+  def test_that_hmac_sha1_implements_hmac_sha1
+    assert OAuth::Signature.available_methods.include?('hmac-sha1')
+  end
+
+  def test_that_get_request_from_oauth_test_cases_produces_matching_signature
+    request = Net::HTTP::Get.new('/photos?file=vacation.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_token=nnch734d00sl2jdk&oauth_timestamp=1191242096&oauth_nonce=kllo9940pd9333jh&oauth_signature_method=HMAC-SHA1')
+
+    consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', 'kd94hf93k423kf44')
+    token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
+
+    signature = OAuth::Signature.sign(request, { :consumer => consumer,
+                                                 :token => token,
+                                                 :uri => 'http://photos.example.net/photos' } )
+
+    assert_equal 'tR3+Ty81lMeYAr/Fid0kMTYa/WM=', signature
+  end
+end

data/test/test_net_http_client.rb

@@ -0,0 +1,139 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/client/net_http'
+
+class NetHTTPClientTest < Test::Unit::TestCase
+
+  def setup
+    @consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
+    @token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
+    @request_uri = URI.parse('http://example.com/test?key=value')
+    @request_parameters = { 'key' => 'value' }
+    @nonce = 225579211881198842005988698334675835446
+    @timestamp = "1199645624"
+    @http = Net::HTTP.new(@request_uri.host, @request_uri.port)
+  end
+
+  def test_that_using_auth_headers_on_get_requests_works
+    request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+    
+    assert_equal 'GET', request.method
+    assert_equal '/test?key=value', request.path
+    assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"", request['authorization']
+  end
+
+  def test_that_using_auth_headers_on_post_requests_works
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_equal 'key=value', request.body
+    assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"", request['authorization']
+  end
+ 
+  def test_that_using_post_params_works
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_get_params_works
+    request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'GET', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg=&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_get_params_works_with_post_requests
+    request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI=&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
+    assert_equal nil, request.body
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_get_params_works_with_post_requests_that_have_post_bodies
+    request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.set_form_data( { 'key2' => 'value2' } )
+    request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0=&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
+    assert_equal "key2=value2", request.body
+    assert_equal nil, request['authorization']
+  end
+  
+  
+  def test_example_from_specs
+    consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
+    token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
+    request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
+    nonce = 'kllo9940pd9333jh'
+    timestamp = "1191242096"
+    http = Net::HTTP.new(request_uri.host, request_uri.port)
+
+    request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
+    signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
+    assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
+
+#    request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
+    request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp,:realm=>"http://photos.example.net/"})
+
+    assert_equal 'GET', request.method
+    assert_equal 'OAuth realm="http://photos.example.net/", oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
+    
+  end
+  
+  def test_step_by_step_token_request
+    consumer=OAuth::Consumer.new( 
+        "key",
+        "secret")
+    request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
+    nonce = rand(2**128).to_s
+    timestamp = Time.now.to_i.to_s
+    http = Net::HTTP.new(request_uri.host, request_uri.port)
+ 
+    request = Net::HTTP::Get.new(request_uri.path)
+    signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
+    assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_token%3D%26oauth_version%3D1.0",signature_base_string
+ 
+#    request = Net::HTTP::Get.new(request_uri.path)
+    request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
+    assert_equal 'GET', request.method
+    assert_nil request.body
+    assert_nil request['authorization']
+#    assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
+
+    response=http.request(request)
+    assert_equal "200",response.code
+#    assert_equal request['authorization'],response.body
+    assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
+  end
+
+  protected
+
+    def request_parameters_to_s
+      @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
+    end
+
+end

data/test/test_net_http_request_proxy.rb

@@ -0,0 +1,38 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/request_proxy/net_http'
+
+class NetHTTPRequestProxyTest < Test::Unit::TestCase
+
+  def test_that_proxy_simple_get_request_works
+    request = Net::HTTP::Get.new('/test?key=value')
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal 'http://example.com/test', request_proxy.uri
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works
+    request = Net::HTTP::Post.new('/test')
+    params = {'key' => 'value'}
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal 'http://example.com/test', request_proxy.uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_post_and_get_request_works
+    request = Net::HTTP::Post.new('/test?key=value')
+    params = {'key2' => 'value2'}
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => params})
+
+    expected_parameters = {'key' => ['value'], 'key2' => ['value2']}
+    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal 'http://example.com/test', request_proxy.uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+end

data/test/test_server.rb

@@ -1,5 +1,5 @@
 require 'test/unit'
-require 'oauth'
+require 'oauth/server'
 class ServerTest < Test::Unit::TestCase
   def setup
     @server=OAuth::Server.new "http://test.com"
@@ -37,11 +37,4 @@ class ServerTest < Test::Unit::TestCase
     assert_equal "http://test.com/oauth/access_token",@consumer.access_token_url
   end  
   
