oauth 0.1.1 → 0.2.0

data/website/index.txt

@@ -4,12 +4,13 @@ h2. What
 
 This is a RubyGem for implementing both OAuth clients and servers in Ruby applications.
 
-See the "OAuth specs":http://oauth.googlecode.com/svn/spec/branches/1.0/drafts/7/spec.html
+See the "OAuth specs":http://oauth.net/core/1.0/
 
 h2. Installing
 
 <pre syntax="ruby">sudo gem install oauth</pre>
 
+You can also install it from the "oauth rubyforge project":http://rubyforge.org/projects/oauth/.
 
 h2. The basics
 
@@ -21,9 +22,7 @@ h2. Demonstration of usage
 
 Create a new consumer instance by passing it a configuration hash:
 
-<pre><code>@consumer=OAuth::Consumer.new( {
-    :consumer_key=>"key",
-    :consumer_secret=>"secret",
+<pre><code>@consumer=OAuth::Consumer.new( "key","secret", {
     :site=>"https://agree2"
     })</code></pre>
 
@@ -54,7 +53,7 @@ h2. How to submit patches
 
 Read the "8 steps for fixing other people's code":http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/ and for section "8b: Submit patch to Google Groups":http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/#8b-google-groups, use the Google Group above.
 
-The trunk repository is <code>svn://rubyforge.org/var/svn/oauth/trunk</code> for anonymous access.
+The trunk repository is <code>http://oauth.rubyforge.org/svn/trunk/</code> for anonymous access.
 
 h2. License
 
@@ -62,5 +61,5 @@ This code is free to use under the terms of the MIT license.
 
 h2. Contact
 
-Comments are welcome. Send an email to "Pelle Braendgaard":mailto:pelleb@gmail.com email via the "forum":http://groups.google.com/group/oauth
+Comments are welcome. Send an email to "Pelle Braendgaard":mailto:pelleb@gmail.com email via the "OAuth Ruby mailing list":http://groups.google.com/group/oauth-ruby
 

metadata

@@ -1,15 +1,17 @@
 --- !ruby/object:Gem::Specification 
 name: oauth
 version: !ruby/object:Gem::Version 
-  version: 0.1.1
-platform: ""
+  version: 0.2.0
+platform: ruby
 authors: 
 - Pelle Braendgaard
+- Blaine Cook
+- Larry Halff
 autorequire: 
 bindir: bin
 cert_chain: []
 
-date: 2007-11-26 00:00:00 -08:00
+date: 2008-01-21 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -42,13 +44,28 @@ files:
 - config/hoe.rb
 - config/requirements.rb
 - lib/oauth.rb
+- lib/oauth/client.rb
+- lib/oauth/client/action_controller_request.rb
+- lib/oauth/client/helper.rb
+- lib/oauth/client/net_http.rb
 - lib/oauth/consumer.rb
-- lib/oauth/consumer_credentials.rb
-- lib/oauth/key.rb
-- lib/oauth/oauth_test_helper.rb
-- lib/oauth/request.rb
+- lib/oauth/helper.rb
+- lib/oauth/request_proxy.rb
+- lib/oauth/request_proxy/action_controller_request.rb
+- lib/oauth/request_proxy/base.rb
+- lib/oauth/request_proxy/net_http.rb
 - lib/oauth/server.rb
 - lib/oauth/signature.rb
+- lib/oauth/signature/base.rb
+- lib/oauth/signature/hmac/base.rb
+- lib/oauth/signature/hmac/md5.rb
+- lib/oauth/signature/hmac/rmd160.rb
+- lib/oauth/signature/hmac/sha1.rb
+- lib/oauth/signature/hmac/sha2.rb
+- lib/oauth/signature/md5.rb
+- lib/oauth/signature/plaintext.rb
+- lib/oauth/signature/rsa/sha1.rb
+- lib/oauth/signature/sha1.rb
 - lib/oauth/token.rb
 - lib/oauth/version.rb
 - script/destroy
@@ -58,12 +75,15 @@ files:
 - tasks/deployment.rake
 - tasks/environment.rake
 - tasks/website.rake
+- test/test_action_controller_request_proxy.rb
 - test/test_consumer.rb
 - test/test_helper.rb
-- test/test_oauth.rb
-- test/test_request.rb
-- test/test_server.rb
+- test/test_hmac_sha1.rb
+- test/test_net_http_client.rb
+- test/test_net_http_request_proxy.rb
 - test/test_signature.rb
+- test/test_signature_base.rb
+- test/test_token.rb
 - website/index.html
 - website/index.txt
 - website/javascripts/rounded_corners_lite.inc.js
@@ -92,14 +112,18 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: oauth
-rubygems_version: 0.9.5
+rubygems_version: 1.0.1
 signing_key: 
 specification_version: 2
 summary: OAuth Core Ruby implementation
 test_files: 
+- test/test_action_controller_request_proxy.rb
 - test/test_consumer.rb
 - test/test_helper.rb
-- test/test_oauth.rb
-- test/test_request.rb
+- test/test_hmac_sha1.rb
+- test/test_net_http_client.rb
+- test/test_net_http_request_proxy.rb
 - test/test_server.rb
 - test/test_signature.rb
+- test/test_signature_base.rb
+- test/test_token.rb

