oauth_weshays 0.4.8.pre

Sign up to get free protection for your applications and to get access to all the features.
Files changed (89) hide show
  1. checksums.yaml +15 -0
  2. data/.gemtest +0 -0
  3. data/Gemfile +16 -0
  4. data/Gemfile.lock +47 -0
  5. data/HISTORY +173 -0
  6. data/LICENSE +20 -0
  7. data/README.rdoc +75 -0
  8. data/Rakefile +37 -0
  9. data/TODO +32 -0
  10. data/bin/oauth +5 -0
  11. data/examples/yql.rb +44 -0
  12. data/lib/digest/hmac.rb +104 -0
  13. data/lib/oauth/cli.rb +378 -0
  14. data/lib/oauth/client/action_controller_request.rb +65 -0
  15. data/lib/oauth/client/em_http.rb +120 -0
  16. data/lib/oauth/client/helper.rb +91 -0
  17. data/lib/oauth/client/net_http.rb +120 -0
  18. data/lib/oauth/client.rb +4 -0
  19. data/lib/oauth/consumer.rb +389 -0
  20. data/lib/oauth/core_ext.rb +31 -0
  21. data/lib/oauth/errors/error.rb +4 -0
  22. data/lib/oauth/errors/problem.rb +14 -0
  23. data/lib/oauth/errors/unauthorized.rb +12 -0
  24. data/lib/oauth/errors.rb +3 -0
  25. data/lib/oauth/helper.rb +109 -0
  26. data/lib/oauth/oauth.rb +13 -0
  27. data/lib/oauth/oauth_test_helper.rb +25 -0
  28. data/lib/oauth/request_proxy/action_controller_request.rb +62 -0
  29. data/lib/oauth/request_proxy/base.rb +174 -0
  30. data/lib/oauth/request_proxy/curb_request.rb +55 -0
  31. data/lib/oauth/request_proxy/em_http_request.rb +66 -0
  32. data/lib/oauth/request_proxy/jabber_request.rb +41 -0
  33. data/lib/oauth/request_proxy/mock_request.rb +44 -0
  34. data/lib/oauth/request_proxy/net_http.rb +73 -0
  35. data/lib/oauth/request_proxy/rack_request.rb +44 -0
  36. data/lib/oauth/request_proxy/typhoeus_request.rb +53 -0
  37. data/lib/oauth/request_proxy.rb +24 -0
  38. data/lib/oauth/server.rb +66 -0
  39. data/lib/oauth/signature/base.rb +110 -0
  40. data/lib/oauth/signature/hmac/base.rb +15 -0
  41. data/lib/oauth/signature/hmac/md5.rb +8 -0
  42. data/lib/oauth/signature/hmac/rmd160.rb +8 -0
  43. data/lib/oauth/signature/hmac/sha1.rb +9 -0
  44. data/lib/oauth/signature/hmac/sha2.rb +8 -0
  45. data/lib/oauth/signature/md5.rb +13 -0
  46. data/lib/oauth/signature/plaintext.rb +23 -0
  47. data/lib/oauth/signature/rsa/sha1.rb +46 -0
  48. data/lib/oauth/signature/sha1.rb +13 -0
  49. data/lib/oauth/signature.rb +45 -0
  50. data/lib/oauth/token.rb +7 -0
  51. data/lib/oauth/tokens/access_token.rb +71 -0
  52. data/lib/oauth/tokens/consumer_token.rb +33 -0
  53. data/lib/oauth/tokens/request_token.rb +32 -0
  54. data/lib/oauth/tokens/server_token.rb +9 -0
  55. data/lib/oauth/tokens/token.rb +17 -0
  56. data/lib/oauth.rb +13 -0
  57. data/oauth.gemspec +148 -0
  58. data/tasks/deployment.rake +34 -0
  59. data/tasks/environment.rake +7 -0
  60. data/tasks/website.rake +17 -0
  61. data/test/cases/oauth_case.rb +19 -0
  62. data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
  63. data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
  64. data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
  65. data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
  66. data/test/integration/consumer_test.rb +307 -0
  67. data/test/keys/rsa.cert +11 -0
  68. data/test/keys/rsa.pem +16 -0
  69. data/test/test_access_token.rb +26 -0
  70. data/test/test_action_controller_request_proxy.rb +133 -0
  71. data/test/test_consumer.rb +220 -0
  72. data/test/test_curb_request_proxy.rb +77 -0
  73. data/test/test_em_http_client.rb +80 -0
