oauth 0.4.7 → 0.5.4

data/test/cases/spec/1_0-final/test_parameter_encodings.rb

@@ -1,86 +0,0 @@
-require File.expand_path('../../../oauth_case', __FILE__)
-
-# See http://oauth.net/core/1.0/#encoding_parameters
-#
-# 5.1.  Parameter Encoding
-#
-# All parameter names and values are escaped using the [RFC3986] percent-encoding (%xx) mechanism.
-# Characters not in the unreserved character set ([RFC3986] section 2.3) MUST be encoded. Characters
-# in the unreserved character set MUST NOT be encoded. Hexadecimal characters in encodings MUST be
-# upper case. Text names and values MUST be encoded as UTF-8 octets before percent-encoding them per [RFC3629].
-#
-#   unreserved = ALPHA, DIGIT, '-', '.', '_', '~'
-#
-
-class ParameterEncodingTest < OAuthCase
-  def test_encodings_alpha_num
-    assert_encoding 'abcABC123', 'abcABC123'
-  end
-
-  def test_encodings_non_escaped
-    assert_encoding '-._~', '-._~'
-  end
-
-  def test_encodings_percent
-    assert_encoding '%25', '%'
-  end
-
-  def test_encodings_plus
-    assert_encoding '%2B', '+'
-  end
-
-  def test_encodings_space
-    assert_encoding '%20', ' '
-  end
-
-  def test_encodings_query_param_symbols
-    assert_encoding '%26%3D%2A', '&=*'
-  end
-
-  def test_encodings_unicode_lf
-    assert_encoding '%0A', unicode_to_utf8('U+000A')
-  end
-
-  def test_encodings_unicode_space
-    assert_encoding '%20', unicode_to_utf8('U+0020')
-  end
-
-  def test_encodings_unicode_007f
-    assert_encoding '%7F', unicode_to_utf8('U+007F')
-  end
-
-  def test_encodings_unicode_0080
-    assert_encoding '%C2%80', unicode_to_utf8('U+0080')
-  end
-
-  def test_encoding_unicode_2708
-    assert_encoding '%E2%9C%88', unicode_to_utf8('U+2708')
-  end
-
-  def test_encodings_unicode_3001
-    assert_encoding '%E3%80%81', unicode_to_utf8('U+3001')
-  end
-
-protected
-
-  def unicode_to_utf8(unicode)
-    return unicode if unicode =~ /\A[[:space:]]*\z/m
-
-    str = ''
-
-    unicode.scan(/(U\+(?:[[:digit:][:xdigit:]]{4,5}|10[[:digit:][:xdigit:]]{4})|.)/mu) do
-      c = $1
-      if c =~ /^U\+/
-        str << [c[2..-1].hex].pack('U*')
-      else
-        str << c
-      end
-    end
-
-    str
-  end
-
-  def assert_encoding(expected, given, message = nil)
-    assert_equal expected, OAuth::Helper.escape(given), message
-  end
-end

data/test/cases/spec/1_0-final/test_signature_base_strings.rb

@@ -1,77 +0,0 @@
-require File.expand_path('../../../oauth_case', __FILE__)
-
-# See http://oauth.net/core/1.0/#anchor14
-#
-# 9.1.  Signature Base String
-#
-# The Signature Base String is a consistent reproducible concatenation of the request elements
-# into a single string. The string is used as an input in hashing or signing algorithms. The
-# HMAC-SHA1 signature method provides both a standard and an example of using the Signature
-# Base String with a signing algorithm to generate signatures. All the request parameters MUST
-# be encoded as described in Parameter Encoding prior to constructing the Signature Base String.