data/lib/oauth/consumer_credentials.rb

@@ -1,12 +0,0 @@
-module OAuth
-  class ConsumerCredentials
-    attr_accessor :key, :secret
-
-    def initialize(key, secret)
-      @key = key
-      @secret = secret
-      raise ArgumentError, 'Missing consumer credentials ("key and/or secret")' unless @key && @secret
-    end
-  end
-  
-end

data/lib/oauth/oauth_test_helper.rb

@@ -1,24 +0,0 @@
-module OAuth
-  module OAuthTestHelper
-    
-    def mock_incoming_request_with_query(request)
-      incoming=ActionController::TestRequest.new(request.to_hash)
-      incoming.request_uri=request.path
-      incoming.env["SERVER_PORT"]=request.uri.port
-      incoming.host=request.uri.host
-      incoming.env['REQUEST_METHOD']=request.http_method
-      incoming
-    end
-
-    def mock_incoming_request_with_authorize_header(request)
-      incoming=ActionController::TestRequest.new
-      incoming.env["HTTP_AUTHORIZATION"]=request.to_auth_string
-      incoming.request_uri=request.path
-      incoming.env["SERVER_PORT"]=request.uri.port
-      incoming.host=request.uri.host
-      incoming.env['REQUEST_METHOD']=request.http_method
-      incoming
-    end
-  
-  end
-end