  74. data/test/test_em_http_request_proxy.rb +115 -0
  75. data/test/test_helper.rb +28 -0
  76. data/test/test_hmac_sha1.rb +20 -0
  77. data/test/test_net_http_client.rb +292 -0
  78. data/test/test_net_http_request_proxy.rb +72 -0
  79. data/test/test_oauth_helper.rb +94 -0
  80. data/test/test_rack_request_proxy.rb +40 -0
  81. data/test/test_request_token.rb +51 -0
  82. data/test/test_rsa_sha1.rb +59 -0
  83. data/test/test_server.rb +40 -0
  84. data/test/test_signature.rb +22 -0
  85. data/test/test_signature_base.rb +32 -0
  86. data/test/test_signature_plain_text.rb +31 -0
  87. data/test/test_token.rb +14 -0
  88. data/test/test_typhoeus_request_proxy.rb +80 -0
  89. metadata +252 -0
@@ -0,0 +1,292 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class NetHTTPClientTest < Test::Unit::TestCase
4
+
5
+ def setup
6
+ @consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
7
+ @token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
8
+ @request_uri = URI.parse('http://example.com/test?key=value')
9
+ @request_parameters = { 'key' => 'value' }
10
+ @nonce = 225579211881198842005988698334675835446
11
+ @timestamp = "1199645624"
12
+ @http = Net::HTTP.new(@request_uri.host, @request_uri.port)
13
+ end
14
+
15
+ def test_that_using_auth_headers_on_get_requests_works
16
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
17
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
18
+
19
+ assert_equal 'GET', request.method
20
+ assert_equal '/test?key=value', request.path
21
+ correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\""
22
+ auth_intro, auth_params = request['authorization'].split(' ', 2)
23
+ assert_equal auth_intro, 'OAuth'
24
+ assert_matching_headers correct_sorted_params, request['authorization']
25
+ end
26
+
27
+ def test_that_using_auth_headers_on_get_requests_works_with_plaintext
28
+ require 'oauth/signature/plaintext'
29
+ c = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237',{
30
+ :signature_method => 'PLAINTEXT'
31
+ })
32
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
33
+ request.oauth!(@http, c, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
34
+
35
+ assert_equal 'GET', request.method
36
+ assert_equal '/test?key=value', request.path
37
+ assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"PLAINTEXT\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
38
+ end
39
+
40
+ def test_that_using_auth_headers_on_post_requests_works
41
+ request = Net::HTTP::Post.new(@request_uri.path)
42
+ request.set_form_data( @request_parameters )
43
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
44
+
45
+ assert_equal 'POST', request.method
46
+ assert_equal '/test', request.path
47
+ assert_equal 'key=value', request.body
48
+ correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\""
49
+ assert_matching_headers correct_sorted_params, request['authorization']
50
+ end
51
+
52
+ def test_that_using_auth_headers_on_post_requests_with_data_works
53
+ request = Net::HTTP::Post.new(@request_uri.path)
54
+ request.body = "data"
55
+ request.content_type = 'text/ascii'
56
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
57
+
58
+ assert_equal 'POST', request.method
59
+ assert_equal '/test', request.path
60
+ assert_equal 'data', request.body
61
+ assert_equal 'text/ascii', request.content_type
62
+ assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_body_hash=\"oXyaqmHoChv3HQ2FCvTluqmAC70%3D\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"0DA6pGTapdHSqC15RZelY5rNLDw%3D\", oauth_version=\"1.0\"", request['authorization']
63
+ end
64
+
65
+ def test_that_body_hash_is_obmitted_when_no_algorithm_is_defined
66
+ request = Net::HTTP::Post.new(@request_uri.path)
67
+ request.body = "data"
68
+ request.content_type = 'text/ascii'
69
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'plaintext'})
70
+
71
+ assert_equal 'POST', request.method
72
+ assert_equal '/test', request.path
73
+ assert_equal 'data', request.body
74
+ assert_equal 'text/ascii', request.content_type
75
+ assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"plaintext\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
76
+ end
77
+
78
+ def test_that_version_is_added_to_existing_user_agent
79
+ request = Net::HTTP::Post.new(@request_uri.path)
80
+ request['User-Agent'] = "MyApp"
81
+ request.set_form_data( @request_parameters )
82
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
83
+
84
+ assert_equal "MyApp (OAuth gem v#{OAuth::VERSION})", request['User-Agent']
85
+ end
86
+
87
+ def test_that_version_is_set_when_no_user_agent
88
+ request = Net::HTTP::Post.new(@request_uri.path)
89
+ request.set_form_data( @request_parameters )
90
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
91
+
92
+ assert_equal "OAuth gem v#{OAuth::VERSION}", request['User-Agent']
93
+ end
94
+
95
+ def test_that_using_get_params_works
96
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
97
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
98
+
99
+ assert_equal 'GET', request.method
100
+ uri = URI.parse(request.path)
101
+ assert_equal '/test', uri.path
102
+ assert_equal nil, uri.fragment
103
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
104
+ assert_equal nil, request['authorization']
105
+ end
106
+
107
+ def test_that_using_get_params_works_with_plaintext
108
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
109
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
110
+
111
+ assert_equal 'GET', request.method
112
+ uri = URI.parse(request.path)
113
+ assert_equal '/test', uri.path
114
+ assert_equal nil, uri.fragment
115
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
116
+ assert_equal nil, request['authorization']
117
+ end
118
+
119
+ def test_that_using_post_params_works
120
+ request = Net::HTTP::Post.new(@request_uri.path)
121
+ request.set_form_data( @request_parameters )
122
+ request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
123
+
124
+ assert_equal 'POST', request.method
125
+ assert_equal '/test', request.path
126
+ assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
127
+ assert_equal nil, request['authorization']
128
+ end
129
+
130
+ def test_that_using_post_params_works_with_plaintext
131
+ request = Net::HTTP::Post.new(@request_uri.path)
132
+ request.set_form_data( @request_parameters )
133
+ request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
134
+
135
+ assert_equal 'POST', request.method
136
+ assert_equal '/test', request.path
137
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
138
+ assert_equal nil, request['authorization']
139
+ end
140
+
141
+ def test_that_using_post_body_works
142
+ request = Net::HTTP::Post.new(@request_uri.path)
143
+ request['content-type'] = 'application/x-www-form-urlencoded'
144
+ request.body = 'this is a test of the emergency broad cast system. This is only a test.'
