oauth_weshays 0.4.8.pre

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (89) hide show
  1. checksums.yaml +15 -0
  2. data/.gemtest +0 -0
  3. data/Gemfile +16 -0
  4. data/Gemfile.lock +47 -0
  5. data/HISTORY +173 -0
  6. data/LICENSE +20 -0
  7. data/README.rdoc +75 -0
  8. data/Rakefile +37 -0
  9. data/TODO +32 -0
  10. data/bin/oauth +5 -0
  11. data/examples/yql.rb +44 -0
  12. data/lib/digest/hmac.rb +104 -0
  13. data/lib/oauth/cli.rb +378 -0
  14. data/lib/oauth/client/action_controller_request.rb +65 -0
  15. data/lib/oauth/client/em_http.rb +120 -0
  16. data/lib/oauth/client/helper.rb +91 -0
  17. data/lib/oauth/client/net_http.rb +120 -0
  18. data/lib/oauth/client.rb +4 -0
  19. data/lib/oauth/consumer.rb +389 -0
  20. data/lib/oauth/core_ext.rb +31 -0
  21. data/lib/oauth/errors/error.rb +4 -0
  22. data/lib/oauth/errors/problem.rb +14 -0
  23. data/lib/oauth/errors/unauthorized.rb +12 -0
  24. data/lib/oauth/errors.rb +3 -0
  25. data/lib/oauth/helper.rb +109 -0
  26. data/lib/oauth/oauth.rb +13 -0
  27. data/lib/oauth/oauth_test_helper.rb +25 -0
  28. data/lib/oauth/request_proxy/action_controller_request.rb +62 -0
  29. data/lib/oauth/request_proxy/base.rb +174 -0
  30. data/lib/oauth/request_proxy/curb_request.rb +55 -0
  31. data/lib/oauth/request_proxy/em_http_request.rb +66 -0
  32. data/lib/oauth/request_proxy/jabber_request.rb +41 -0
  33. data/lib/oauth/request_proxy/mock_request.rb +44 -0
  34. data/lib/oauth/request_proxy/net_http.rb +73 -0
  35. data/lib/oauth/request_proxy/rack_request.rb +44 -0
  36. data/lib/oauth/request_proxy/typhoeus_request.rb +53 -0
  37. data/lib/oauth/request_proxy.rb +24 -0
  38. data/lib/oauth/server.rb +66 -0
  39. data/lib/oauth/signature/base.rb +110 -0
  40. data/lib/oauth/signature/hmac/base.rb +15 -0
  41. data/lib/oauth/signature/hmac/md5.rb +8 -0
  42. data/lib/oauth/signature/hmac/rmd160.rb +8 -0
  43. data/lib/oauth/signature/hmac/sha1.rb +9 -0
  44. data/lib/oauth/signature/hmac/sha2.rb +8 -0
  45. data/lib/oauth/signature/md5.rb +13 -0
  46. data/lib/oauth/signature/plaintext.rb +23 -0
  47. data/lib/oauth/signature/rsa/sha1.rb +46 -0
  48. data/lib/oauth/signature/sha1.rb +13 -0
  49. data/lib/oauth/signature.rb +45 -0
  50. data/lib/oauth/token.rb +7 -0
  51. data/lib/oauth/tokens/access_token.rb +71 -0
  52. data/lib/oauth/tokens/consumer_token.rb +33 -0
  53. data/lib/oauth/tokens/request_token.rb +32 -0
  54. data/lib/oauth/tokens/server_token.rb +9 -0
  55. data/lib/oauth/tokens/token.rb +17 -0
  56. data/lib/oauth.rb +13 -0
  57. data/oauth.gemspec +148 -0
  58. data/tasks/deployment.rake +34 -0
  59. data/tasks/environment.rake +7 -0
  60. data/tasks/website.rake +17 -0
  61. data/test/cases/oauth_case.rb +19 -0
  62. data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
  63. data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
  64. data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
  65. data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
  66. data/test/integration/consumer_test.rb +307 -0
  67. data/test/keys/rsa.cert +11 -0
  68. data/test/keys/rsa.pem +16 -0
  69. data/test/test_access_token.rb +26 -0
  70. data/test/test_action_controller_request_proxy.rb +133 -0
  71. data/test/test_consumer.rb +220 -0
  72. data/test/test_curb_request_proxy.rb +77 -0
  73. data/test/test_em_http_client.rb +80 -0
  74. data/test/test_em_http_request_proxy.rb +115 -0
  75. data/test/test_helper.rb +28 -0
  76. data/test/test_hmac_sha1.rb +20 -0
  77. data/test/test_net_http_client.rb +292 -0
  78. data/test/test_net_http_request_proxy.rb +72 -0
  79. data/test/test_oauth_helper.rb +94 -0
  80. data/test/test_rack_request_proxy.rb +40 -0
  81. data/test/test_request_token.rb +51 -0
  82. data/test/test_rsa_sha1.rb +59 -0
  83. data/test/test_server.rb +40 -0
  84. data/test/test_signature.rb +22 -0
  85. data/test/test_signature_base.rb +32 -0
  86. data/test/test_signature_plain_text.rb +31 -0
  87. data/test/test_token.rb +14 -0
  88. data/test/test_typhoeus_request_proxy.rb +80 -0
  89. metadata +252 -0
@@ -0,0 +1,292 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class NetHTTPClientTest < Test::Unit::TestCase
4
+
5
+ def setup
6
+ @consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
7
+ @token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
8
+ @request_uri = URI.parse('http://example.com/test?key=value')
9
+ @request_parameters = { 'key' => 'value' }
10
+ @nonce = 225579211881198842005988698334675835446
11
+ @timestamp = "1199645624"
12
+ @http = Net::HTTP.new(@request_uri.host, @request_uri.port)
13
+ end
14
+
15
+ def test_that_using_auth_headers_on_get_requests_works