data/lib/oauth/request.rb

@@ -1,258 +0,0 @@
-require 'uri'
-require 'cgi'
-require 'open-uri'
-require 'net/http' 
-module OAuth
-  # This encapsulates all the request details for OAuth.
-  #
-  # On the consumer side you shouldn't use this directly but rather Use consumer.get_request_token for the initial token
-  # and access token for actual web service calls
-  #
-  # On the service provider side there are various interesting methods.
-  #
-  # To find the consumer_key for a request in a rails app do:
-  # 
-  #   @consumer_key=OAuth::Request.extract_consumer_key(request)
-  #
-  # To extract an OAuth::Request for a rails request in a rails app do:
-  #
-  #   @oauth_request=OAuth::Request.incoming(request)
-  #   @token=AccessToken.find_by_token @oauth_request.token
-  #   return @oauth_request.verify?(@token.client_application.secret,@token.secret)
-  #
-  # This example assumes an ActiveRecord Model called AccessToken with a token and a secret column.
-  # This is associated with a ActiveRecord Model ClientApplication (the consumer), which has a key and secret column.
-  #
-  class Request
-    include OAuth::Key
-    
-    attr_accessor :oauth_params,:headers,:site,:path,:realm,:body,:auth_method
-    
-    @@default_oauth_params={:oauth_signature_method=>'HMAC-SHA1',:oauth_version=>"1.0",:realm=>''}
-    
-    def initialize(http_method,site,path,oauth_params={},*arguments)
-      # ensure that keys are symbols
-      @oauth_params=@@default_oauth_params.merge( oauth_params.inject({}) do |options, (key, value)|
-        options[key.to_sym] = value
-        options
-      end)
-      self.http_method=http_method
-      self.site=site
-      self.path=path
-      self.realm=@oauth_params.delete(:realm)
-      self.auth_method=@oauth_params.delete(:auth_method)||:authorize
-      self.body=arguments.shift if ['POST','PUT'].include?(self.http_method)
-      self.headers=arguments.shift||{}
-      self.headers['Content-Type']||='application/x-www-form-urlencoded' if ['POST','PUT'].include?(self.http_method)
-
-      self[:oauth_timestamp]=create_timestamp unless self.timestamp
-      self[:oauth_nonce]=generate_key(24) unless self.nonce
-      
-      # Default to Authorize header if http method doesn't support the specified auth_method
-      if ['GET','HEAD','DELETE'].include?(self.http_method)
-        self.auth_method=:authorize unless self.auth_method==:query
-      else
-        self.auth_method=:authorize unless self.auth_method==:post
-      end
-
-    end
-    
-    # Use to extract the consumer key from a http request object
-    # This is intended for use on the server
-    def self.extract_consumer_key(http_request)
-      auth=http_request.env["HTTP_AUTHORIZATION"]
-      if auth && auth[0..5]=="OAuth "&&auth=~/ oauth_consumer_key="([^, ]+)"/
-        $1
-      else
-        http_request.parameters[:oauth_consumer_key]
-      end
-    end
-    
-    # This takes a rails like Request and returns an OAuth request object
-    def self.incoming(http_request)
-      auth=http_request.env["HTTP_AUTHORIZATION"]
-      if auth && auth[0..5]=="OAuth "
-        parameters=auth[6,auth.size].scan(/ ([^= ]+)="([^"]*)",?/).inject({}) do |h,(k,v)| 
-          h[k.to_sym]=CGI.unescape(v)
-          h
-        end
-        _path=http_request.request_uri
-      else
-        parameters=http_request.query_parameters#.reject{|k,v| ['controller','action'].include?(k)}
-#        non_oauth=to_name_value_pair_array(http_request.query_parameters.reject(){|k,v| k.to_s=~/oauth_/}).join(/&/)
-        _path=http_request.request_uri
-#        _path=http_request.path+'?'+non_auth
-      end
-      if http_request.post?||http_request.put?
-        Request.new(http_request.method,"http://#{http_request.host_with_port}",_path,parameters,http_request.raw_post,{'Content-Type'=>http_request.content_type})
-      else
-        Request.new(http_request.method,"http://#{http_request.host_with_port}",_path,parameters)
-      end
-    end
-        
-    def perform(consumer_secret,token_secret=nil)
-      http_klass=(uri.scheme=="https" ? Net::HTTPS : Net::HTTP)