145
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
146
+
147
+ assert_equal 'POST', request.method
148
+ assert_equal '/test', request.path
149
+ assert_match /OAuth oauth_consumer_key="consumer_key_86cad9", oauth_nonce="225579211881198842005988698334675835446", oauth_signature="%2[fF]DMMBOJzQ6JmEaXlAXDLGtD1z2I%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1199645624", oauth_token="token_411a7f", oauth_version="1.0"/, request['authorization'].split("&").sort.join("&")
150
+ # assert_equal nil, request['authorization']
151
+ end
152
+
153
+ def test_that_using_post_with_uri_params_works
154
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
155
+ request.set_form_data( {} ) # just to make sure we have a correct mime type and thus no body hash
156
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
157
+
158
+ assert_equal 'POST', request.method
159
+ uri = URI.parse(request.path)
160
+ assert_equal '/test', uri.path
161
+ assert_equal nil, uri.fragment
162
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
163
+ assert_equal "", request.body
164
+ assert_equal nil, request['authorization']
165
+ end
166
+
167
+ def test_that_using_post_with_uri_and_form_params_works
168
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
169
+ request.set_form_data( { 'key2' => 'value2' } )
170
+ request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
171
+
172
+ assert_equal 'POST', request.method
173
+ uri = URI.parse(request.path)
174
+ assert_equal '/test', uri.path
175
+ assert_equal nil, uri.fragment
176
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
177
+ assert_equal "key2=value2", request.body
178
+ assert_equal nil, request['authorization']
179
+ end
180
+
181
+ def test_that_using_post_with_uri_and_data_works
182
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
183
+ request.body = "data"
184
+ request.content_type = 'text/ascii'
185
+ request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
186
+
187
+ assert_equal 'POST', request.method
188
+ uri = URI.parse(request.path)
189
+ assert_equal '/test', uri.path
190
+ assert_equal nil, uri.fragment
191
+ assert_equal "data", request.body
192
+ assert_equal 'text/ascii', request.content_type
193
+ assert_equal "key=value&oauth_body_hash=oXyaqmHoChv3HQ2FCvTluqmAC70%3D&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=MHRKU42iVHU4Ke9kBUDa9Zw6IAM%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
194
+ assert_equal nil, request['authorization']
195
+ end
196
+
197
+
198
+ def test_example_from_specs
199
+ consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
200
+ token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
201
+ request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
202
+ nonce = 'kllo9940pd9333jh'
203
+ timestamp = "1191242096"
204
+ http = Net::HTTP.new(request_uri.host, request_uri.port)
205
+
206
+ request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
207
+ signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
208
+ assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
209
+
210
+ # request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
211
+ request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp, :realm=>"http://photos.example.net/"})
212
+
213
+ assert_equal 'GET', request.method
214
+ correct_sorted_params = 'oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort
215
+ correct_sorted_params.unshift 'OAuth realm="http://photos.example.net/"'
216
+ assert_equal correct_sorted_params, request['authorization'].split(', ').sort
217
+ end
218
+
219
+ def test_step_by_step_token_request
220
+ token_response = "oauth_token=requestkey&oauth_token_secret=requestsecret"
221
+ stub_request(:get, %r{http://term\.ie/oauth/example/request_token\.php(\?.*)?}).to_return(:body => token_response)
222
+
223
+ consumer=OAuth::Consumer.new(
224
+ "key",
225
+ "secret")
226
+ request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
227
+ nonce = rand(2**128).to_s
228
+ timestamp = Time.now.to_i.to_s
229
+ http = Net::HTTP.new(request_uri.host, request_uri.port)
230
+
231
+ request = Net::HTTP::Get.new(request_uri.path)
232
+ signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
233
+ assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_version%3D1.0",signature_base_string
234
+
235
+ # request = Net::HTTP::Get.new(request_uri.path)
236
+ request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
237
+ assert_equal 'GET', request.method
238
+ assert_nil request.body
239
+ assert_nil request['authorization']
240
+ # assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
241
+
242
+ response=http.request(request)
243
+ assert_equal "200",response.code
244
+ # assert_equal request['authorization'],response.body
245
+ assert_equal token_response, response.body
246
+ end
247
+
248
+ def test_that_put_bodies_signed
249
+ request = Net::HTTP::Put.new(@request_uri.path)
250
+ request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
251
+ request["Content-Type"] = "application/xml"
252
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
253
+ assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
254
+ end
255
+
256
+ def test_that_put_bodies_not_signed_even_if_form_urlencoded
257
+ request = Net::HTTP::Put.new(@request_uri.path)
258
+ request.set_form_data( { 'key2' => 'value2' } )
259
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
260
+ assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
261
+ end
262
+
263
+ def test_that_post_bodies_signed_if_form_urlencoded
264
+ request = Net::HTTP::Post.new(@request_uri.path)
265
+ request.set_form_data( { 'key2' => 'value2' } )
266
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
267
+ assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
268
+ end
269
+
270
+ def test_that_post_bodies_signed_if_other_content_type
271
+ request = Net::HTTP::Post.new(@request_uri.path)
272
+ request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
273
+ request["Content-Type"] = "application/xml"
274
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
275
+ assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
276
+ end
277
+
278
+ def test_that_site_address_is_not_modified_in_place
279
+ options = { :site => 'http://twitter.com', :request_endpoint => 'http://api.twitter.com' }
280
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
281
+ request.oauth!(@http, @consumer, @token, options)
282
+ assert_equal "http://twitter.com", options[:site]
283
+ assert_equal "http://api.twitter.com", options[:request_endpoint]
284
+ end
285
+
286
+ protected
287
+
288
+ def request_parameters_to_s
289
+ @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
290
+ end
291
+
292
+ end
@@ -0,0 +1,72 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class NetHTTPRequestProxyTest < Test::Unit::TestCase
4
+
5
+ def test_that_proxy_simple_get_request_works
6
+ request = Net::HTTP::Get.new('/test?key=value')
7
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
8
+
9
+ expected_parameters = {'key' => ['value']}
10
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
11
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
12
+ assert_equal 'GET', request_proxy.method
13
+ end
14
+
15
+ def test_that_proxy_simple_post_request_works_with_arguments
16
+ request = Net::HTTP::Post.new('/test')
17
+ params = {'key' => 'value'}
18
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
19
+
20
+ expected_parameters = {'key' => ['value']}
21
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
22
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
23
+ assert_equal 'POST', request_proxy.method
24
+ end
25
+
26
+ def test_that_proxy_simple_post_request_works_with_form_data
27
+ request = Net::HTTP::Post.new('/test')
28
+ params = {'key' => 'value'}
29
+ request.set_form_data(params)
30
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
31
+
32
+ expected_parameters = {'key' => ['value']}
33
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
34
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
35
+ assert_equal 'POST', request_proxy.method
36
+ end
37
+
38
+ def test_that_proxy_simple_put_request_works_with_argugments
39
+ request = Net::HTTP::Put.new('/test')
40
+ params = {'key' => 'value'}
41
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
42
+
43
+ expected_parameters = {'key' => ['value']}
44
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
45
