oauth 0.1.1

data/tasks/deployment.rake

@@ -0,0 +1,34 @@
+desc 'Release the website and new gem version'
+task :deploy => [:check_version, :website, :release] do
+  puts "Remember to create SVN tag:"
+  puts "svn copy svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/trunk " +
+    "svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/tags/REL-#{VERS} "
+  puts "Suggested comment:"
+  puts "Tagging release #{CHANGES}"
+end
+
+desc 'Runs tasks website_generate and install_gem as a local deployment of the gem'
+task :local_deploy => [:website_generate, :install_gem]
+
+task :check_version do
+  unless ENV['VERSION']
+    puts 'Must pass a VERSION=x.y.z release version'
+    exit
+  end
+  unless ENV['VERSION'] == VERS
+    puts "Please update your version.rb to match the release version, currently #{VERS}"
+    exit
+  end
+end
+
+desc 'Install the package as a gem, without generating documentation(ri/rdoc)'
+task :install_gem_no_doc => [:clean, :package] do
+  sh "#{'sudo ' unless Hoe::WINDOZE }gem install pkg/*.gem --no-rdoc --no-ri"
+end
+
+namespace :manifest do
+  desc 'Recreate Manifest.txt to include ALL files'
+  task :refresh do
+    `rake check_manifest | patch -p0 > Manifest.txt`
+  end
+end

data/tasks/environment.rake

@@ -0,0 +1,7 @@
+task :ruby_env do
+  RUBY_APP = if RUBY_PLATFORM =~ /java/
+    "jruby"
+  else
+    "ruby"
+  end unless defined? RUBY_APP
+end

data/tasks/website.rake

@@ -0,0 +1,17 @@
+desc 'Generate website files'
+task :website_generate => :ruby_env do
+  (Dir['website/**/*.txt'] - Dir['website/version*.txt']).each do |txt|
+    sh %{ #{RUBY_APP} script/txt2html #{txt} > #{txt.gsub(/txt$/,'html')} }
+  end
+end
+
+desc 'Upload website files to rubyforge'
+task :website_upload do
+  host = "#{rubyforge_username}@rubyforge.org"
+  remote_dir = "/var/www/gforge-projects/#{PATH}/"
+  local_dir = 'website'
+  sh %{rsync -aCv #{local_dir}/ #{host}:#{remote_dir}}
+end
+
+desc 'Generate and upload website files'
+task :website => [:website_generate, :website_upload, :publish_docs]