-      http_klass.start(uri.host,uri.port) do |http|
-        sign(consumer_secret,token_secret)
-        
-        case auth_method
-        when :query
-          _path="#{uri.path}?#{to_query}"
-        when :post
-          self.body=to_query
-        else
-          headers['Authorization']=to_auth_string
-        end
-        _path||=path
-        # TODO if realm is set use auth header
-        if (['POST','PUT'].include?(http_method))
-#          headers['Content-Length']=body.size.to_s unless body.nil?          
-          http.send(http_method.downcase.to_sym,_path,body,headers)
-        else # any request without a body
-          http.send(http_method.downcase.to_sym,_path,headers)
-        end
-      end
-    end
-    
-    def perform_token_request(consumer_secret,token_secret=nil)
-      response=perform(consumer_secret,token_secret)
-      if response.code=="200"
-        CGI.parse(response.body).inject({}){|h,(k,v)| h[k.to_sym]=v.first;h}
-      else 
-        response.error! 
-      end 
-    end
-    
-    def http_method=(value)
-      @http_method=value.to_s.strip.upcase
-    end
-    
-    def http_method
-      @http_method
-    end
-    
-    def content_type
-      @content_type||=headers['Content-Type']
-    end
-    
-    def site=(_site)
-      @site=_site.downcase
-      @uri=nil # invalidate uri
-      @site
-    end
-    
-    def path=(_path)
-      @path=_path
-      @uri=nil # invalidate uri
-      @path
-    end
-
-    def uri
-      @uri||=URI.parse(url)
-    end
-    
-    def url
-      (site+path)
-    end
-    
-    # produces a hash of the query or post parameters depending on http method
-    def http_parameters
-      @http_params||=parse_url_form_encoded( body||uri.query||'') 
-    end
-    
-    def parse_url_form_encoded(string)
-      CGI.parse(string).inject({}){|h,(k,v)| h[k.to_sym]=v[0];h}
-    end
-    
-    def normalized_url
-      uri=URI.split(url)
-      if uri[3].nil?||(uri[3]=='80'&&uri[0]=='http')||(uri[3]=='443'&&uri[0]=='https')
-        port=""
-      else
-        port=":#{uri[3]}"
-      end
-      "#{uri[0]}://#{uri[2]}#{port}#{uri[5]}"
-    end
-    
-    def [](key)
-      oauth_params[key.to_sym]
-    end
-    
-    def []=(key,value)
-      oauth_params[key.to_sym]=value
-    end
-    
-    def timestamp
-      self[:oauth_timestamp]
-    end
-    
-    def create_timestamp
-      Time.now.utc.to_i.to_s
-    end
-    
-    def nonce
-      self[:oauth_nonce]
-    end
-
-    def token
-      self[:oauth_token]
-    end
-    
-    def to_name_value_pair_array(hash,with={})
-      hash.merge(with).collect{|(key,value)| "#{escape(key.to_s)}=#{escape(value)}"}.sort
-    end
-
-    def to_hash(with={})
-      oauth_params.merge(http_parameters).merge(with)
-    end
-    
-    def to_query(with={})
-      (to_name_value_pair_array(to_hash(with))).sort.join("&")
-    end
-
-    def to_query_without_signature(with={})
-      (to_name_value_pair_array(oauth_params_without_signature,with)).sort.join("&")
-    end
-
-    def to_auth_string
-      "OAuth realm=\"#{realm}\", "+oauth_params.collect{|(key,value)| "#{escape(key.to_s)}=\"#{escape(value)}\""}.sort.join(", ")
-    end
-    
-    def to_base_string(secret)
-      to_query({:oauth_secret=>secret})
-    end
-
-    def oauth_params_without_signature
-      to_hash.reject{|key,value| key.to_sym==:oauth_signature}
-    end
-    
-    def signature
-      self[:oauth_signature]
-    end
-
-    def signature=(_signature)
-      self[:oauth_signature]=_signature
-    end
-    
-    def signature_method
-      self[:oauth_signature_method]
-    end
-        
-    def signature_method=(_signature_method)
-      self[:oauth_signature_method]=_signature_method
-    end
-
-    def signed?
-      signature!=nil
-    end
-    
-    def sign(consumer_secret,token_secret=nil)
-      OAuth::Signature.create(self,consumer_secret,token_secret).sign!
-    end
-    
-    def verify?(consumer_secret,token_secret=nil)
-      OAuth::Signature.create(self,consumer_secret,token_secret).verify?
-    end
-    
-  end
-end

