oauth 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of oauth might be problematic. Click here for more details.

Files changed (47) hide show
  1. data/History.txt +9 -0
  2. data/License.txt +1 -1
  3. data/Manifest.txt +25 -7
  4. data/config/hoe.rb +1 -1
  5. data/lib/oauth.rb +1 -12
  6. data/lib/oauth/client.rb +4 -0
  7. data/lib/oauth/client/action_controller_request.rb +51 -0
  8. data/lib/oauth/client/helper.rb +74 -0
  9. data/lib/oauth/client/net_http.rb +72 -0
  10. data/lib/oauth/consumer.rb +112 -43
  11. data/lib/oauth/{key.rb → helper.rb} +6 -7
  12. data/lib/oauth/request_proxy.rb +24 -0
  13. data/lib/oauth/request_proxy/action_controller_request.rb +65 -0
  14. data/lib/oauth/request_proxy/base.rb +50 -0
  15. data/lib/oauth/request_proxy/net_http.rb +64 -0
  16. data/lib/oauth/server.rb +12 -9
  17. data/lib/oauth/signature.rb +15 -142
  18. data/lib/oauth/signature/base.rb +69 -0
  19. data/lib/oauth/signature/hmac/base.rb +12 -0
  20. data/lib/oauth/signature/hmac/md5.rb +9 -0
  21. data/lib/oauth/signature/hmac/rmd160.rb +9 -0
  22. data/lib/oauth/signature/hmac/sha1.rb +10 -0
  23. data/lib/oauth/signature/hmac/sha2.rb +9 -0
  24. data/lib/oauth/signature/md5.rb +13 -0
  25. data/lib/oauth/signature/plaintext.rb +19 -0
  26. data/lib/oauth/signature/rsa/sha1.rb +20 -0
  27. data/lib/oauth/signature/sha1.rb +13 -0
  28. data/lib/oauth/token.rb +54 -14
  29. data/lib/oauth/version.rb +2 -2
  30. data/test/test_action_controller_request_proxy.rb +10 -0
  31. data/test/test_consumer.rb +144 -57
  32. data/test/test_helper.rb +4 -0
  33. data/test/test_hmac_sha1.rb +21 -0
  34. data/test/test_net_http_client.rb +139 -0
  35. data/test/test_net_http_request_proxy.rb +38 -0
  36. data/test/test_server.rb +1 -8
  37. data/test/test_signature.rb +11 -113
  38. data/test/test_signature_base.rb +32 -0
  39. data/test/test_token.rb +14 -0
  40. data/website/index.html +9 -8
  41. data/website/index.txt +5 -6
  42. metadata +37 -13
  43. data/lib/oauth/consumer_credentials.rb +0 -12
  44. data/lib/oauth/oauth_test_helper.rb +0 -24
  45. data/lib/oauth/request.rb +0 -258
  46. data/test/test_oauth.rb +0 -11
  47. data/test/test_request.rb +0 -282
@@ -4,12 +4,13 @@ h2. What
4
4
 
5
5
  This is a RubyGem for implementing both OAuth clients and servers in Ruby applications.
6
6
 
7
- See the "OAuth specs":http://oauth.googlecode.com/svn/spec/branches/1.0/drafts/7/spec.html
7
+ See the "OAuth specs":http://oauth.net/core/1.0/
8
8
 
9
9
  h2. Installing
10
10
 
11
11
  <pre syntax="ruby">sudo gem install oauth</pre>
12
12
 
13
+ You can also install it from the "oauth rubyforge project":http://rubyforge.org/projects/oauth/.
13
14
 
14
15
  h2. The basics
15
16
 
@@ -21,9 +22,7 @@ h2. Demonstration of usage
21
22
 
22
23
  Create a new consumer instance by passing it a configuration hash:
23
24
 
24
- <pre><code>@consumer=OAuth::Consumer.new( {
25
- :consumer_key=>"key",
26
- :consumer_secret=>"secret",
25
+ <pre><code>@consumer=OAuth::Consumer.new( "key","secret", {
27
26
  :site=>"https://agree2"
28
27
  })</code></pre>
29
28
 