data/test/test_consumer.rb

@@ -0,0 +1,116 @@
+require 'test/unit'
+require 'oauth'
+
+# This performs testing against Andy Smith's test server http://term.ie/oauth/example/
+# Thanks Andy.
+# This also means you have to be online to be able to run these.
+class ConsumerTest < Test::Unit::TestCase
+  def setup
+    @consumer=OAuth::Consumer.new( {
+        :consumer_key=>"key",
+        :consumer_secret=>"secret",
+        :site=>"http://term.ie",
+        :request_token_path=>"/oauth/example/request_token.php",
+        :access_token_path=>"/oauth/example/access_token.php",
+        :authorize_path=>"/oauth/example/authorize.php",
+        :auth_method=>:query,
+        :http_method=>:get
+        })
+  end
+  
+  def test_initializer
+    assert_equal "key",@consumer.key
+    assert_equal "secret",@consumer.secret
+    assert_equal "http://term.ie",@consumer.site
+    assert_equal "/oauth/example/request_token.php",@consumer.request_token_path
+    assert_equal "/oauth/example/access_token.php",@consumer.access_token_path
+    assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
+    assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
+    assert_equal :query,@consumer.auth_method
+    assert_equal :get,@consumer.http_method
+  end
+
+  def test_defaults
+    @consumer=OAuth::Consumer.new( {
+        :consumer_key=>"key",
+        :consumer_secret=>"secret",
+        :site=>"http://twitter.com"
+    })
+    assert_equal "key",@consumer.key
+    assert_equal "secret",@consumer.secret
+    assert_equal "http://twitter.com",@consumer.site
+    assert_equal "/oauth/request_token",@consumer.request_token_path
+    assert_equal "/oauth/access_token",@consumer.access_token_path
+    assert_equal "http://twitter.com/oauth/request_token",@consumer.request_token_url
+    assert_equal "http://twitter.com/oauth/access_token",@consumer.access_token_url
+    assert_equal :authorize,@consumer.auth_method
+    assert_equal :post,@consumer.http_method 
+  end
+  
+  def test_create_request
+    request=@consumer.create_request :get,'/oauth/example/request_token.php'
+    assert_equal 'http://term.ie/oauth/example/request_token.php',request.url
+    assert "key",request[:consumer_key]
+    assert !request.signed?
+  end
+  
+  def test_create_post_request
+    request=@consumer.create_request(:post,'/oauth/example',{:oauth_token=>"token"},"BODY")
+    assert_equal "token",request[:oauth_token]
+    assert_equal "BODY",request.body
+  end
+
+  def test_create_put_request
+    request=@consumer.create_request(:put,'/oauth/example',{:oauth_token=>"token"},"BODY")
+    assert_equal "token",request[:oauth_token]
+    assert_equal "BODY",request.body
+  end
+  
+  def test_signed_request
+    request=@consumer.signed_request :get,'/oauth/example/request_token.php'
+    assert_equal 'http://term.ie/oauth/example/request_token.php',request.url
+    assert "key",request[:consumer_key]
+    assert request.signed?
+    assert request.verify?(@consumer.secret)        
+  end
+  
+  def test_create_signed_post_request
+    request=@consumer.signed_request(:post,'/oauth/example',{:oauth_token=>"token"},'token secret',"BODY")
+    assert_equal "token",request[:oauth_token]
+    assert_equal "BODY",request.body
+    assert request.signed?
+    assert request.verify?(@consumer.secret,'token secret')        
+  end
+  
+  def test_create_signed_put_request
+    request=@consumer.signed_request(:put,'/oauth/example',{:oauth_token=>"token"},'token secret',"BODY")
+    assert_equal "token",request[:oauth_token]
+    assert_equal "BODY",request.body
+    assert request.signed?
+    assert request.verify?(@consumer.secret,'token secret')        
+  end
+  
+  def test_get_token_sequence
+    @request_token=@consumer.get_request_token
+    assert_not_nil @request_token
+    assert_equal "requestkey",@request_token.token
+    assert_equal "requestsecret",@request_token.secret
+    assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
+
+    @access_token=@request_token.get_access_token
+    assert_not_nil @access_token
+    assert_equal "accesskey",@access_token.token
+    assert_equal "accesssecret",@access_token.secret
+    
+    @response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
+    assert_not_nil @response
+    assert_equal "200",@response.code
+    assert_equal( "ok=hello&test=this",@response.body)
+    
+    @response=@access_token.post("/oauth/example/echo_api.php","ok=hello&test=this")
+    assert_not_nil @response
+    assert_equal "200",@response.code
+    assert_equal( "ok=hello&test=this",@response.body)
+    
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,2 @@
+require 'test/unit'
+require File.dirname(__FILE__) + '/../lib/oauth'

data/test/test_oauth.rb

@@ -0,0 +1,11 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class TestOauth < Test::Unit::TestCase
+
+  def setup
+  end
+  
+  def test_truth
+    assert true
+  end
+end