data/test/test_oauth.rb

@@ -1,11 +0,0 @@
-require File.dirname(__FILE__) + '/test_helper.rb'
-
-class TestOauth < Test::Unit::TestCase
-
-  def setup
-  end
-  
-  def test_truth
-    assert true
-  end
-end

data/test/test_request.rb

@@ -1,282 +0,0 @@
-require 'rubygems'
-require 'test/unit'
-require 'action_controller'
-require 'action_controller/test_process'
-require 'oauth'
-class RequestTest < Test::Unit::TestCase
-  include OAuth::Key
-  include OAuth::OAuthTestHelper
-  
-  def setup
-    @request=OAuth::Request.new( :get,"http://test.COM:80","/oauth?stuff=1&picture=test.png", {:realm=>'http://test.com/oauth/authorize',:oauth_field1=>"test",:oauth_field2=>"hello",'string_key'=>"should be set"})
-  end
-  
-  def test_accessors
-    #as symbols
-    assert_equal @request[:oauth_field1],"test"
-    assert_equal @request[:oauth_field2],"hello"
-    assert_equal @request[:string_key],"should be set"    
-    assert_equal @request[:oauth_signature_method],"HMAC-SHA1"    
-    #as strings
-    assert_equal @request['oauth_field1'],"test"
-    assert_equal @request['oauth_field2'],"hello"
-    assert_equal @request['string_key'],"should be set"    
-  end
-  
-  def test_to_query
-    assert_equal "oauth_field1=test&oauth_field2=hello&oauth_nonce=#{URI.escape(@request.nonce)}&oauth_signature_method=HMAC-SHA1&oauth_timestamp=#{@request.timestamp}&oauth_version=1.0&picture=test.png&string_key=should%20be%20set&stuff=1",@request.to_query
-  end
-
-  def test_to_auth_string
-    assert_equal "OAuth realm=\"http://test.com/oauth/authorize\", oauth_field1=\"test\", oauth_field2=\"hello\", oauth_nonce=\"#{URI.escape(@request.nonce)}\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"#{@request.timestamp}\", oauth_version=\"1.0\", string_key=\"should%20be%20set\"",@request.to_auth_string
-  end
-  
-  def test_has_http_method
-    assert_equal "GET",@request.http_method
-  end
-  
-  def test_has_realm
-    assert_equal 'http://test.com/oauth/authorize',@request.realm
-  end
-  
-  def test_removed_realm_from_params
-    assert_nil @request[:realm]
-  end
-
-  def test_url_normalization
-    #should remove port 80 from http
-    assert_equal "http://test.com:80/oauth?stuff=1&picture=test.png",@request.url
-    assert_equal "http://test.com/oauth",@request.normalized_url
-
-    # should not have port
-    @request.site="http://test.com"
-    assert_equal "http://test.com/oauth?stuff=1&picture=test.png",@request.url
-    assert_equal "http://test.com/oauth",@request.normalized_url
-    
-    #should remove port 443 from https
-    @request.site="https://test.com:443"
-    assert_equal "https://test.com:443/oauth?stuff=1&picture=test.png",@request.url
-    assert_equal "https://test.com/oauth",@request.normalized_url
-    
-    #should retain port number
-    @request.site="https://test.com:11822"
-    assert_equal "https://test.com:11822/oauth?stuff=1&picture=test.png",@request.url
-    assert_equal "https://test.com:11822/oauth",@request.normalized_url
-    
-    # should retain port 80 on https
-    @request.site="https://test.com:80"
-    assert_equal "https://test.com:80/oauth?stuff=1&picture=test.png",@request.url
-    assert_equal "https://test.com:80/oauth",@request.normalized_url
-
-    # should retain port 443 on http
-    @request.site="http://test.com:443"
-    assert_equal "http://test.com:443/oauth?stuff=1&picture=test.png",@request.url
-    assert_equal "http://test.com:443/oauth",@request.normalized_url
-    
-  end
-
-  def test_auth_methods_on_various_http_methods
-    # defaults
-    assert_equal :authorize,create_request(:get).auth_method
-    assert_equal :authorize,create_request(:head).auth_method
-    assert_equal :authorize,create_request(:delete).auth_method