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
46
+ assert_equal 'PUT', request_proxy.method
47
+ end
48
+
49
+ def test_that_proxy_simple_put_request_works_with_form_data
50
+ request = Net::HTTP::Put.new('/test')
51
+ params = {'key' => 'value'}
52
+ request.set_form_data(params)
53
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
54
+
55
+ expected_parameters = {'key' => ['value']}
56
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
57
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
58
+ assert_equal 'PUT', request_proxy.method
59
+ end
60
+
61
+ def test_that_proxy_post_request_uses_post_parameters
62
+ request = Net::HTTP::Post.new('/test?key=value')
63
+ request.set_form_data({'key2' => 'value2'})
64
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => {'key3' => 'value3'}})
65
+
66
+ expected_parameters = {'key' => ['value'], 'key2' => ['value2'], 'key3' => ['value3']}
67
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
68
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
69
+ assert_equal 'POST', request_proxy.method
70
+ end
71
+
72
+ end
@@ -0,0 +1,94 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class TestOAuthHelper < Test::Unit::TestCase
4
+
5
+ def test_parse_valid_header
6
+ header = 'OAuth ' \
7
+ 'realm="http://example.com/method", ' \
8
+ 'oauth_consumer_key="vince_clortho", ' \
9
+ 'oauth_token="token_value", ' \
10
+ 'oauth_signature_method="HMAC-SHA1", ' \
11
+ 'oauth_signature="signature_here", ' \
12
+ 'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
13
+ 'oauth_version="1.0" '
14
+
15
+ params = OAuth::Helper.parse_header(header)
16
+
17
+ assert_equal "http://example.com/method", params['realm']
18
+ assert_equal "vince_clortho", params['oauth_consumer_key']
19
+ assert_equal "token_value", params['oauth_token']
20
+ assert_equal "HMAC-SHA1", params['oauth_signature_method']
21
+ assert_equal "signature_here", params['oauth_signature']
22
+ assert_equal "1240004133", params['oauth_timestamp']
23
+ assert_equal "nonce", params['oauth_nonce']
24
+ assert_equal "1.0", params['oauth_version']
25
+ end
26
+
27
+ def test_parse_header_ill_formed
28
+ header = "OAuth garbage"
29
+
30
+ assert_raise OAuth::Problem do
31
+ OAuth::Helper.parse_header(header)
32
+ end
33
+ end
34
+
35
+ def test_parse_header_contains_equals
36
+ header = 'OAuth ' \
37
+ 'realm="http://example.com/method", ' \
38
+ 'oauth_consumer_key="vince_clortho", ' \
39
+ 'oauth_token="token_value", ' \
40
+ 'oauth_signature_method="HMAC-SHA1", ' \
41
+ 'oauth_signature="signature_here_with_=", ' \
42
+ 'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
43
+ 'oauth_version="1.0" '
44
+
45
+ assert_raise OAuth::Problem do
46
+ OAuth::Helper.parse_header(header)
47
+ end
48
+ end
49
+
50
+ def test_parse_valid_header_with_and_signs
51
+ header = 'OAuth ' \
52
+ 'realm="http://example.com/method"&' \
53
+ 'oauth_consumer_key="vince_clortho"&' \
54
+ 'oauth_token="token_value"&' \
55
+ 'oauth_signature_method="HMAC-SHA1"&' \
56
+ 'oauth_signature="signature_here"&' \
57
+ 'oauth_timestamp="1240004133"&oauth_nonce="nonce"&' \
58
+ 'oauth_version="1.0"'
59
+
60
+ params = OAuth::Helper.parse_header(header)
61
+
62
+ assert_equal "http://example.com/method", params['realm']
63
+ assert_equal "vince_clortho", params['oauth_consumer_key']
64
+ assert_equal "token_value", params['oauth_token']
65
+ assert_equal "HMAC-SHA1", params['oauth_signature_method']
66
+ assert_equal "signature_here", params['oauth_signature']
67
+ assert_equal "1240004133", params['oauth_timestamp']
68
+ assert_equal "nonce", params['oauth_nonce']
69
+ assert_equal "1.0", params['oauth_version']
70
+ end
71
+
72
+ def test_normalize
73
+ params = {
74
+ 'oauth_nonce' => 'nonce',
75
+ 'weight' => { :value => "65" },
76
+ 'oauth_signature_method' => 'HMAC-SHA1',
77
+ 'oauth_timestamp' => "1240004133",
78
+ 'oauth_consumer_key' => 'vince_clortho',
79
+ 'oauth_token' => 'token_value',
80
+ 'oauth_version' => "1.0"
81
+ }
82
+ assert_equal("oauth_consumer_key=vince_clortho&oauth_nonce=nonce&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1240004133&oauth_token=token_value&oauth_version=1.0&weight%5Bvalue%5D=65", OAuth::Helper.normalize(params))
83
+ end
84
+
85
