oauth_weshays 0.4.8.pre

Sign up to get free protection for your applications and to get access to all the features.
Files changed (89) hide show
  1. checksums.yaml +15 -0
  2. data/.gemtest +0 -0
  3. data/Gemfile +16 -0
  4. data/Gemfile.lock +47 -0
  5. data/HISTORY +173 -0
  6. data/LICENSE +20 -0
  7. data/README.rdoc +75 -0
  8. data/Rakefile +37 -0
  9. data/TODO +32 -0
  10. data/bin/oauth +5 -0
  11. data/examples/yql.rb +44 -0
  12. data/lib/digest/hmac.rb +104 -0
  13. data/lib/oauth/cli.rb +378 -0
  14. data/lib/oauth/client/action_controller_request.rb +65 -0
  15. data/lib/oauth/client/em_http.rb +120 -0
  16. data/lib/oauth/client/helper.rb +91 -0
  17. data/lib/oauth/client/net_http.rb +120 -0
  18. data/lib/oauth/client.rb +4 -0
  19. data/lib/oauth/consumer.rb +389 -0
  20. data/lib/oauth/core_ext.rb +31 -0
  21. data/lib/oauth/errors/error.rb +4 -0
  22. data/lib/oauth/errors/problem.rb +14 -0
  23. data/lib/oauth/errors/unauthorized.rb +12 -0
  24. data/lib/oauth/errors.rb +3 -0
  25. data/lib/oauth/helper.rb +109 -0
  26. data/lib/oauth/oauth.rb +13 -0
  27. data/lib/oauth/oauth_test_helper.rb +25 -0
  28. data/lib/oauth/request_proxy/action_controller_request.rb +62 -0
  29. data/lib/oauth/request_proxy/base.rb +174 -0
  30. data/lib/oauth/request_proxy/curb_request.rb +55 -0
  31. data/lib/oauth/request_proxy/em_http_request.rb +66 -0
  32. data/lib/oauth/request_proxy/jabber_request.rb +41 -0
  33. data/lib/oauth/request_proxy/mock_request.rb +44 -0
  34. data/lib/oauth/request_proxy/net_http.rb +73 -0
  35. data/lib/oauth/request_proxy/rack_request.rb +44 -0
  36. data/lib/oauth/request_proxy/typhoeus_request.rb +53 -0
  37. data/lib/oauth/request_proxy.rb +24 -0
  38. data/lib/oauth/server.rb +66 -0
  39. data/lib/oauth/signature/base.rb +110 -0
  40. data/lib/oauth/signature/hmac/base.rb +15 -0
  41. data/lib/oauth/signature/hmac/md5.rb +8 -0
  42. data/lib/oauth/signature/hmac/rmd160.rb +8 -0
  43. data/lib/oauth/signature/hmac/sha1.rb +9 -0
  44. data/lib/oauth/signature/hmac/sha2.rb +8 -0
  45. data/lib/oauth/signature/md5.rb +13 -0
  46. data/lib/oauth/signature/plaintext.rb +23 -0
  47. data/lib/oauth/signature/rsa/sha1.rb +46 -0
  48. data/lib/oauth/signature/sha1.rb +13 -0
  49. data/lib/oauth/signature.rb +45 -0
  50. data/lib/oauth/token.rb +7 -0
  51. data/lib/oauth/tokens/access_token.rb +71 -0
  52. data/lib/oauth/tokens/consumer_token.rb +33 -0
  53. data/lib/oauth/tokens/request_token.rb +32 -0
  54. data/lib/oauth/tokens/server_token.rb +9 -0
  55. data/lib/oauth/tokens/token.rb +17 -0
  56. data/lib/oauth.rb +13 -0
  57. data/oauth.gemspec +148 -0
  58. data/tasks/deployment.rake +34 -0
  59. data/tasks/environment.rake +7 -0
  60. data/tasks/website.rake +17 -0
  61. data/test/cases/oauth_case.rb +19 -0
  62. data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
  63. data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
  64. data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
  65. data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
  66. data/test/integration/consumer_test.rb +307 -0
  67. data/test/keys/rsa.cert +11 -0
  68. data/test/keys/rsa.pem +16 -0
  69. data/test/test_access_token.rb +26 -0
  70. data/test/test_action_controller_request_proxy.rb +133 -0
  71. data/test/test_consumer.rb +220 -0
  72. data/test/test_curb_request_proxy.rb +77 -0
  73. data/test/test_em_http_client.rb +80 -0
  74. data/test/test_em_http_request_proxy.rb +115 -0
  75. data/test/test_helper.rb +28 -0
  76. data/test/test_hmac_sha1.rb +20 -0
  77. data/test/test_net_http_client.rb +292 -0
  78. data/test/test_net_http_request_proxy.rb +72 -0
  79. data/test/test_oauth_helper.rb +94 -0
  80. data/test/test_rack_request_proxy.rb +40 -0
  81. data/test/test_request_token.rb +51 -0
  82. data/test/test_rsa_sha1.rb +59 -0
  83. data/test/test_server.rb +40 -0
  84. data/test/test_signature.rb +22 -0
  85. data/test/test_signature_base.rb +32 -0
  86. data/test/test_signature_plain_text.rb +31 -0
  87. data/test/test_token.rb +14 -0
  88. data/test/test_typhoeus_request_proxy.rb +80 -0