-    assert_equal :authorize,create_request(:post).auth_method
-    assert_equal :authorize,create_request(:put).auth_method
-    
-    # authorize
-    assert_equal :authorize,create_request(:get,{:auth_method=>:authorize}).auth_method
-    assert_equal :authorize,create_request(:head,{:auth_method=>:authorize}).auth_method
-    assert_equal :authorize,create_request(:delete,{:auth_method=>:authorize}).auth_method
-    assert_equal :authorize,create_request(:post,{:auth_method=>:authorize}).auth_method
-    assert_equal :authorize,create_request(:put,{:auth_method=>:authorize}).auth_method
-    
-    # query
-    assert_equal :query,create_request(:get,{:auth_method=>:query}).auth_method
-    assert_equal :query,create_request(:head,{:auth_method=>:query}).auth_method
-    assert_equal :query,create_request(:delete,{:auth_method=>:query}).auth_method
-    assert_equal :authorize,create_request(:post,{:auth_method=>:query}).auth_method
-    assert_equal :authorize,create_request(:put,{:auth_method=>:query}).auth_method
-
-    # post
-    assert_equal :authorize,create_request(:get,{:auth_method=>:post}).auth_method
-    assert_equal :authorize,create_request(:head,{:auth_method=>:post}).auth_method
-    assert_equal :authorize,create_request(:delete,{:auth_method=>:post}).auth_method
-    assert_equal :post,create_request(:post,{:auth_method=>:post}).auth_method
-    assert_equal :post,create_request(:put,{:auth_method=>:post}).auth_method
-  end
-
-  def create_request(http_method,params={},*arguments)
-    OAuth::Request.new( http_method,'http://photos.example.net','/test',{
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03"
-    }.merge(params),*arguments)
-  end
-  
-  def test_has_body
-    request=create_request(:post,{},"BODY")
-    assert_equal "BODY",request.body
-    
-  end
-  def test_has_nonce
-    assert_not_nil @request.nonce
-  end
-
-  def test_has_timestamp
-    assert_not_nil @request.timestamp
-  end
-  
-  def test_not_signed
-    assert !@request.signed?
-  end
-
-  def test_has_signature_method
-    assert_equal @request.signature_method,"HMAC-SHA1"  
-  end
-  
-  def test_not_signed
-    assert !@request.signed?
-  end
-
-  def test_not_verified
-    assert !@request.verify?("secret")    
-  end
-
-  def test_sign_request_token_with_query_string
-    @consumer_secret="kd94hf93k423kf44"
-    @test_params={
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03"
-    }
-    
-    @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
-    assert !@request.signed?
-    assert !@request.verify?(@consumer_secret)
-    @request.sign(@consumer_secret)    
-    assert @request.signed?
-    assert @request.verify?(@consumer_secret)    
-    orig_sig=@request.signature
-    
-    @incoming=mock_incoming_request_with_query(@request)
-    assert_equal "photos.example.net",@incoming.host_with_port
-    assert_equal "/photos",@incoming.path
-    assert_equal :get,@incoming.method
-    assert_equal( {"file"=>"vacation.jpg",
-      "size"=>"original",
-      "oauth_consumer_key"=>"dpf43f3p2l4k3l03",
-      'oauth_timestamp'=>@request[:oauth_timestamp],
-      "oauth_nonce"=>@request[:oauth_nonce],
-      "oauth_signature_method"=>'HMAC-SHA1',
-      "oauth_version"=>"1.0",
-      "oauth_signature"=>orig_sig
-      },@incoming.parameters)
-      
-      
-    assert_equal "dpf43f3p2l4k3l03",OAuth::Request.extract_consumer_key(@incoming)
-    
-    @request=OAuth::Request.incoming(@incoming)
-    assert @request.signed?
-    assert_equal( {
-      :file=>"vacation.jpg",
-      :size=>"original",
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
-      :oauth_timestamp=>@request[:oauth_timestamp],