-#
-
-class SignatureBaseStringTest < OAuthCase
-
-  def test_A_5_1
-    parameters={
-      'oauth_consumer_key'=>'dpf43f3p2l4k3l03',
-      'oauth_token'=>'nnch734d00sl2jdk',
-      'oauth_signature_method'=>'HMAC-SHA1',
-      'oauth_timestamp'=>'1191242096',
-      'oauth_nonce'=>'kllo9940pd9333jh',
-      'oauth_version'=>'1.0',
-      'file'=>'vacation.jpg',
-      'size'=>'original'
-    }
-    sbs='GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal'
-
-    assert_signature_base_string sbs,parameters,'GET',"http://photos.example.net/photos"
-  end
-
-  # These are from the wiki http://wiki.oauth.net/TestCases
-  # in the section Concatenate Test Elements
-
-  def test_wiki_1_simple_with_ending_slash
-    parameters={
-      'n'=>'v'
-    }
-    sbs='GET&http%3A%2F%2Fexample.com%2F&n%3Dv'
-
-    assert_signature_base_string sbs,parameters,'GET',"http://example.com/"
-  end
-
-
-  def test_wiki_2_simple_without_ending_slash
-    parameters={
-      'n'=>'v'
-    }
-    sbs='GET&http%3A%2F%2Fexample.com%2F&n%3Dv'
-
-    assert_signature_base_string sbs,parameters,'GET',"http://example.com"
-  end
-
-  def test_wiki_2_request_token
-    parameters={
-'oauth_version'=>'1.0',
-'oauth_consumer_key'=>'dpf43f3p2l4k3l03',
-'oauth_timestamp'=>'1191242090',
-'oauth_nonce'=>'hsu94j3884jdopsl',
-'oauth_signature_method'=>'PLAINTEXT',
-'oauth_signature'=>'ignored'    }
-    sbs='POST&https%3A%2F%2Fphotos.example.net%2Frequest_token&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dhsu94j3884jdopsl%26oauth_signature_method%3DPLAINTEXT%26oauth_timestamp%3D1191242090%26oauth_version%3D1.0'
-
-    assert_signature_base_string sbs,parameters,'POST',"https://photos.example.net/request_token"
-  end
-
-  protected
-
-
-  def assert_signature_base_string(expected,params={},method='GET',uri="http://photos.example.net/photos",message="Signature Base String does not match")
-    assert_equal expected, signature_base_string(params,method,uri), message
-  end
-
-  def signature_base_string(params={},method='GET',uri="http://photos.example.net/photos")
-    request(params,method,uri).signature_base_string
-  end
-end

data/test/integration/consumer_test.rb

@@ -1,307 +0,0 @@
-require File.expand_path('../../test_helper', __FILE__)
-
-module Integration
-  class ConsumerTest < Test::Unit::TestCase
-    def setup
-      @consumer=OAuth::Consumer.new(
-          'consumer_key_86cad9', '5888bf0345e5d237',
-          {
-          :site=>"http://blabla.bla",
-          :proxy=>"http://user:password@proxy.bla:8080",
-          :request_token_path=>"/oauth/example/request_token.php",
-          :access_token_path=>"/oauth/example/access_token.php",
-          :authorize_path=>"/oauth/example/authorize.php",
-          :scheme=>:header,
-          :http_method=>:get
-          })
-      @token = OAuth::ConsumerToken.new(@consumer,'token_411a7f', '3196ffd991c8ebdb')
-      @request_uri = URI.parse('http://example.com/test?key=value')
-      @request_parameters = { 'key' => 'value' }
-      @nonce = 225579211881198842005988698334675835446
-      @timestamp = "1199645624"
-      @consumer.http=Net::HTTP.new(@request_uri.host, @request_uri.port)
-    end
-
-    def test_that_signing_auth_headers_on_get_requests_works
-      request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
-      @token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
-
-      assert_equal 'GET', request.method
-      assert_equal '/test?key=value', request.path
-      assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
-    end
-
-    def test_that_setting_signature_method_on_consumer_effects_signing
-      require 'oauth/signature/plaintext'
-      request = Net::HTTP::Get.new(@request_uri.path)
-      consumer = @consumer.dup
-      consumer.options[:signature_method] = 'PLAINTEXT'
-      token = OAuth::ConsumerToken.new(consumer, 'token_411a7f', '3196ffd991c8ebdb')
-      token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
-
-      assert_no_match( /oauth_signature_method="HMAC-SHA1"/, request['authorization'])
-      assert_match(    /oauth_signature_method="PLAINTEXT"/, request['authorization'])
-    end
-
-    def test_that_setting_signature_method_on_consumer_effects_signature_base_string
-      require 'oauth/signature/plaintext'
-      request = Net::HTTP::Get.new(@request_uri.path)
-      consumer = @consumer.dup
-      consumer.options[:signature_method] = 'PLAINTEXT'
-
-      request = Net::HTTP::Get.new('/')
-      signature_base_string = consumer.signature_base_string(request)
-
-      assert_no_match( /HMAC-SHA1/, signature_base_string)
-      assert_equal( "#{consumer.secret}&", signature_base_string)
-    end
-
-    def test_that_plaintext_signature_works
-      # Invalid test because server expects double-escaped signature
-      require 'oauth/signature/plaintext'
-      # consumer = OAuth::Consumer.new("key", "secret",
-      #   :site => "http://term.ie", :signature_method => 'PLAINTEXT')