16
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
17
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
18
+
19
+ assert_equal 'GET', request.method
20
+ assert_equal '/test?key=value', request.path
21
+ correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\""
22
+ auth_intro, auth_params = request['authorization'].split(' ', 2)
23
+ assert_equal auth_intro, 'OAuth'
24
+ assert_matching_headers correct_sorted_params, request['authorization']
25
+ end
26
+
27
+ def test_that_using_auth_headers_on_get_requests_works_with_plaintext
28
+ require 'oauth/signature/plaintext'
29
+ c = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237',{
30
+ :signature_method => 'PLAINTEXT'
31
+ })
32
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
33
+ request.oauth!(@http, c, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
34
+
35
+ assert_equal 'GET', request.method
36
+ assert_equal '/test?key=value', request.path
37
+ assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"PLAINTEXT\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
38
+ end
39
+
40
+ def test_that_using_auth_headers_on_post_requests_works
41
+ request = Net::HTTP::Post.new(@request_uri.path)
42
+ request.set_form_data( @request_parameters )
43
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
44
+
45
+ assert_equal 'POST', request.method
46
+ assert_equal '/test', request.path
47
+ assert_equal 'key=value', request.body
48
+ correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\""
49
+ assert_matching_headers correct_sorted_params, request['authorization']
50
+ end
51
+
52
+ def test_that_using_auth_headers_on_post_requests_with_data_works
53
+ request = Net::HTTP::Post.new(@request_uri.path)
54
+ request.body = "data"
55
+ request.content_type = 'text/ascii'
56
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
57
+
58
+ assert_equal 'POST', request.method
59
+ assert_equal '/test', request.path
60
+ assert_equal 'data', request.body
61
+ assert_equal 'text/ascii', request.content_type
62
+ assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_body_hash=\"oXyaqmHoChv3HQ2FCvTluqmAC70%3D\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"0DA6pGTapdHSqC15RZelY5rNLDw%3D\", oauth_version=\"1.0\"", request['authorization']
63
+ end
64
+
65
+ def test_that_body_hash_is_obmitted_when_no_algorithm_is_defined
66
+ request = Net::HTTP::Post.new(@request_uri.path)
67
+ request.body = "data"
68
+ request.content_type = 'text/ascii'
69
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'plaintext'})
70
+
71
+ assert_equal 'POST', request.method
72
+ assert_equal '/test', request.path
73
+ assert_equal 'data', request.body
74
+ assert_equal 'text/ascii', request.content_type
75
+ assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"plaintext\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
76
+ end
77
+
78
+ def test_that_version_is_added_to_existing_user_agent
79
+ request = Net::HTTP::Post.new(@request_uri.path)
80
+ request['User-Agent'] = "MyApp"
81
+ request.set_form_data( @request_parameters )
82
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
83
+
84
+ assert_equal "MyApp (OAuth gem v#{OAuth::VERSION})", request['User-Agent']
85
+ end
86
+
87
+ def test_that_version_is_set_when_no_user_agent
88
+ request = Net::HTTP::Post.new(@request_uri.path)
89
+ request.set_form_data( @request_parameters )
90
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
91
+
92
+ assert_equal "OAuth gem v#{OAuth::VERSION}", request['User-Agent']
93
+ end
94
+
95
+ def test_that_using_get_params_works
96
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
97
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
98
+
99
+ assert_equal 'GET', request.method
100
+ uri = URI.parse(request.path)
101
+ assert_equal '/test', uri.path
102
+ assert_equal nil, uri.fragment
103
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
104
+ assert_equal nil, request['authorization']
105
+ end
106
+
107
+ def test_that_using_get_params_works_with_plaintext
108
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
109
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
110
+
111
+ assert_equal 'GET', request.method
112
+ uri = URI.parse(request.path)
113
+ assert_equal '/test', uri.path
114
+ assert_equal nil, uri.fragment
115
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
116
+ assert_equal nil, request['authorization']
117
+ end
118
+
119
+ def test_that_using_post_params_works
120
+ request = Net::HTTP::Post.new(@request_uri.path)
121
+ request.set_form_data( @request_parameters )
122
+ request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
123
+
124
+ assert_equal 'POST', request.method