@@ -54,7 +53,7 @@ h2. How to submit patches
54
53
 
55
54
  Read the "8 steps for fixing other people's code":http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/ and for section "8b: Submit patch to Google Groups":http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/#8b-google-groups, use the Google Group above.
56
55
 
57
- The trunk repository is <code>svn://rubyforge.org/var/svn/oauth/trunk</code> for anonymous access.
56
+ The trunk repository is <code>http://oauth.rubyforge.org/svn/trunk/</code> for anonymous access.
58
57
 
59
58
  h2. License
60
59
 
@@ -62,5 +61,5 @@ This code is free to use under the terms of the MIT license.
62
61
 
63
62
  h2. Contact
64
63
 
65
- Comments are welcome. Send an email to "Pelle Braendgaard":mailto:pelleb@gmail.com email via the "forum":http://groups.google.com/group/oauth
64
+ Comments are welcome. Send an email to "Pelle Braendgaard":mailto:pelleb@gmail.com email via the "OAuth Ruby mailing list":http://groups.google.com/group/oauth-ruby
66
65
 
metadata CHANGED
@@ -1,15 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
5
- platform: ""
4
+ version: 0.2.0
5
+ platform: ruby
6
6
  authors:
7
7
  - Pelle Braendgaard
8
+ - Blaine Cook
9
+ - Larry Halff
8
10
  autorequire:
9
11
  bindir: bin
10
12
  cert_chain: []
11
13
 
12
- date: 2007-11-26 00:00:00 -08:00
14
+ date: 2008-01-21 00:00:00 -08:00
13
15
  default_executable:
14
16
  dependencies:
15
17
  - !ruby/object:Gem::Dependency
@@ -42,13 +44,28 @@ files:
42
44
  - config/hoe.rb
43
45
  - config/requirements.rb
44
46
  - lib/oauth.rb
47
+ - lib/oauth/client.rb
48
+ - lib/oauth/client/action_controller_request.rb
49
+ - lib/oauth/client/helper.rb
50
+ - lib/oauth/client/net_http.rb
45
51
  - lib/oauth/consumer.rb
46
- - lib/oauth/consumer_credentials.rb
47
- - lib/oauth/key.rb
48
- - lib/oauth/oauth_test_helper.rb
49
- - lib/oauth/request.rb
52
+ - lib/oauth/helper.rb
53
+ - lib/oauth/request_proxy.rb
54
+ - lib/oauth/request_proxy/action_controller_request.rb
55
+ - lib/oauth/request_proxy/base.rb
56
+ - lib/oauth/request_proxy/net_http.rb
50
57
  - lib/oauth/server.rb
51
58
  - lib/oauth/signature.rb
59
+ - lib/oauth/signature/base.rb
60
+ - lib/oauth/signature/hmac/base.rb
61
+ - lib/oauth/signature/hmac/md5.rb
62
+ - lib/oauth/signature/hmac/rmd160.rb
63
+ - lib/oauth/signature/hmac/sha1.rb
64
+ - lib/oauth/signature/hmac/sha2.rb
65
+ - lib/oauth/signature/md5.rb
66
+ - lib/oauth/signature/plaintext.rb
67
+ - lib/oauth/signature/rsa/sha1.rb
68
+ - lib/oauth/signature/sha1.rb
52
69
  - lib/oauth/token.rb
53
70
  - lib/oauth/version.rb
54
71
  - script/destroy
@@ -58,12 +75,15 @@ files:
58
75
  - tasks/deployment.rake
59
76
  - tasks/environment.rake
60
77
  - tasks/website.rake
78
+ - test/test_action_controller_request_proxy.rb
61
79
  - test/test_consumer.rb
62
80
  - test/test_helper.rb
63
- - test/test_oauth.rb
64
- - test/test_request.rb
65
- - test/test_server.rb
81
+ - test/test_hmac_sha1.rb
82
+ - test/test_net_http_client.rb
83
+ - test/test_net_http_request_proxy.rb
66
84
  - test/test_signature.rb
85
+ - test/test_signature_base.rb
86
+ - test/test_token.rb
67
87
  - website/index.html
68
88
  - website/index.txt
69
89
  - website/javascripts/rounded_corners_lite.inc.js
@@ -92,14 +112,18 @@ required_rubygems_version: !ruby/object:Gem::Requirement
92
112
  requirements: []
93
113
 