  89. metadata +252 -0
@@ -0,0 +1,307 @@
1
+ require File.expand_path('../../test_helper', __FILE__)
2
+
3
+ module Integration
4
+ class ConsumerTest < Test::Unit::TestCase
5
+ def setup
6
+ @consumer=OAuth::Consumer.new(
7
+ 'consumer_key_86cad9', '5888bf0345e5d237',
8
+ {
9
+ :site=>"http://blabla.bla",
10
+ :proxy=>"http://user:password@proxy.bla:8080",
11
+ :request_token_path=>"/oauth/example/request_token.php",
12
+ :access_token_path=>"/oauth/example/access_token.php",
13
+ :authorize_path=>"/oauth/example/authorize.php",
14
+ :scheme=>:header,
15
+ :http_method=>:get
16
+ })
17
+ @token = OAuth::ConsumerToken.new(@consumer,'token_411a7f', '3196ffd991c8ebdb')
18
+ @request_uri = URI.parse('http://example.com/test?key=value')
19
+ @request_parameters = { 'key' => 'value' }
20
+ @nonce = 225579211881198842005988698334675835446
21
+ @timestamp = "1199645624"
22
+ @consumer.http=Net::HTTP.new(@request_uri.host, @request_uri.port)
23
+ end
24
+
25
+ def test_that_signing_auth_headers_on_get_requests_works
26
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
27
+ @token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
28
+
29
+ assert_equal 'GET', request.method
30
+ assert_equal '/test?key=value', request.path
31
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
32
+ end
33
+
34
+ def test_that_setting_signature_method_on_consumer_effects_signing
35
+ require 'oauth/signature/plaintext'
36
+ request = Net::HTTP::Get.new(@request_uri.path)
37
+ consumer = @consumer.dup
38
+ consumer.options[:signature_method] = 'PLAINTEXT'
39
+ token = OAuth::ConsumerToken.new(consumer, 'token_411a7f', '3196ffd991c8ebdb')
40
+ token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
41
+
42
+ assert_no_match( /oauth_signature_method="HMAC-SHA1"/, request['authorization'])
43
+ assert_match( /oauth_signature_method="PLAINTEXT"/, request['authorization'])
44
+ end
45
+
46
+ def test_that_setting_signature_method_on_consumer_effects_signature_base_string
47
+ require 'oauth/signature/plaintext'
48
+ request = Net::HTTP::Get.new(@request_uri.path)
49
+ consumer = @consumer.dup
50
+ consumer.options[:signature_method] = 'PLAINTEXT'
51
+
52
+ request = Net::HTTP::Get.new('/')
53
+ signature_base_string = consumer.signature_base_string(request)
54
+
55
+ assert_no_match( /HMAC-SHA1/, signature_base_string)
56
+ assert_equal( "#{consumer.secret}&", signature_base_string)
57
+ end
58
+
59
+ def test_that_plaintext_signature_works
60
+ # Invalid test because server expects double-escaped signature
61
+ require 'oauth/signature/plaintext'
62
+ # consumer = OAuth::Consumer.new("key", "secret",
63
+ # :site => "http://term.ie", :signature_method => 'PLAINTEXT')
64
+ # access_token = OAuth::AccessToken.new(consumer, 'accesskey', 'accesssecret')
65
+ # response = access_token.get("/oauth/example/echo_api.php?echo=hello")
66
+
67
+ # assert_equal 'echo=hello', response.body
68
+ end
69
+
70
+ def test_that_signing_auth_headers_on_post_requests_works
71
+ request = Net::HTTP::Post.new(@request_uri.path)
72
+ request.set_form_data( @request_parameters )
73
+ @token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
74
+ # assert_equal "",request.oauth_helper.signature_base_string
75
+
76
+ assert_equal 'POST', request.method
77
+ assert_equal '/test', request.path
78
+ assert_equal 'key=value', request.body
79
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
80
+ end
81
+
82
+ def test_that_signing_post_params_works
83
+ request = Net::HTTP::Post.new(@request_uri.path)
84
+ request.set_form_data( @request_parameters )
85
+ @token.sign!(request, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
86
+
87
+ assert_equal 'POST', request.method
88
+ assert_equal '/test', request.path
89
+ assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
90
+ assert_equal nil, request['authorization']
91
+ end
92
+
93
+ def test_that_using_auth_headers_on_get_on_create_signed_requests_works
94
+ request=@consumer.create_signed_request(:get,@request_uri.path+ "?" + request_parameters_to_s,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters)
95