-  def test_verify_request
-    @consumer=@server.create_consumer 
-    @request=@consumer.signed_request :get,@consumer.request_token_path
-    assert @request.signed?
-    
-    assert @request.verify?(@consumer.secret)
-  end
 end

data/test/test_signature.rb

@@ -1,113 +1,11 @@
-require 'test/unit'
-require 'oauth'
-class SignatureTest < Test::Unit::TestCase
-  def setup
-    # From example in Apendix A of the spec
-    @consumer_secret="kd94hf93k423kf44"
-    @token_secret="pfkkdhi9sl3r4s00"
-    @test_params={
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
-      :oauth_token=>"nnch734d00sl2jdk",
-      :oauth_timestamp=>"1191242096",
-      :oauth_nonce=>"kllo9940pd9333jh"
-    }
-    
-    @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
-    @signature=OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-  end
-  
-  def test_base_string
-    from_spec="GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal"
-    assert_equal from_spec,@signature.base_string
-  end
-
-  def test_base_string_with_post_params
-    @request=OAuth::Request.new( :post,'http://photos.example.net','/photos', @test_params,'file=vacation.jpg&size=original')
-    @signature=OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    from_spec="POST&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal"
-    assert_equal from_spec,@signature.base_string
-  end
-  
-  def test_signature_key
-    assert_equal "kd94hf93k423kf44&pfkkdhi9sl3r4s00",@signature.key
-  end
-  
-  def test_signature
-    assert_equal "tR3+Ty81lMeYAr/Fid0kMTYa/WM=",@signature.sign
-  end
-  
-  def test_sign_hmac_sha1  
-    assert !@request.signed?
-    assert !@signature.verify?
-    @signature.sign!
-    assert @request.signed?
-    assert @signature.verify?
-  end
-
-  def test_sign_hmac_md5
-    @request.signature_method="hmac-md5"
-    @signature=OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    
-    assert !@request.signed?
-    assert !@signature.verify?
-    @signature.sign!
-    assert @request.signed?
-    assert @signature.verify?
-  end
-
-  def test_sign_hmac_sha2
-    @request.signature_method="hmac-sha2"
-    @signature=OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    
-    assert !@request.signed?
-    assert !@signature.verify?
-    @signature.sign!
-    assert @request.signed?
-    assert @signature.verify?
-  end
-
-  def test_sign_hmac_rmd160
-    @request.signature_method="hmac-rmd160"
-    @signature=OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    
-    assert !@request.signed?
-    assert !@signature.verify?
-    @signature.sign!
-    assert @request.signed?
-    assert @signature.verify?
-  end
-
-  def test_sign_plain_with_https
-    @request.site='https://photos.example.net'
-    @request.signature_method="plaintext"
-    @signature=OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    
-    assert !@request.signed?
-    assert !@signature.verify?
-    @signature.sign!
-    assert @request.signed?
-    assert @signature.verify?
-  end
-
-  def test_sign_plain_with_http
-    @request.signature_method="plaintext"
-    assert_raise(OAuth::Signature::InsecureSignatureMethod) do
-      OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    end
-  end
-
-  def test_sign_sha1
-    @request.signature_method="sha1"
-    assert_raise(OAuth::Signature::InsecureSignatureMethod) do
-      OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    end
-  end
-
-  def test_sign_md5
-    @request.signature_method="md5"
-    assert_raise(OAuth::Signature::InsecureSignatureMethod) do
-      OAuth::Signature.create(@request,@consumer_secret,@token_secret)
-    end
-  end
-
-end
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class TestOauth < Test::Unit::TestCase
+
+  def setup
+  end
+  
+  def test_truth
+    assert true
+  end
+end