94
114
  rubyforge_project: oauth
95
- rubygems_version: 0.9.5
115
+ rubygems_version: 1.0.1
96
116
  signing_key:
97
117
  specification_version: 2
98
118
  summary: OAuth Core Ruby implementation
99
119
  test_files:
120
+ - test/test_action_controller_request_proxy.rb
100
121
  - test/test_consumer.rb
101
122
  - test/test_helper.rb
102
- - test/test_oauth.rb
103
- - test/test_request.rb
123
+ - test/test_hmac_sha1.rb
124
+ - test/test_net_http_client.rb
125
+ - test/test_net_http_request_proxy.rb
104
126
  - test/test_server.rb
105
127
  - test/test_signature.rb
128
+ - test/test_signature_base.rb
129
+ - test/test_token.rb
@@ -1,12 +0,0 @@
1
- module OAuth
2
- class ConsumerCredentials
3
- attr_accessor :key, :secret
4
-
5
- def initialize(key, secret)
6
- @key = key
7
- @secret = secret
8
- raise ArgumentError, 'Missing consumer credentials ("key and/or secret")' unless @key && @secret
9
- end
10
- end
11
-
12
- end
@@ -1,24 +0,0 @@
1
- module OAuth
2
- module OAuthTestHelper
3
-
4
- def mock_incoming_request_with_query(request)
5
- incoming=ActionController::TestRequest.new(request.to_hash)
6
- incoming.request_uri=request.path
7
- incoming.env["SERVER_PORT"]=request.uri.port
8
- incoming.host=request.uri.host
9
- incoming.env['REQUEST_METHOD']=request.http_method
10
- incoming
11
- end
12
-
13
- def mock_incoming_request_with_authorize_header(request)
14
- incoming=ActionController::TestRequest.new
15
- incoming.env["HTTP_AUTHORIZATION"]=request.to_auth_string
16
- incoming.request_uri=request.path
17
- incoming.env["SERVER_PORT"]=request.uri.port
18
- incoming.host=request.uri.host
19
- incoming.env['REQUEST_METHOD']=request.http_method
20
- incoming
21
- end
22
-
23
- end
24
- end
@@ -1,258 +0,0 @@
1
- require 'uri'
2
- require 'cgi'
3
- require 'open-uri'
4
- require 'net/http'
5
- module OAuth
6
- # This encapsulates all the request details for OAuth.
7
- #
8
- # On the consumer side you shouldn't use this directly but rather Use consumer.get_request_token for the initial token
9
- # and access token for actual web service calls
10
- #
11
- # On the service provider side there are various interesting methods.
12
- #
13
- # To find the consumer_key for a request in a rails app do:
14
- #
15
- # @consumer_key=OAuth::Request.extract_consumer_key(request)
16
- #
17
- # To extract an OAuth::Request for a rails request in a rails app do:
18
- #
19
- # @oauth_request=OAuth::Request.incoming(request)
20
- # @token=AccessToken.find_by_token @oauth_request.token
21
- # return @oauth_request.verify?(@token.client_application.secret,@token.secret)
22
- #
23
- # This example assumes an ActiveRecord Model called AccessToken with a token and a secret column.
24
- # This is associated with a ActiveRecord Model ClientApplication (the consumer), which has a key and secret column.
25
- #
26
- class Request
27
- include OAuth::Key
28
-
29
- attr_accessor :oauth_params,:headers,:site,:path,:realm,:body,:auth_method
30
-
31
- @@default_oauth_params={:oauth_signature_method=>'HMAC-SHA1',:oauth_version=>"1.0",:realm=>''}
32
-
33
- def initialize(http_method,site,path,oauth_params={},*arguments)
34
- # ensure that keys are symbols
35
- @oauth_params=@@default_oauth_params.merge( oauth_params.inject({}) do |options, (key, value)|
36
- options[key.to_sym] = value
37
- options
38
- end)
39
- self.http_method=http_method
40
- self.site=site
41
- self.path=path
42
- self.realm=@oauth_params.delete(:realm)
43
- self.auth_method=@oauth_params.delete(:auth_method)||:authorize