+
96
+ assert_equal 'GET', request.method
97
+ assert_equal '/test?key=value', request.path
98
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
99
+ end
100
+
101
+ def test_that_using_auth_headers_on_post_on_create_signed_requests_works
102
+ request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
103
+ assert_equal 'POST', request.method
104
+ assert_equal '/test', request.path
105
+ assert_equal 'key=value', request.body
106
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".delete(',').split.sort, request['authorization'].delete(',').split.sort
107
+ end
108
+
109
+ def test_that_signing_post_params_works_2
110
+ request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
111
+
112
+ assert_equal 'POST', request.method
113
+ assert_equal '/test', request.path
114
+ assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
115
+ assert_equal nil, request['authorization']
116
+ end
117
+
118
+ def test_step_by_step_token_request
119
+ stub_test_ie
120
+
121
+ @consumer=OAuth::Consumer.new(
122
+ "key",
123
+ "secret",
124
+ {
125
+ :site=>"http://term.ie",
126
+ :request_token_path=>"/oauth/example/request_token.php",
127
+ :access_token_path=>"/oauth/example/access_token.php",
128
+ :authorize_path=>"/oauth/example/authorize.php",
129
+ :scheme=>:header
130
+ })
131
+ options={:nonce=>'nonce',:timestamp=>Time.now.to_i.to_s}
132
+
133
+ request = Net::HTTP::Get.new("/oauth/example/request_token.php")
134
+ signature_base_string=@consumer.signature_base_string(request,nil,options)
135
+ assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{options[:nonce]}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{options[:timestamp]}%26oauth_version%3D1.0",signature_base_string
136
+ @consumer.sign!(request, nil,options)
137
+
138
+ assert_equal 'GET', request.method
139
+ assert_equal nil, request.body
140
+ response=@consumer.http.request(request)
141
+ assert_equal "200",response.code
142
+ assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
143
+ end
144
+
145
+ def test_get_token_sequence
146
+ stub_test_ie
147
+
148
+ @consumer=OAuth::Consumer.new(
149
+ "key",
150
+ "secret",
151
+ {
152
+ :site=>"http://term.ie",
153
+ :request_token_path=>"/oauth/example/request_token.php",
154
+ :access_token_path=>"/oauth/example/access_token.php",
155
+ :authorize_path=>"/oauth/example/authorize.php"
156
+ })
157
+ assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
158
+ assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
159
+
160
+ assert !@consumer.request_token_url?, "Should not use fully qualified request token url"
161
+ assert !@consumer.access_token_url?, "Should not use fully qualified access token url"
162
+ assert !@consumer.authorize_url?, "Should not use fully qualified url"
163
+
164
+ @request_token=@consumer.get_request_token
165
+ assert_not_nil @request_token
166
+ assert_equal "requestkey",@request_token.token
167
+ assert_equal "requestsecret",@request_token.secret
168
+ assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
169
+
170
+ @access_token=@request_token.get_access_token
171
+ assert_not_nil @access_token
172
+ assert_equal "accesskey",@access_token.token
173
+ assert_equal "accesssecret",@access_token.secret
174
+
175
+ @response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
176
+ assert_not_nil @response
177
+ assert_equal "200",@response.code
178
+ assert_equal( "ok=hello&test=this",@response.body)
179
+
180
+ @response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
181
+ assert_not_nil @response
182
+ assert_equal "200",@response.code
183
+ assert_equal( "ok=hello&test=this",@response.body)
184
+ end
185
+
186
+ def test_get_token_sequence_using_fqdn
187
+ stub_test_ie
188
+
189
+ @consumer=OAuth::Consumer.new(
190
+ "key",
191
+ "secret",
192
+ {
193
+ :site=>"http://term.ie",
194
+ :request_token_url=>"http://term.ie/oauth/example/request_token.php",
195
+ :access_token_url=>"http://term.ie/oauth/example/access_token.php",
196
+ :authorize_url=>"http://term.ie/oauth/example/authorize.php"
197
+ })
198
+ assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