-      :oauth_nonce=>@request[:oauth_nonce],
-      :oauth_signature_method=>'HMAC-SHA1',
-      :oauth_version=>"1.0",
-      :oauth_signature=>orig_sig
-      },@request.to_hash)
-    assert @request.verify?(@consumer_secret)
-    assert_equal orig_sig,@request.signature
-  end
-
-  def test_sign_request_token_with_authorize_header
-    @consumer_secret="kd94hf93k423kf44"
-    @test_params={
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
-      :realm=>"http://photos.example.net/oauth/authorize"
-    }
-    
-    @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
-    assert !@request.signed?
-    assert !@request.verify?(@consumer_secret)
-    
-    @request.sign(@consumer_secret)    
-    assert @request.signed?
-    assert @request.verify?(@consumer_secret)    
-    assert_equal '/photos?file=vacation.jpg&size=original',@request.path
-    orig_sig=@request.signature
-    orig_base=OAuth::Signature.create(@request,@consumer_secret).base_string
-    
-    orig_query_params=@request.http_parameters
-    
-    @incoming=mock_incoming_request_with_authorize_header(@request)
-    assert_equal "photos.example.net",@incoming.host_with_port
-    assert_equal "/photos",@incoming.path
-    assert_equal :get,@incoming.method
-    assert_equal @request.to_auth_string, @incoming.env['HTTP_AUTHORIZATION']
-    assert_equal "dpf43f3p2l4k3l03",OAuth::Request.extract_consumer_key(@incoming)
-    
-
-    
-    @request=OAuth::Request.incoming(@incoming)
-    assert_equal '/photos?file=vacation.jpg&size=original',@request.path
-    
-    assert_equal orig_query_params,@request.http_parameters
-    
-    # test base string
-    new_base=OAuth::Signature.create(@request,@consumer_secret).base_string
-    assert_equal orig_base,new_base
-    
-    assert_equal 'GET',@request.http_method
-    assert_equal "http://photos.example.net/photos?file=vacation.jpg&size=original",@request.url
-    assert @request.signed?
-
-    assert_equal( {
-      :file=>"vacation.jpg",
-      :size=>"original",
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
-      :oauth_timestamp=>@request[:oauth_timestamp],
-      :oauth_nonce=>@request[:oauth_nonce],
-      :oauth_signature_method=>'HMAC-SHA1',
-      :oauth_version=>"1.0",
-      :oauth_signature=>orig_sig
-      },@request.to_hash)
-
-    assert @request.verify?(@consumer_secret)
-    assert_equal orig_sig,@request.signature
-  end
-    
-  def test_sign_access_token
-    @consumer_secret="kd94hf93k423kf44"
-    @token_secret="pfkkdhi9sl3r4s00"
-    @test_params={
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
-      :oauth_token=>"nnch734d00sl2jdk"
-    }
-    
-    @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
-    assert !@request.signed?
-    assert !@request.verify?(@consumer_secret,@token_secret)    
-    @request.sign(@consumer_secret,@token_secret)    
-    assert @request.signed?
-    assert @request.verify?(@consumer_secret,@token_secret)    
-  end
-
-  def test_sign_post_request_url_form_encoded
-    @consumer_secret="kd94hf93k423kf44"
-    @token_secret="pfkkdhi9sl3r4s00"
-    @test_params={
-      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
-      :oauth_token=>"nnch734d00sl2jdk"
-    }
-    
-    @request=OAuth::Request.new( :post,'http://photos.example.net','/photos', @test_params,"file=vacation.jpg&size=original")
-    assert_equal "application/x-www-form-urlencoded",@request.content_type
-    assert !@request.signed?
-    assert !@request.verify?(@consumer_secret,@token_secret)
-    @request.sign(@consumer_secret,@token_secret)    
-    assert @request.signed?
-    assert @request.verify?(@consumer_secret,@token_secret)
-    assert_equal "file=vacation.jpg&size=original",@request.body
-  end
-
-  
-end