44
- self.body=arguments.shift if ['POST','PUT'].include?(self.http_method)
45
- self.headers=arguments.shift||{}
46
- self.headers['Content-Type']||='application/x-www-form-urlencoded' if ['POST','PUT'].include?(self.http_method)
47
-
48
- self[:oauth_timestamp]=create_timestamp unless self.timestamp
49
- self[:oauth_nonce]=generate_key(24) unless self.nonce
50
-
51
- # Default to Authorize header if http method doesn't support the specified auth_method
52
- if ['GET','HEAD','DELETE'].include?(self.http_method)
53
- self.auth_method=:authorize unless self.auth_method==:query
54
- else
55
- self.auth_method=:authorize unless self.auth_method==:post
56
- end
57
-
58
- end
59
-
60
- # Use to extract the consumer key from a http request object
61
- # This is intended for use on the server
62
- def self.extract_consumer_key(http_request)
63
- auth=http_request.env["HTTP_AUTHORIZATION"]
64
- if auth && auth[0..5]=="OAuth "&&auth=~/ oauth_consumer_key="([^, ]+)"/
65
- $1
66
- else
67
- http_request.parameters[:oauth_consumer_key]
68
- end
69
- end
70
-
71
- # This takes a rails like Request and returns an OAuth request object
72
- def self.incoming(http_request)
73
- auth=http_request.env["HTTP_AUTHORIZATION"]
74
- if auth && auth[0..5]=="OAuth "
75
- parameters=auth[6,auth.size].scan(/ ([^= ]+)="([^"]*)",?/).inject({}) do |h,(k,v)|
76
- h[k.to_sym]=CGI.unescape(v)
77
- h
78
- end
79
- _path=http_request.request_uri
80
- else
81
- parameters=http_request.query_parameters#.reject{|k,v| ['controller','action'].include?(k)}
82
- # non_oauth=to_name_value_pair_array(http_request.query_parameters.reject(){|k,v| k.to_s=~/oauth_/}).join(/&/)
83
- _path=http_request.request_uri
84
- # _path=http_request.path+'?'+non_auth
85
- end
86
- if http_request.post?||http_request.put?
87
- Request.new(http_request.method,"http://#{http_request.host_with_port}",_path,parameters,http_request.raw_post,{'Content-Type'=>http_request.content_type})
88
- else
89
- Request.new(http_request.method,"http://#{http_request.host_with_port}",_path,parameters)
90
- end
91
- end
92
-
93
- def perform(consumer_secret,token_secret=nil)
94
- http_klass=(uri.scheme=="https" ? Net::HTTPS : Net::HTTP)
95
- http_klass.start(uri.host,uri.port) do |http|
96
- sign(consumer_secret,token_secret)
97
-
98
- case auth_method
99
- when :query
100
- _path="#{uri.path}?#{to_query}"
101
- when :post
102
- self.body=to_query
103
- else
104
- headers['Authorization']=to_auth_string
105
- end
106
- _path||=path
107
- # TODO if realm is set use auth header
108
- if (['POST','PUT'].include?(http_method))
109
- # headers['Content-Length']=body.size.to_s unless body.nil?
110
- http.send(http_method.downcase.to_sym,_path,body,headers)
111
- else # any request without a body
112
- http.send(http_method.downcase.to_sym,_path,headers)
113
- end
114
- end
115
- end
116
-
117
- def perform_token_request(consumer_secret,token_secret=nil)
118
- response=perform(consumer_secret,token_secret)
119
- if response.code=="200"
120
- CGI.parse(response.body).inject({}){|h,(k,v)| h[k.to_sym]=v.first;h}
121
- else
122
- response.error!
123
- end
124
- end
125
-
126
- def http_method=(value)
127
- @http_method=value.to_s.strip.upcase
128
- end
129
-
130
- def http_method
131
- @http_method
132
- end
133
-
134
- def content_type
135
- @content_type||=headers['Content-Type']
136
- end
137
-
138
- def site=(_site)
139
- @site=_site.downcase
140
- @uri=nil # invalidate uri
141
- @site
142
- end
143
-
144
- def path=(_path)