+ def test_normalize_nested_query
86
+ assert_equal([], OAuth::Helper.normalize_nested_query({}))
87
+ assert_equal(["foo=bar"], OAuth::Helper.normalize_nested_query({:foo => 'bar'}))
88
+ assert_equal(["prefix%5Bfoo%5D=bar"], OAuth::Helper.normalize_nested_query({:foo => 'bar'}, 'prefix'))
89
+ assert_equal(["prefix%5Buser%5D%5Bage%5D=12",
90
+ "prefix%5Buser%5D%5Bdate%5D=2011-10-05",
91
+ "prefix%5Buser%5D%5Btwitter_id%5D=123"], OAuth::Helper.normalize_nested_query({:user => {:twitter_id => 123, :date => '2011-10-05', :age => 12}}, 'prefix'))
92
+ end
93
+
94
+ end
@@ -0,0 +1,40 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+ require 'oauth/request_proxy/rack_request'
3
+ require 'rack/request'
4
+ require 'rack/mock'
5
+
6
+ class RackRequestProxyTest < Test::Unit::TestCase
7
+
8
+ def test_that_proxy_simple_get_request_works
9
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value'))
10
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
11
+
12
+ expected_parameters = {'key' => 'value'}
13
+ assert_equal expected_parameters, request_proxy.parameters
14
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
15
+ assert_equal 'GET', request_proxy.method
16
+ end
17
+
18
+ def test_that_proxy_simple_post_request_works
19
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test', :method => 'POST'))
20
+ params = {'key' => 'value'}
21
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
22
+
23
+ expected_parameters = {'key' => 'value'}
24
+ assert_equal expected_parameters, request_proxy.parameters
25
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
26
+ assert_equal 'POST', request_proxy.method
27
+ end
28
+
29
+ def test_that_proxy_post_and_get_request_works
30
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value', :method => 'POST', :input => 'key2=value2'))
31
+ params = {'key2' => 'value2'}
32
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => params})
33
+
34
+ expected_parameters = {'key' => 'value', 'key2' => 'value2'}
35
+ assert_equal expected_parameters, request_proxy.parameters
36
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
37
+ assert_equal 'POST', request_proxy.method
38
+ end
39
+
40
+ end
@@ -0,0 +1,51 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class StubbedToken < OAuth::RequestToken
4
+ define_method :build_authorize_url_promoted do |root_domain, params|
5
+ build_authorize_url root_domain, params
6
+ end
7
+ end
8
+
9
+ class TestRequestToken < Test::Unit::TestCase
10
+ def setup
11
+ # setup a fake req. token. mocking Consumer would be more appropriate...
12
+ @request_token = OAuth::RequestToken.new(
13
+ OAuth::Consumer.new("key", "secret", {}),
14
+ "key",
15
+ "secret"
16
+ )
17
+ end
18
+
19
+ def test_request_token_builds_authorize_url_connectly_with_additional_params
20
+ auth_url = @request_token.authorize_url({:oauth_callback => "github.com"})
21
+ assert_not_nil auth_url
22
+ assert_match(/oauth_token/, auth_url)
23
+ assert_match(/oauth_callback/, auth_url)
24
+ end
25
+
26
+ def test_request_token_builds_authorize_url_connectly_with_no_or_nil_params
27
+ # we should only have 1 key in the url returned if we didn't pass anything.
28
+ # this is the only required param to authenticate the client.
29
+ auth_url = @request_token.authorize_url(nil)
30
+ assert_not_nil auth_url
31
+ assert_match(/\?oauth_token=/, auth_url)
32
+
33
+ auth_url = @request_token.authorize_url
34
+ assert_not_nil auth_url
35
+ assert_match(/\?oauth_token=/, auth_url)
36
+ end
37
+
38
+ #TODO: mock out the Consumer to test the Consumer/AccessToken interaction.
39
+ def test_get_access_token
40
+ end
41
+
42
+ def test_build_authorize_url
43
+ @stubbed_token = StubbedToken.new(nil, nil, nil)
44
+ assert_respond_to @stubbed_token, :build_authorize_url_promoted
45
+ url = @stubbed_token.build_authorize_url_promoted(
46
+ "http://github.com/oauth/authorize",
47
+ {:foo => "bar bar"})
48
+ assert url
49
+ assert_equal "http://github.com/oauth/authorize?foo=bar+bar", url
50
+ end
51
+ end
@@ -0,0 +1,59 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+ require 'oauth/consumer'
3
+ require 'oauth/signature/rsa/sha1'
4
+
5
+ class TestSignatureRsaSha1 < Test::Unit::TestCase
6
+
7