data/test/test_request.rb

@@ -0,0 +1,282 @@
+require 'rubygems'
+require 'test/unit'
+require 'action_controller'
+require 'action_controller/test_process'
+require 'oauth'
+class RequestTest < Test::Unit::TestCase
+  include OAuth::Key
+  include OAuth::OAuthTestHelper
+  
+  def setup
+    @request=OAuth::Request.new( :get,"http://test.COM:80","/oauth?stuff=1&picture=test.png", {:realm=>'http://test.com/oauth/authorize',:oauth_field1=>"test",:oauth_field2=>"hello",'string_key'=>"should be set"})
+  end
+  
+  def test_accessors
+    #as symbols
+    assert_equal @request[:oauth_field1],"test"
+    assert_equal @request[:oauth_field2],"hello"
+    assert_equal @request[:string_key],"should be set"    
+    assert_equal @request[:oauth_signature_method],"HMAC-SHA1"    
+    #as strings
+    assert_equal @request['oauth_field1'],"test"
+    assert_equal @request['oauth_field2'],"hello"
+    assert_equal @request['string_key'],"should be set"    
+  end
+  
+  def test_to_query
+    assert_equal "oauth_field1=test&oauth_field2=hello&oauth_nonce=#{URI.escape(@request.nonce)}&oauth_signature_method=HMAC-SHA1&oauth_timestamp=#{@request.timestamp}&oauth_version=1.0&picture=test.png&string_key=should%20be%20set&stuff=1",@request.to_query
+  end
+
+  def test_to_auth_string
+    assert_equal "OAuth realm=\"http://test.com/oauth/authorize\", oauth_field1=\"test\", oauth_field2=\"hello\", oauth_nonce=\"#{URI.escape(@request.nonce)}\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"#{@request.timestamp}\", oauth_version=\"1.0\", string_key=\"should%20be%20set\"",@request.to_auth_string
+  end
+  
+  def test_has_http_method
+    assert_equal "GET",@request.http_method
+  end
+  
+  def test_has_realm
+    assert_equal 'http://test.com/oauth/authorize',@request.realm
+  end
+  
+  def test_removed_realm_from_params
+    assert_nil @request[:realm]
+  end
+
+  def test_url_normalization
+    #should remove port 80 from http
+    assert_equal "http://test.com:80/oauth?stuff=1&picture=test.png",@request.url
+    assert_equal "http://test.com/oauth",@request.normalized_url
+
+    # should not have port
+    @request.site="http://test.com"
+    assert_equal "http://test.com/oauth?stuff=1&picture=test.png",@request.url
+    assert_equal "http://test.com/oauth",@request.normalized_url
+    
+    #should remove port 443 from https
+    @request.site="https://test.com:443"
+    assert_equal "https://test.com:443/oauth?stuff=1&picture=test.png",@request.url
+    assert_equal "https://test.com/oauth",@request.normalized_url
+    
+    #should retain port number
+    @request.site="https://test.com:11822"
+    assert_equal "https://test.com:11822/oauth?stuff=1&picture=test.png",@request.url
+    assert_equal "https://test.com:11822/oauth",@request.normalized_url
+    
+    # should retain port 80 on https
+    @request.site="https://test.com:80"
+    assert_equal "https://test.com:80/oauth?stuff=1&picture=test.png",@request.url
+    assert_equal "https://test.com:80/oauth",@request.normalized_url
+
+    # should retain port 443 on http
+    @request.site="http://test.com:443"
+    assert_equal "http://test.com:443/oauth?stuff=1&picture=test.png",@request.url
+    assert_equal "http://test.com:443/oauth",@request.normalized_url
+    
+  end
+
+  def test_auth_methods_on_various_http_methods
+    # defaults
+    assert_equal :authorize,create_request(:get).auth_method
+    assert_equal :authorize,create_request(:head).auth_method
+    assert_equal :authorize,create_request(:delete).auth_method
+    assert_equal :authorize,create_request(:post).auth_method
+    assert_equal :authorize,create_request(:put).auth_method
+    