145
- @path=_path
146
- @uri=nil # invalidate uri
147
- @path
148
- end
149
-
150
- def uri
151
- @uri||=URI.parse(url)
152
- end
153
-
154
- def url
155
- (site+path)
156
- end
157
-
158
- # produces a hash of the query or post parameters depending on http method
159
- def http_parameters
160
- @http_params||=parse_url_form_encoded( body||uri.query||'')
161
- end
162
-
163
- def parse_url_form_encoded(string)
164
- CGI.parse(string).inject({}){|h,(k,v)| h[k.to_sym]=v[0];h}
165
- end
166
-
167
- def normalized_url
168
- uri=URI.split(url)
169
- if uri[3].nil?||(uri[3]=='80'&&uri[0]=='http')||(uri[3]=='443'&&uri[0]=='https')
170
- port=""
171
- else
172
- port=":#{uri[3]}"
173
- end
174
- "#{uri[0]}://#{uri[2]}#{port}#{uri[5]}"
175
- end
176
-
177
- def [](key)
178
- oauth_params[key.to_sym]
179
- end
180
-
181
- def []=(key,value)
182
- oauth_params[key.to_sym]=value
183
- end
184
-
185
- def timestamp
186
- self[:oauth_timestamp]
187
- end
188
-
189
- def create_timestamp
190
- Time.now.utc.to_i.to_s
191
- end
192
-
193
- def nonce
194
- self[:oauth_nonce]
195
- end
196
-
197
- def token
198
- self[:oauth_token]
199
- end
200
-
201
- def to_name_value_pair_array(hash,with={})
202
- hash.merge(with).collect{|(key,value)| "#{escape(key.to_s)}=#{escape(value)}"}.sort
203
- end
204
-
205
- def to_hash(with={})
206
- oauth_params.merge(http_parameters).merge(with)
207
- end
208
-
209
- def to_query(with={})
210
- (to_name_value_pair_array(to_hash(with))).sort.join("&")
211
- end
212
-
213
- def to_query_without_signature(with={})
214
- (to_name_value_pair_array(oauth_params_without_signature,with)).sort.join("&")
215
- end
216
-
217
- def to_auth_string
218
- "OAuth realm=\"#{realm}\", "+oauth_params.collect{|(key,value)| "#{escape(key.to_s)}=\"#{escape(value)}\""}.sort.join(", ")
219
- end
220
-
221
- def to_base_string(secret)
222
- to_query({:oauth_secret=>secret})
223
- end
224
-
225
- def oauth_params_without_signature
226
- to_hash.reject{|key,value| key.to_sym==:oauth_signature}
227
- end
228
-
229
- def signature
230
- self[:oauth_signature]
231
- end
232
-
233
- def signature=(_signature)
234
- self[:oauth_signature]=_signature
235
- end
236
-
237
- def signature_method
238
- self[:oauth_signature_method]
239
- end
240
-
241
- def signature_method=(_signature_method)
242
- self[:oauth_signature_method]=_signature_method
243
- end
244
-
245
- def signed?
246
- signature!=nil
247
- end
248
-
249
- def sign(consumer_secret,token_secret=nil)
250
- OAuth::Signature.create(self,consumer_secret,token_secret).sign!
251
- end
252
-
253
- def verify?(consumer_secret,token_secret=nil)
254
- OAuth::Signature.create(self,consumer_secret,token_secret).verify?
255
- end
256
-
257
- end
258
- end
@@ -1,11 +0,0 @@
1
- require File.dirname(__FILE__) + '/test_helper.rb'
2
-
3
- class TestOauth < Test::Unit::TestCase
4
-
5
- def setup
6
- end
7
-
8
- def test_truth
9
- assert true
10
- end
11
- end
@@ -1,282 +0,0 @@
1
- require 'rubygems'
2
- require 'test/unit'
3
- require 'action_controller'
4
- require 'action_controller/test_process'
5
- require 'oauth'
6
- class RequestTest < Test::Unit::TestCase
7
- include OAuth::Key
8
- include OAuth::OAuthTestHelper
9
-
10
- def setup
11
- @request=OAuth::Request.new( :get,"http://test.COM:80","/oauth?stuff=1&picture=test.png", {:realm=>'http://test.com/oauth/authorize',:oauth_field1=>"test",:oauth_field2=>"hello",'string_key'=>"should be set"})
12
- end
13
-
14
- def test_accessors
15
- #as symbols
16