199
+ assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
200
+
201
+ assert @consumer.request_token_url?, "Should use fully qualified request token url"
202
+ assert @consumer.access_token_url?, "Should use fully qualified access token url"
203
+ assert @consumer.authorize_url?, "Should use fully qualified url"
204
+
205
+ @request_token=@consumer.get_request_token
206
+ assert_not_nil @request_token
207
+ assert_equal "requestkey",@request_token.token
208
+ assert_equal "requestsecret",@request_token.secret
209
+ assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
210
+
211
+ @access_token=@request_token.get_access_token
212
+ assert_not_nil @access_token
213
+ assert_equal "accesskey",@access_token.token
214
+ assert_equal "accesssecret",@access_token.secret
215
+
216
+ @response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
217
+ assert_not_nil @response
218
+ assert_equal "200",@response.code
219
+ assert_equal( "ok=hello&test=this",@response.body)
220
+
221
+ @response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
222
+ assert_not_nil @response
223
+ assert_equal "200",@response.code
224
+ assert_equal( "ok=hello&test=this",@response.body)
225
+ end
226
+
227
+
228
+ # This test does an actual https request (the result doesn't matter)
229
+ # to initialize the same way as get_request_token does. Can be any
230
+ # site that supports https.
231
+ #
232
+ # It also generates "warning: using default DH parameters." which I
233
+ # don't know how to get rid of
234
+ # def test_serialization_with_https
235
+ # consumer = OAuth::Consumer.new('token', 'secret', :site => 'https://plazes.net')
236
+ # consumer.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
237
+ # consumer.http.get('/')
238
+ #
239
+ # assert_nothing_raised do
240
+ # # Specifically this should not raise TypeError: no marshal_dump
241
+ # # is defined for class OpenSSL::SSL::SSLContext
242
+ # Marshal.dump(consumer)
243
+ # end
244
+ # end
245
+ #
246
+ def test_get_request_token_with_custom_arguments
247
+ stub_test_ie
248
+
249
+ @consumer=OAuth::Consumer.new(
250
+ "key",
251
+ "secret",
252
+ {
253
+ :site=>"http://term.ie",
254
+ :request_token_path=>"/oauth/example/request_token.php",
255
+ :access_token_path=>"/oauth/example/access_token.php",
256
+ :authorize_path=>"/oauth/example/authorize.php"
257
+ })
258
+
259
+ @consumer.get_request_token({}, {:scope => "http://www.google.com/calendar/feeds http://picasaweb.google.com/data"})
260
+
261
+ # Because this is a POST request, create_http_request should take the first element of *arguments
262
+ # and turn it into URL-encoded data in the body of the POST.
263
+ end
264
+
265
+ def test_post_with_body_stream
266
+ stub_test_ie
267
+
268
+ @consumer=OAuth::Consumer.new(
269
+ "key",
270
+ "secret",
271
+ {
272
+ :site=>"http://term.ie",
273
+ :request_token_path=>"/oauth/example/request_token.php",
274
+ :access_token_path=>"/oauth/example/access_token.php",
275
+ :authorize_path=>"/oauth/example/authorize.php"
276
+ })
277
+
278
+
279
+ @request_token=@consumer.get_request_token
280
+ @access_token=@request_token.get_access_token
281
+
282
+ request_body_string = "Hello, hello, hello"
283
+ request_body_stream = StringIO.new( request_body_string )
284
+
285
+ @response=@access_token.post("/oauth/example/echo_api.php",request_body_stream)
286
+ assert_not_nil @response
287
+ assert_equal "200",@response.code
288
+
289
+ request_body_file = File.open(__FILE__)
290
+
291
+ @response=@access_token.post("/oauth/example/echo_api.php",request_body_file)
292
+ assert_not_nil @response
293
+ assert_equal "200",@response.code
294
+
295
+ # unfortunately I don't know of a way to test that the body data was received correctly since the test server at http://term.ie
296
+ # echos back any non-oauth parameters but not the body. However, this does test that the request is still correctly signed
297
+ # (including the Content-Length header) and that the server received Content-Length bytes of body since it won't process the
298
+ # request & respond until the full body length is received.