-      # access_token = OAuth::AccessToken.new(consumer, 'accesskey', 'accesssecret')
-      # response = access_token.get("/oauth/example/echo_api.php?echo=hello")
-
-      # assert_equal 'echo=hello', response.body
-    end
-
-    def test_that_signing_auth_headers_on_post_requests_works
-      request = Net::HTTP::Post.new(@request_uri.path)
-      request.set_form_data( @request_parameters )
-      @token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
-  #    assert_equal "",request.oauth_helper.signature_base_string
-
-      assert_equal 'POST', request.method
-      assert_equal '/test', request.path
-      assert_equal 'key=value', request.body
-      assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
-    end
-
-    def test_that_signing_post_params_works
-      request = Net::HTTP::Post.new(@request_uri.path)
-      request.set_form_data( @request_parameters )
-      @token.sign!(request, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
-
-      assert_equal 'POST', request.method
-      assert_equal '/test', request.path
-      assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
-      assert_equal nil, request['authorization']
-    end
-
-    def test_that_using_auth_headers_on_get_on_create_signed_requests_works
-      request=@consumer.create_signed_request(:get,@request_uri.path+ "?" + request_parameters_to_s,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters)
-
-      assert_equal 'GET', request.method
-      assert_equal '/test?key=value', request.path
-      assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
-    end
-
-    def test_that_using_auth_headers_on_post_on_create_signed_requests_works
-      request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
-      assert_equal 'POST', request.method
-      assert_equal '/test', request.path
-      assert_equal 'key=value', request.body
-      assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
-    end
-
-    def test_that_signing_post_params_works_2
-      request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
-
-      assert_equal 'POST', request.method
-      assert_equal '/test', request.path
-      assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
-      assert_equal nil, request['authorization']
-    end
-
-    def test_step_by_step_token_request
-      stub_test_ie
-
-      @consumer=OAuth::Consumer.new(
-          "key",
-          "secret",
-          {
-          :site=>"http://term.ie",
-          :request_token_path=>"/oauth/example/request_token.php",
-          :access_token_path=>"/oauth/example/access_token.php",
-          :authorize_path=>"/oauth/example/authorize.php",
-          :scheme=>:header
-          })
-      options={:nonce=>'nonce',:timestamp=>Time.now.to_i.to_s}
-
-      request = Net::HTTP::Get.new("/oauth/example/request_token.php")
-      signature_base_string=@consumer.signature_base_string(request,nil,options)
-      assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{options[:nonce]}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{options[:timestamp]}%26oauth_version%3D1.0",signature_base_string
-      @consumer.sign!(request, nil,options)
-
-      assert_equal 'GET', request.method
-      assert_equal nil, request.body
-      response=@consumer.http.request(request)
-      assert_equal "200",response.code
-      assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
-    end
-
-    def test_get_token_sequence
-      stub_test_ie
-
-      @consumer=OAuth::Consumer.new(
-          "key",
-          "secret",
-          {
-          :site=>"http://term.ie",
-          :request_token_path=>"/oauth/example/request_token.php",
-          :access_token_path=>"/oauth/example/access_token.php",
-          :authorize_path=>"/oauth/example/authorize.php"
-          })
-      assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
-      assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
-
-      assert !@consumer.request_token_url?, "Should not use fully qualified request token url"
-      assert !@consumer.access_token_url?, "Should not use fully qualified access token url"
-      assert !@consumer.authorize_url?, "Should not use fully qualified url"
-
-      @request_token=@consumer.get_request_token
-      assert_not_nil @request_token
-      assert_equal "requestkey",@request_token.token
-      assert_equal "requestsecret",@request_token.secret
-      assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
-
-      @access_token=@request_token.get_access_token
-      assert_not_nil @access_token
-      assert_equal "accesskey",@access_token.token
-      assert_equal "accesssecret",@access_token.secret
-
-      @response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
-      assert_not_nil @response
-      assert_equal "200",@response.code
-      assert_equal( "ok=hello&test=this",@response.body)
-
-      @response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