+    # authorize
+    assert_equal :authorize,create_request(:get,{:auth_method=>:authorize}).auth_method
+    assert_equal :authorize,create_request(:head,{:auth_method=>:authorize}).auth_method
+    assert_equal :authorize,create_request(:delete,{:auth_method=>:authorize}).auth_method
+    assert_equal :authorize,create_request(:post,{:auth_method=>:authorize}).auth_method
+    assert_equal :authorize,create_request(:put,{:auth_method=>:authorize}).auth_method
+    
+    # query
+    assert_equal :query,create_request(:get,{:auth_method=>:query}).auth_method
+    assert_equal :query,create_request(:head,{:auth_method=>:query}).auth_method
+    assert_equal :query,create_request(:delete,{:auth_method=>:query}).auth_method
+    assert_equal :authorize,create_request(:post,{:auth_method=>:query}).auth_method
+    assert_equal :authorize,create_request(:put,{:auth_method=>:query}).auth_method
+
+    # post
+    assert_equal :authorize,create_request(:get,{:auth_method=>:post}).auth_method
+    assert_equal :authorize,create_request(:head,{:auth_method=>:post}).auth_method
+    assert_equal :authorize,create_request(:delete,{:auth_method=>:post}).auth_method
+    assert_equal :post,create_request(:post,{:auth_method=>:post}).auth_method
+    assert_equal :post,create_request(:put,{:auth_method=>:post}).auth_method
+  end
+
+  def create_request(http_method,params={},*arguments)
+    OAuth::Request.new( http_method,'http://photos.example.net','/test',{
+      :oauth_consumer_key=>"dpf43f3p2l4k3l03"
+    }.merge(params),*arguments)
+  end
+  
+  def test_has_body
+    request=create_request(:post,{},"BODY")
+    assert_equal "BODY",request.body
+    
+  end
+  def test_has_nonce
+    assert_not_nil @request.nonce
+  end
+
+  def test_has_timestamp
+    assert_not_nil @request.timestamp
+  end
+  
+  def test_not_signed
+    assert !@request.signed?
+  end
+
+  def test_has_signature_method
+    assert_equal @request.signature_method,"HMAC-SHA1"  
+  end
+  
+  def test_not_signed
+    assert !@request.signed?
+  end
+
+  def test_not_verified
+    assert !@request.verify?("secret")    
+  end
+
+  def test_sign_request_token_with_query_string
+    @consumer_secret="kd94hf93k423kf44"
+    @test_params={
+      :oauth_consumer_key=>"dpf43f3p2l4k3l03"
+    }
+    
+    @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
+    assert !@request.signed?
+    assert !@request.verify?(@consumer_secret)
+    @request.sign(@consumer_secret)    
+    assert @request.signed?
+    assert @request.verify?(@consumer_secret)    
+    orig_sig=@request.signature
+    
+    @incoming=mock_incoming_request_with_query(@request)
+    assert_equal "photos.example.net",@incoming.host_with_port
+    assert_equal "/photos",@incoming.path
+    assert_equal :get,@incoming.method
+    assert_equal( {"file"=>"vacation.jpg",
+      "size"=>"original",
+      "oauth_consumer_key"=>"dpf43f3p2l4k3l03",
+      'oauth_timestamp'=>@request[:oauth_timestamp],
+      "oauth_nonce"=>@request[:oauth_nonce],
+      "oauth_signature_method"=>'HMAC-SHA1',
+      "oauth_version"=>"1.0",
+      "oauth_signature"=>orig_sig
+      },@incoming.parameters)
+      
+      
+    assert_equal "dpf43f3p2l4k3l03",OAuth::Request.extract_consumer_key(@incoming)
+    
+    @request=OAuth::Request.incoming(@incoming)
+    assert @request.signed?
+    assert_equal( {
+      :file=>"vacation.jpg",
+      :size=>"original",
+      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
+      :oauth_timestamp=>@request[:oauth_timestamp],
+      :oauth_nonce=>@request[:oauth_nonce],
+      :oauth_signature_method=>'HMAC-SHA1',
+      :oauth_version=>"1.0",
+      :oauth_signature=>orig_sig