299
+ end
300
+
301
+ private
302
+
303
+ def request_parameters_to_s
304
+ @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
305
+ end
306
+ end
307
+ end
@@ -0,0 +1,11 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIBpjCCAQ+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAZMRcwFQYDVQQDDA5UZXN0
3
+ IFByaW5jaXBhbDAeFw03MDAxMDEwODAwMDBaFw0zODEyMzEwODAwMDBaMBkxFzAV
4
+ BgNVBAMMDlRlc3QgUHJpbmNpcGFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
5
+ gQC0YjCwIfYoprq/FQO6lb3asXrxLlJFuCvtinTF5p0GxvQGu5O3gYytUvtC2JlY
6
+ zypSRjVxwxrsuRcP3e641SdASwfrmzyvIgP08N4S0IFzEURkV1wp/IpH7kH41Etb
7
+ mUmrXSwfNZsnQRE5SYSOhh+LcK2wyQkdgcMv11l4KoBkcwIDAQABMA0GCSqGSIb3
8
+ DQEBBQUAA4GBAGZLPEuJ5SiJ2ryq+CmEGOXfvlTtEL2nuGtr9PewxkgnOjZpUy+d
9
+ 4TvuXJbNQc8f4AMWL/tO9w0Fk80rWKp9ea8/df4qMq5qlFWlx6yOLQxumNOmECKb
10
+ WpkUQDIDJEoFUzKMVuJf4KO/FJ345+BNLGgbJ6WujreoM1X/gYfdnJ/J
11
+ -----END CERTIFICATE-----
data/test/keys/rsa.pem ADDED
@@ -0,0 +1,16 @@
1
+ -----BEGIN PRIVATE KEY-----
2
+ MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V
3
+ A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d
4
+ 7rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ
5
+ hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H
6
+ X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm
7
+ uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw
8
+ rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z
9
+ zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn
10
+ qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG
11
+ WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno
12
+ cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+
13
+ 3jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8
14
+ AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54
15
+ Lw03eHTNQghS0A==
16
+ -----END PRIVATE KEY-----
@@ -0,0 +1,26 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class TestAccessToken < Test::Unit::TestCase
4
+ def setup
5
+ @fake_response = {
6
+ :user_id => 5734758743895,
7
+ :oauth_token => "key",
8
+ :oauth_token_secret => "secret"
9
+ }
10
+ # setup a fake req. token. mocking Consumer would be more appropriate...
11
+ @access_token = OAuth::AccessToken.from_hash(
12
+ OAuth::Consumer.new("key", "secret", {}),
13
+ @fake_response
14
+ )
15
+ end
16
+
17
+ def test_provides_response_parameters
18
+ assert @access_token
19
+ assert_respond_to @access_token, :params
20
+ end
21
+
22
+ def test_access_token_makes_non_oauth_response_params_available
23
+ assert_not_nil @access_token.params[:user_id]
24
+ assert_equal 5734758743895, @access_token.params[:user_id]
25
+ end
26
+ end
@@ -0,0 +1,133 @@
1
+ gem 'actionpack', '~> 2.3.8'
2
+ require File.expand_path('../test_helper', __FILE__)
3
+
4
+ require 'oauth/request_proxy/action_controller_request'
5
+ require 'action_controller/test_process'
6
+
7
+ class ActionControllerRequestProxyTest < Test::Unit::TestCase
8
+
9
+ def request_proxy(request_method = :get, uri_params = {}, body_params = {})
10
+ request = ActionController::TestRequest.new
11
+ request.set_REQUEST_URI('/')
12
+
13
+ case request_method
14
+ when :post
15
+ request.env['REQUEST_METHOD'] = 'POST'
16
+ when :put
17
+ request.env['REQUEST_METHOD'] = 'PUT'
18
+ end
19
+
20
+ request.env['REQUEST_URI'] = '/'
21
+ request.env['RAW_POST_DATA'] = body_params.to_query
22
+ request.env['QUERY_STRING'] = body_params.to_query
23
+ request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
24
+
25
+ yield request if block_given?