-      assert_not_nil @response
-      assert_equal "200",@response.code
-      assert_equal( "ok=hello&test=this",@response.body)
-    end
-
-    def test_get_token_sequence_using_fqdn
-      stub_test_ie
-
-      @consumer=OAuth::Consumer.new(
-          "key",
-          "secret",
-          {
-          :site=>"http://term.ie",
-          :request_token_url=>"http://term.ie/oauth/example/request_token.php",
-          :access_token_url=>"http://term.ie/oauth/example/access_token.php",
-          :authorize_url=>"http://term.ie/oauth/example/authorize.php"
-          })
-      assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
-      assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
-
-      assert @consumer.request_token_url?, "Should use fully qualified request token url"
-      assert @consumer.access_token_url?, "Should use fully qualified access token url"
-      assert @consumer.authorize_url?, "Should use fully qualified url"
-
-      @request_token=@consumer.get_request_token
-      assert_not_nil @request_token
-      assert_equal "requestkey",@request_token.token
-      assert_equal "requestsecret",@request_token.secret
-      assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
-
-      @access_token=@request_token.get_access_token
-      assert_not_nil @access_token
-      assert_equal "accesskey",@access_token.token
-      assert_equal "accesssecret",@access_token.secret
-
-      @response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
-      assert_not_nil @response
-      assert_equal "200",@response.code
-      assert_equal( "ok=hello&test=this",@response.body)
-
-      @response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
-      assert_not_nil @response
-      assert_equal "200",@response.code
-      assert_equal( "ok=hello&test=this",@response.body)
-    end
-
-
-    # This test does an actual https request (the result doesn't matter)
-    # to initialize the same way as get_request_token does. Can be any
-    # site that supports https.
-    #
-    # It also generates "warning: using default DH parameters." which I
-    # don't know how to get rid of
-  #  def test_serialization_with_https
-  #    consumer = OAuth::Consumer.new('token', 'secret', :site => 'https://plazes.net')
-  #    consumer.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-  #    consumer.http.get('/')
-  #
-  #    assert_nothing_raised do
-  #      # Specifically this should not raise TypeError: no marshal_dump
-  #      # is defined for class OpenSSL::SSL::SSLContext
-  #      Marshal.dump(consumer)
-  #    end
-  #  end
-  #
-    def test_get_request_token_with_custom_arguments
-      stub_test_ie
-
-      @consumer=OAuth::Consumer.new(
-          "key",
-          "secret",
-          {
-          :site=>"http://term.ie",
-          :request_token_path=>"/oauth/example/request_token.php",
-          :access_token_path=>"/oauth/example/access_token.php",
-          :authorize_path=>"/oauth/example/authorize.php"
-          })
-
-      @consumer.get_request_token({}, {:scope => "http://www.google.com/calendar/feeds http://picasaweb.google.com/data"})
-
-      # Because this is a POST request, create_http_request should take the first element of *arguments
-      # and turn it into URL-encoded data in the body of the POST.
-    end
-
-    def test_post_with_body_stream
-      stub_test_ie
-
-      @consumer=OAuth::Consumer.new(
-          "key",
-          "secret",
-          {
-          :site=>"http://term.ie",
-          :request_token_path=>"/oauth/example/request_token.php",
-          :access_token_path=>"/oauth/example/access_token.php",
-          :authorize_path=>"/oauth/example/authorize.php"
-          })
-
-
-      @request_token=@consumer.get_request_token
-      @access_token=@request_token.get_access_token
-
-      request_body_string = "Hello, hello, hello"
-      request_body_stream = StringIO.new( request_body_string )
-
-      @response=@access_token.post("/oauth/example/echo_api.php",request_body_stream)
-      assert_not_nil @response
-      assert_equal "200",@response.code
-
-      request_body_file = File.open(__FILE__)
-
-      @response=@access_token.post("/oauth/example/echo_api.php",request_body_file)
-      assert_not_nil @response
-      assert_equal "200",@response.code
-
-      # unfortunately I don't know of a way to test that the body data was received correctly since the test server at http://term.ie
-      # echos back any non-oauth parameters but not the body.  However, this does test that the request is still correctly signed
-      # (including the Content-Length header) and that the server received Content-Length bytes of body since it won't process the
-      # request & respond until the full body length is received.
-    end
-
-    private
-
-    def request_parameters_to_s
-      @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
-    end
-  end
-end