+      },@request.to_hash)
+    assert @request.verify?(@consumer_secret)
+    assert_equal orig_sig,@request.signature
+  end
+
+  def test_sign_request_token_with_authorize_header
+    @consumer_secret="kd94hf93k423kf44"
+    @test_params={
+      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
+      :realm=>"http://photos.example.net/oauth/authorize"
+    }
+    
+    @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
+    assert !@request.signed?
+    assert !@request.verify?(@consumer_secret)
+    
+    @request.sign(@consumer_secret)    
+    assert @request.signed?
+    assert @request.verify?(@consumer_secret)    
+    assert_equal '/photos?file=vacation.jpg&size=original',@request.path
+    orig_sig=@request.signature
+    orig_base=OAuth::Signature.create(@request,@consumer_secret).base_string
+    
+    orig_query_params=@request.http_parameters
+    
+    @incoming=mock_incoming_request_with_authorize_header(@request)
+    assert_equal "photos.example.net",@incoming.host_with_port
+    assert_equal "/photos",@incoming.path
+    assert_equal :get,@incoming.method
+    assert_equal @request.to_auth_string, @incoming.env['HTTP_AUTHORIZATION']
+    assert_equal "dpf43f3p2l4k3l03",OAuth::Request.extract_consumer_key(@incoming)
+    
+
+    
+    @request=OAuth::Request.incoming(@incoming)
+    assert_equal '/photos?file=vacation.jpg&size=original',@request.path
+    
+    assert_equal orig_query_params,@request.http_parameters
+    
+    # test base string
+    new_base=OAuth::Signature.create(@request,@consumer_secret).base_string
+    assert_equal orig_base,new_base
+    
+    assert_equal 'GET',@request.http_method
+    assert_equal "http://photos.example.net/photos?file=vacation.jpg&size=original",@request.url
+    assert @request.signed?
+
+    assert_equal( {
+      :file=>"vacation.jpg",
+      :size=>"original",
+      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
+      :oauth_timestamp=>@request[:oauth_timestamp],
+      :oauth_nonce=>@request[:oauth_nonce],
+      :oauth_signature_method=>'HMAC-SHA1',
+      :oauth_version=>"1.0",
+      :oauth_signature=>orig_sig
+      },@request.to_hash)
+
+    assert @request.verify?(@consumer_secret)
+    assert_equal orig_sig,@request.signature
+  end
+    
+  def test_sign_access_token
+    @consumer_secret="kd94hf93k423kf44"
+    @token_secret="pfkkdhi9sl3r4s00"
+    @test_params={
+      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
+      :oauth_token=>"nnch734d00sl2jdk"
+    }
+    
+    @request=OAuth::Request.new( :get,'http://photos.example.net','/photos?file=vacation.jpg&size=original', @test_params)
+    assert !@request.signed?
+    assert !@request.verify?(@consumer_secret,@token_secret)    
+    @request.sign(@consumer_secret,@token_secret)    
+    assert @request.signed?
+    assert @request.verify?(@consumer_secret,@token_secret)    
+  end
+
+  def test_sign_post_request_url_form_encoded
+    @consumer_secret="kd94hf93k423kf44"
+    @token_secret="pfkkdhi9sl3r4s00"
+    @test_params={
+      :oauth_consumer_key=>"dpf43f3p2l4k3l03",
+      :oauth_token=>"nnch734d00sl2jdk"
+    }
+    
+    @request=OAuth::Request.new( :post,'http://photos.example.net','/photos', @test_params,"file=vacation.jpg&size=original")
+    assert_equal "application/x-www-form-urlencoded",@request.content_type
+    assert !@request.signed?
+    assert !@request.verify?(@consumer_secret,@token_secret)
+    @request.sign(@consumer_secret,@token_secret)    
+    assert @request.signed?
+    assert @request.verify?(@consumer_secret,@token_secret)
+    assert_equal "file=vacation.jpg&size=original",@request.body
+  end
+
+  
+end