26
+ OAuth::RequestProxy::ActionControllerRequest.new(request, :parameters => uri_params)
27
+ end
28
+
29
+ def test_that_proxy_simple_get_request_works_with_query_params
30
+ request_proxy = request_proxy(:get, {'key'=>'value'})
31
+
32
+ expected_parameters = [["key", "value"]]
33
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
34
+ assert_equal 'GET', request_proxy.method
35
+ end
36
+
37
+ def test_that_proxy_simple_post_request_works_with_query_params
38
+ request_proxy = request_proxy(:post, {'key'=>'value'})
39
+
40
+ expected_parameters = [["key", "value"]]
41
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
42
+ assert_equal 'POST', request_proxy.method
43
+ end
44
+
45
+ def test_that_proxy_simple_put_request_works_with_query_params
46
+ request_proxy = request_proxy(:put, {'key'=>'value'})
47
+
48
+ expected_parameters = [["key", "value"]]
49
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
50
+ assert_equal 'PUT', request_proxy.method
51
+ end
52
+
53
+ def test_that_proxy_simple_get_request_works_with_post_params
54
+ request_proxy = request_proxy(:get, {}, {'key'=>'value'})
55
+
56
+ expected_parameters = []
57
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
58
+ assert_equal 'GET', request_proxy.method
59
+ end
60
+
61
+ def test_that_proxy_simple_post_request_works_with_post_params
62
+ request_proxy = request_proxy(:post, {}, {'key'=>'value'})
63
+
64
+ expected_parameters = [["key", "value"]]
65
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
66
+ assert_equal 'POST', request_proxy.method
67
+ end
68
+
69
+ def test_that_proxy_simple_put_request_works_with_post_params
70
+ request_proxy = request_proxy(:put, {}, {'key'=>'value'})
71
+
72
+ expected_parameters = []
73
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
74
+ assert_equal 'PUT', request_proxy.method
75
+ end
76
+
77
+ def test_that_proxy_simple_get_request_works_with_mixed_params
78
+ request_proxy = request_proxy(:get, {'key'=>'value'}, {'key2'=>'value2'})
79
+
80
+ expected_parameters = [["key", "value"]]
81
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
82
+ assert_equal 'GET', request_proxy.method
83
+ end
84
+
85
+ def test_that_proxy_simple_post_request_works_with_mixed_params
86
+ request_proxy = request_proxy(:post, {'key'=>'value'}, {'key2'=>'value2'})
87
+
88
+ expected_parameters = [["key", "value"],["key2", "value2"]]
89
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
90
+ assert_equal 'POST', request_proxy.method
91
+ end
92
+
93
+ def test_that_proxy_simple_put_request_works_with_mixed_params
94
+ request_proxy = request_proxy(:put, {'key'=>'value'}, {'key2'=>'value2'})
95
+
96
+ expected_parameters = [["key", "value"]]
97
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
98
+ assert_equal 'PUT', request_proxy.method
99
+ end
100
+
101
+ def test_parameter_keys_should_preserve_brackets_from_hash
102
+ assert_equal(
103
+ [["message[body]", "This is a test"]],
104
+ request_proxy(:post, { :message => { :body => 'This is a test' }}).parameters_for_signature
105
+ )
106
+ end
107
+
108
+ def test_parameter_values_with_amps_should_not_break_parameter_parsing
109
+ assert_equal(
110
+ [['message[body]', 'http://foo.com/?a=b&c=d']],
111
+ request_proxy(:post, { :message => { :body => 'http://foo.com/?a=b&c=d'}}).parameters_for_signature
112
+ )
113
+ end
114
+
115
+ def test_parameter_keys_should_preserve_brackets_from_array
116
+ assert_equal(
117
+ [["foo[]", "123"], ["foo[]", "456"]],
118
+ request_proxy(:post, { :foo => [123, 456] }).parameters_for_signature.sort
119
+ )
120
+ end
121
+
122
+ # TODO disabled; ActionController::TestRequest does not appear to parse
123
+ # QUERY_STRING
124
+ def x_test_query_string_parameter_values_should_be_cgi_unescaped
125
+ request = request_proxy do |r|
126
+ r.env['QUERY_STRING'] = 'url=http%3A%2F%2Ffoo.com%2F%3Fa%3Db%26c%3Dd'
127
+ end
128
+ assert_equal(
129
+ [['url', 'http://foo.com/?a=b&c=d']],
130
+ request.parameters_for_signature.sort
131
+ )
132
+ end
133
+ end