data/test/test_signature_base.rb

@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/signature/base'
+require 'net/http'
+class SignatureBaseTest < Test::Unit::TestCase
+
+  def test_that_initialize_requires_one_request_argument
+    assert_raises ArgumentError do
+      OAuth::Signature::Base.new()
+    end
+  end
+
+  def test_that_initialize_requires_a_valid_request_argument
+    request = nil
+    assert_raises TypeError do
+      OAuth::Signature::Base.new(request) { |token|
+        # just a stub
+      }
+    end
+  end
+
+  def test_that_initialize_succeeds_when_the_request_proxy_is_valid
+    # this isn't quite valid, but it will do.
+    raw_request = Net::HTTP::Get.new('/test')
+    request = OAuth::RequestProxy.proxy(raw_request)
+    assert_nothing_raised do
+      OAuth::Signature::Base.new(request) { |token|
+        # just a stub
+      }
+    end
+  end
+
+end

data/test/test_token.rb

@@ -0,0 +1,14 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/token'
+
+class TestToken < Test::Unit::TestCase
+
+  def setup
+  end
+  
+  def test_token_constructor_produces_valid_token
+    token = OAuth::Token.new('xyz', '123')
+    assert_equal 'xyz', token.token
+    assert_equal '123', token.secret
+  end
+end

data/website/index.html

@@ -33,7 +33,7 @@
     <h1>Ruby OAuth GEM</h1>
     <div id="version" class="clickable" onclick='document.location = "http://rubyforge.org/projects/oauth"; return false'>
       <p>Get Version</p>
-      <a href="http://rubyforge.org/projects/oauth" class="numbers">0.1.1</a>
+      <a href="http://rubyforge.org/projects/oauth" class="numbers">0.2.0</a>
     </div>
     <h2>What</h2>
 
@@ -41,7 +41,7 @@
 	<p>This is a RubyGem for implementing both OAuth clients and servers in Ruby applications.</p>
 
 
-	<p>See the <a href="http://oauth.googlecode.com/svn/spec/branches/1.0/drafts/7/spec.html">OAuth specs</a></p>
+	<p>See the <a href="http://oauth.net/core/1.0/">OAuth specs</a></p>
 
 
 	<h2>Installing</h2>
@@ -50,6 +50,9 @@
 	<p><pre class='syntax'><span class="ident">sudo</span> <span class="ident">gem</span> <span class="ident">install</span> <span class="ident">oauth</span></pre></p>
 
 
+	<p>You can also install it from the <a href="http://rubyforge.org/projects/oauth/">oauth rubyforge project</a>.</p>
+
+
 	<h2>The basics</h2>
 
 
@@ -65,9 +68,7 @@
 	<p>Create a new consumer instance by passing it a configuration hash:</p>
 
 
-<pre><code>@consumer=OAuth::Consumer.new( {
-    :consumer_key=&gt;"key",
-    :consumer_secret=&gt;"secret",
+<pre><code>@consumer=OAuth::Consumer.new( "key","secret", {
     :site=&gt;"https://agree2" 
     })</code></pre>
 
@@ -108,7 +109,7 @@ redirect_to @request_token.authorize_url</code></pre>
 	<p>Read the <a href="http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/">8 steps for fixing other people&#8217;s code</a> and for section <a href="http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/#8b-google-groups">8b: Submit patch to Google Groups</a>, use the Google Group above.</p>
 
 
-	<p>The trunk repository is <code>svn://rubyforge.org/var/svn/oauth/trunk</code> for anonymous access.</p>
+	<p>The trunk repository is <code>http://oauth.rubyforge.org/svn/trunk/</code> for anonymous access.</p>
 
 
 	<h2>License</h2>
@@ -120,9 +121,9 @@ redirect_to @request_token.authorize_url</code></pre>
 	<h2>Contact</h2>
 
 
-	<p>Comments are welcome. Send an email to <a href="mailto:pelleb@gmail.com">Pelle Braendgaard</a> email via the <a href="http://groups.google.com/group/oauth">forum</a></p>
+	<p>Comments are welcome. Send an email to <a href="mailto:pelleb@gmail.com">Pelle Braendgaard</a> email via the <a href="http://groups.google.com/group/oauth-ruby">OAuth Ruby mailing list</a></p>
     <p class="coda">
-      <a href="FIXME email">FIXME full name</a>, 26th November 2007<br>
+      <a href="FIXME email">FIXME full name</a>, 21st January 2008<br>
       Theme extended from <a href="http://rb2js.rubyforge.org/">Paul Battley</a>
     </p>
 </div>