- assert_equal @request[:oauth_field1],"test"
17
- assert_equal @request[:oauth_field2],"hello"
18
- assert_equal @request[:string_key],"should be set"
19
- assert_equal @request[:oauth_signature_method],"HMAC-SHA1"
20
- #as strings
21
- assert_equal @request['oauth_field1'],"test"
22
- assert_equal @request['oauth_field2'],"hello"
23
- assert_equal @request['string_key'],"should be set"
24
- end
25
-
26
- def test_to_query
27
- assert_equal "oauth_field1=test&oauth_field2=hello&oauth_nonce=#{URI.escape(@request.nonce)}&oauth_signature_method=HMAC-SHA1&oauth_timestamp=#{@request.timestamp}&oauth_version=1.0&picture=test.png&string_key=should%20be%20set&stuff=1",@request.to_query
28
- end
29
-
30
- def test_to_auth_string
31
- assert_equal "OAuth realm=\"http://test.com/oauth/authorize\", oauth_field1=\"test\", oauth_field2=\"hello\", oauth_nonce=\"#{URI.escape(@request.nonce)}\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"#{@request.timestamp}\", oauth_version=\"1.0\", string_key=\"should%20be%20set\"",@request.to_auth_string
32
- end
33
-
34
- def test_has_http_method
35
- assert_equal "GET",@request.http_method
36
- end
37
-
38
- def test_has_realm
39
- assert_equal 'http://test.com/oauth/authorize',@request.realm
40
- end
41
-
42
- def test_removed_realm_from_params
43
- assert_nil @request[:realm]
44
- end
45
-
46
- def test_url_normalization
47
- #should remove port 80 from http
48
- assert_equal "http://test.com:80/oauth?stuff=1&picture=test.png",@request.url
49
- assert_equal "http://test.com/oauth",@request.normalized_url
50
-
51
- # should not have port
52
- @request.site="http://test.com"
53
- assert_equal "http://test.com/oauth?stuff=1&picture=test.png",@request.url
54
- assert_equal "http://test.com/oauth",@request.normalized_url
55
-
56
- #should remove port 443 from https
57
- @request.site="https://test.com:443"
58
- assert_equal "https://test.com:443/oauth?stuff=1&picture=test.png",@request.url
59
- assert_equal "https://test.com/oauth",@request.normalized_url
60
-
61
- #should retain port number
62
- @request.site="https://test.com:11822"
63
- assert_equal "https://test.com:11822/oauth?stuff=1&picture=test.png",@request.url
64
- assert_equal "https://test.com:11822/oauth",@request.normalized_url
65
-
66
- # should retain port 80 on https
67
- @request.site="https://test.com:80"
68
- assert_equal "https://test.com:80/oauth?stuff=1&picture=test.png",@request.url
69
- assert_equal "https://test.com:80/oauth",@request.normalized_url
70
-
71
- # should retain port 443 on http
72
- @request.site="http://test.com:443"
73
- assert_equal "http://test.com:443/oauth?stuff=1&picture=test.png",@request.url
74
- assert_equal "http://test.com:443/oauth",@request.normalized_url
75
-
76
- end
77
-
78
- def test_auth_methods_on_various_http_methods
79
- # defaults
80
- assert_equal :authorize,create_request(:get).auth_method
81
- assert_equal :authorize,create_request(:head).auth_method
82
- assert_equal :authorize,create_request(:delete).auth_method
83
- assert_equal :authorize,create_request(:post).auth_method
84
- assert_equal :authorize,create_request(:put).auth_method
85
-
86
- # authorize
87
- assert_equal :authorize,create_request(:get,{:auth_method=>:authorize}).auth_method
88
- assert_equal :authorize,create_request(:head,{:auth_method=>:authorize}).auth_method
89
- assert_equal :authorize,create_request(:delete,{:auth_method=>:authorize}).auth_method
90
- assert_equal :authorize,create_request(:post,{:auth_method=>:authorize}).auth_method