+ def setup
8
+ @request = Net::HTTP::Get.new('/photos?file=vacaction.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&oauth_signature_method=RSA-SHA1')
9
+
10
+ @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', OpenSSL::PKey::RSA.new(IO.read(File.dirname(__FILE__) + "/keys/rsa.pem")))
11
+
12
+ end
13
+
14
+ def test_that_rsa_sha1_implements_rsa_sha1
15
+ assert OAuth::Signature.available_methods.include?('rsa-sha1')
16
+ end
17
+
18
+ def test_that_get_request_from_oauth_test_cases_produces_matching_signature_base_string
19
+ sbs = OAuth::Signature.signature_base_string(@request, { :consumer => @consumer,
20
+ :uri => 'http://photos.example.net/photos' } )
21
+
22
+ assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal', sbs
23
+ end
24
+
25
+ def test_that_get_request_from_oauth_test_cases_produces_matching_signature
26
+ signature = OAuth::Signature.sign(@request, { :consumer => @consumer,
27
+ :uri => 'http://photos.example.net/photos' } )
28
+
29
+ assert_equal 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=', signature
30
+
31
+ end
32
+
33
+ def test_that_get_request_from_oauth_test_cases_produces_matching_signature_using_private_key_file
34
+ @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03',nil)
35
+
36
+ signature = OAuth::Signature.sign(@request, { :consumer => @consumer,
37
+ :private_key_file=>File.dirname(__FILE__) + "/keys/rsa.pem",
38
+ :uri => 'http://photos.example.net/photos' } )
39
+
40
+ assert_equal 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=', signature
41
+ end
42
+
43
+ def test_that_get_request_from_oauth_test_cases_verifies_signature
44
+ @request = Net::HTTP::Get.new('/photos?oauth_signature_method=RSA-SHA1&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&file=vacaction.jpg&size=original&oauth_signature=jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D')
45
+ @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03',OpenSSL::X509::Certificate.new(IO.read(File.dirname(__FILE__) + "/keys/rsa.cert")))
46
+
47
+ assert OAuth::Signature.verify(@request, { :consumer => @consumer,
48
+ :uri => 'http://photos.example.net/photos' } )
49
+
50
+ end
51
+
52
+ def test_that_get_request_from_oauth_test_cases_verifies_signature_with_pem
53
+ @request = Net::HTTP::Get.new('/photos?oauth_signature_method=RSA-SHA1&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&file=vacaction.jpg&size=original&oauth_signature=jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D')
54
+ assert OAuth::Signature.verify(@request, { :consumer => @consumer,
55
+ :uri => 'http://photos.example.net/photos' } )
56
+
57
+ end
58
+
59
+ end
@@ -0,0 +1,40 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+ require 'oauth/server'
3
+ class ServerTest < Test::Unit::TestCase
4
+ def setup
5
+ @server=OAuth::Server.new "http://test.com"
6
+ end
7
+
8
+ def test_default_paths
9
+ assert_equal "/oauth/request_token",@server.request_token_path
10
+ assert_equal "/oauth/authorize",@server.authorize_path
11
+ assert_equal "/oauth/access_token",@server.access_token_path
12
+ end
13
+
14
+ def test_default_urls
15
+ assert_equal "http://test.com/oauth/request_token",@server.request_token_url
16
+ assert_equal "http://test.com/oauth/authorize",@server.authorize_url
17
+ assert_equal "http://test.com/oauth/access_token",@server.access_token_url
18
+ end
19
+
20
+ def test_generate_consumer_credentials
21
+ consumer=@server.generate_consumer_credentials
22
+ assert_not_nil consumer.key
23
+ assert_not_nil consumer.secret
24
+ end
25
+
26
+ def test_create_consumer
27
+ @consumer=@server.create_consumer
28
+ assert_not_nil @consumer
29
+ assert_not_nil @consumer.key
30
+ assert_not_nil @consumer.secret
31
+ assert_equal "http://test.com",@consumer.site
32
+ assert_equal "/oauth/request_token",@consumer.request_token_path
33
+ assert_equal "/oauth/authorize",@consumer.authorize_path
34
+ assert_equal "/oauth/access_token",@consumer.access_token_path
35
+ assert_equal "http://test.com/oauth/request_token",@consumer.request_token_url
36
+ assert_equal "http://test.com/oauth/authorize",@consumer.authorize_url
37
+ assert_equal "http://test.com/oauth/access_token",@consumer.access_token_url
38
+ end
39
+
40
+ end