91
- assert_equal :authorize,create_request(:put,{:auth_method=>:authorize}).auth_method
92
-
93
- # query
94
- assert_equal :query,create_request(:get,{:auth_method=>:query}).auth_method
95
- assert_equal :query,create_request(:head,{:auth_method=>:query}).auth_method
96
- assert_equal :query,create_request(:delete,{:auth_method=>:query}).auth_method
97
- assert_equal :authorize,create_request(:post,{:auth_method=>:query}).auth_method
98
- assert_equal :authorize,create_request(:put,{:auth_method=>:query}).auth_method
99
-
100
- # post
101
- assert_equal :authorize,create_request(:get,{:auth_method=>:post}).auth_method
102
- assert_equal :authorize,create_request(:head,{:auth_method=>:post}).auth_method
103
- assert_equal :authorize,create_request(:delete,{:auth_method=>:post}).auth_method
104
- assert_equal :post,create_request(:post,{:auth_method=>:post}).auth_method
105
- assert_equal :post,create_request(:put,{:auth_method=>:post}).auth_method
106
- end
107
-
108
- def create_request(http_method,params={},*arguments)
109
- OAuth::Request.new( http_method,'http://photos.example.net','/test',{
110
- :oauth_consumer_key=>"dpf43f3p2l4k3l03"
111
- }.merge(params),*arguments)
112
- end
113
-
114
- def test_has_body
115
- request=create_request(:post,{},"BODY")
116
- assert_equal "BODY",request.body
117
-
118
- end
119
- def test_has_nonce
120
- assert_not_nil @request.nonce
121
- end
122
-
123
- def test_has_timestamp
124
- assert_not_nil @request.timestamp
125
- end
126
-
127
- def test_not_signed
128
- assert !@request.signed?
129
- end
130
-
131
- def test_has_signature_method
132
- assert_equal @request.signature_method,"HMAC-SHA1"
133
- end
134
-
135
- def test_not_signed
136
- assert !@request.signed?
137
- end
138
-
139
- def test_not_verified
140
- assert !@request.verify?("secret")
141
- end
142
-
143
- def test_sign_request_token_with_query_string
144
- @consumer_secret="kd94hf93k423kf44"
145
- @test_params={
146
- :oauth_consumer_key=>"dpf43f3p2l4k3l03"
147
- }
148
-
149
- @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
150
- assert !@request.signed?
151
- assert !@request.verify?(@consumer_secret)
152
- @request.sign(@consumer_secret)
153
- assert @request.signed?
154
- assert @request.verify?(@consumer_secret)
155
- orig_sig=@request.signature
156
-
157
- @incoming=mock_incoming_request_with_query(@request)
158
- assert_equal "photos.example.net",@incoming.host_with_port
159
- assert_equal "/photos",@incoming.path
160
- assert_equal :get,@incoming.method
161
- assert_equal( {"file"=>"vacation.jpg",
162
- "size"=>"original",
163
- "oauth_consumer_key"=>"dpf43f3p2l4k3l03",
164
- 'oauth_timestamp'=>@request[:oauth_timestamp],
165
- "oauth_nonce"=>@request[:oauth_nonce],
166
- "oauth_signature_method"=>'HMAC-SHA1',
167
- "oauth_version"=>"1.0",
168
- "oauth_signature"=>orig_sig
169
- },@incoming.parameters)
170
-
171
-
172
- assert_equal "dpf43f3p2l4k3l03",OAuth::Request.extract_consumer_key(@incoming)
173
-
174
- @request=OAuth::Request.incoming(@incoming)
175
- assert @request.signed?
176
- assert_equal( {
177
- :file=>"vacation.jpg",
178
- :size=>"original",
179
- :oauth_consumer_key=>"dpf43f3p2l4k3l03",
180
- :oauth_timestamp=>@request[:oauth_timestamp],
181
- :oauth_nonce=>@request[:oauth_nonce],
182
- :oauth_signature_method=>'HMAC-SHA1',
183
- :oauth_version=>"1.0",
184
- :oauth_signature=>orig_sig
185
- },@request.to_hash)
186
- assert @request.verify?(@consumer_secret)
187
- assert_equal orig_sig,@request.signature
188
- end
189
-
190
- def test_sign_request_token_with_authorize_header
191
- @consumer_secret="kd94hf93k423kf44"
192
- @test_params={
193
- :oauth_consumer_key=>"dpf43f3p2l4k3l03",
194
- :realm=>"http://photos.example.net/oauth/authorize"
195
- }
196
-
197
- @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
198
- assert !@request.signed?
199
- assert !@request.verify?(@consumer_secret)
200
-
201
- @request.sign(@consumer_secret)
202
- assert @request.signed?
203
- assert @request.verify?(@consumer_secret)
204
- assert_equal '/photos?file=vacation.jpg&size=original',@request.path
205
- orig_sig=@request.signature
206
- orig_base=OAuth::Signature.create(@request,@consumer_secret).base_string
207
-
208
- orig_query_params=@request.http_parameters
209
-
210
- @incoming=mock_incoming_request_with_authorize_header(@request)
211
- assert_equal "photos.example.net",@incoming.host_with_port
212
- assert_equal "/photos",@incoming.path
213
- assert_equal :get,@incoming.method
214
- assert_equal @request.to_auth_string, @incoming.env['HTTP_AUTHORIZATION']
215
- assert_equal "dpf43f3p2l4k3l03",OAuth::Request.extract_consumer_key(@incoming)
216
-
217
-
218
-
219
- @request=OAuth::Request.incoming(@incoming)
220
- assert_equal '/photos?file=vacation.jpg&size=original',@request.path
221
-
222
- assert_equal orig_query_params,@request.http_parameters
223
-
224
- # test base string
225
- new_base=OAuth::Signature.create(@request,@consumer_secret).base_string
226
- assert_equal orig_base,new_base
227
-
228
- assert_equal 'GET',@request.http_method
229
- assert_equal "http://photos.example.net/photos?file=vacation.jpg&size=original",@request.url
230
- assert @request.signed?
231
-
232
- assert_equal( {
233
- :file=>"vacation.jpg",
234
- :size=>"original",
235
- :oauth_consumer_key=>"dpf43f3p2l4k3l03",
236
- :oauth_timestamp=>@request[:oauth_timestamp],
237
- :oauth_nonce=>@request[:oauth_nonce],
238
- :oauth_signature_method=>'HMAC-SHA1',
239
- :oauth_version=>"1.0",
240
- :oauth_signature=>orig_sig
241
- },@request.to_hash)
242
-
243
- assert @request.verify?(@consumer_secret)
244
- assert_equal orig_sig,@request.signature
245
- end
246
-
247
- def test_sign_access_token
248
- @consumer_secret="kd94hf93k423kf44"
249
- @token_secret="pfkkdhi9sl3r4s00"
250
- @test_params={
251
- :oauth_consumer_key=>"dpf43f3p2l4k3l03",
252
- :oauth_token=>"nnch734d00sl2jdk"
253
- }
254
-
255
- @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
256
- assert !@request.signed?
257
- assert !@request.verify?(@consumer_secret,@token_secret)
258
- @request.sign(@consumer_secret,@token_secret)
259
- assert @request.signed?
260
- assert @request.verify?(@consumer_secret,@token_secret)
261
- end
262
-
263
- def test_sign_post_request_url_form_encoded
264
- @consumer_secret="kd94hf93k423kf44"
265
- @token_secret="pfkkdhi9sl3r4s00"
266
- @test_params={
267
- :oauth_consumer_key=>"dpf43f3p2l4k3l03",
268
- :oauth_token=>"nnch734d00sl2jdk"
269
- }
270
-
271
- @request=OAuth::Request.new( :post,'http://photos.example.net','/photos', @test_params,"file=vacation.jpg&size=original")
272
- assert_equal "application/x-www-form-urlencoded",@request.content_type
273
- assert !@request.signed?
274
- assert !@request.verify?(@consumer_secret,@token_secret)
275
- @request.sign(@consumer_secret,@token_secret)
276
- assert @request.signed?
277
- assert @request.verify?(@consumer_secret,@token_secret)
278
- assert_equal "file=vacation.jpg&size=original",@request.body
279
- end
280
-
281
-
282
- end