125
+ assert_equal '/test', request.path
126
+ assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
127
+ assert_equal nil, request['authorization']
128
+ end
129
+
130
+ def test_that_using_post_params_works_with_plaintext
131
+ request = Net::HTTP::Post.new(@request_uri.path)
132
+ request.set_form_data( @request_parameters )
133
+ request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
134
+
135
+ assert_equal 'POST', request.method
136
+ assert_equal '/test', request.path
137
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
138
+ assert_equal nil, request['authorization']
139
+ end
140
+
141
+ def test_that_using_post_body_works
142
+ request = Net::HTTP::Post.new(@request_uri.path)
143
+ request['content-type'] = 'application/x-www-form-urlencoded'
144
+ request.body = 'this is a test of the emergency broad cast system. This is only a test.'
145
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
146
+
147
+ assert_equal 'POST', request.method
148
+ assert_equal '/test', request.path
149
+ assert_match /OAuth oauth_consumer_key="consumer_key_86cad9", oauth_nonce="225579211881198842005988698334675835446", oauth_signature="%2[fF]DMMBOJzQ6JmEaXlAXDLGtD1z2I%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1199645624", oauth_token="token_411a7f", oauth_version="1.0"/, request['authorization'].split("&").sort.join("&")
150
+ # assert_equal nil, request['authorization']
151
+ end
152
+
153
+ def test_that_using_post_with_uri_params_works
154
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
155
+ request.set_form_data( {} ) # just to make sure we have a correct mime type and thus no body hash
156
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
157
+
158
+ assert_equal 'POST', request.method
159
+ uri = URI.parse(request.path)
160
+ assert_equal '/test', uri.path
161
+ assert_equal nil, uri.fragment
162
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
163
+ assert_equal "", request.body
164
+ assert_equal nil, request['authorization']
165
+ end
166
+
167
+ def test_that_using_post_with_uri_and_form_params_works
168
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
169
+ request.set_form_data( { 'key2' => 'value2' } )
170
+ request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
171
+
172
+ assert_equal 'POST', request.method
173
+ uri = URI.parse(request.path)
174
+ assert_equal '/test', uri.path
175
+ assert_equal nil, uri.fragment
176
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
177
+ assert_equal "key2=value2", request.body
178
+ assert_equal nil, request['authorization']
179
+ end
180
+
181
+ def test_that_using_post_with_uri_and_data_works
182
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
183
+ request.body = "data"
184
+ request.content_type = 'text/ascii'
185
+ request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
186
+
187
+ assert_equal 'POST', request.method
188
+ uri = URI.parse(request.path)
189
+ assert_equal '/test', uri.path
190
+ assert_equal nil, uri.fragment
191
+ assert_equal "data", request.body
192
+ assert_equal 'text/ascii', request.content_type
193
+ assert_equal "key=value&oauth_body_hash=oXyaqmHoChv3HQ2FCvTluqmAC70%3D&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=MHRKU42iVHU4Ke9kBUDa9Zw6IAM%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
194
+ assert_equal nil, request['authorization']
195
+ end
196
+
197
+
198
+ def test_example_from_specs
199
+ consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
200
+ token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
201
+ request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
202
+ nonce = 'kllo9940pd9333jh'
203
+ timestamp = "1191242096"
204
+ http = Net::HTTP.new(request_uri.host, request_uri.port)
205
+
206
+ request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
207
+ signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
208
+ assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
209
+
210
+ # request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
211
+ request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp, :realm=>"http://photos.example.net/"})
212
+
213
+ assert_equal 'GET', request.method
214
+ correct_sorted_params = 'oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort
215
+ correct_sorted_params.unshift 'OAuth realm="http://photos.example.net/"'
216
+ assert_equal correct_sorted_params, request['authorization'].split(', ').sort
217
+ end
218
+
219
+ def test_step_by_step_token_request
220
+ token_response = "oauth_token=requestkey&oauth_token_secret=requestsecret"
221
+ stub_request(:get, %r{http://term\.ie/oauth/example/request_token\.php(\?.*)?}).to_return(:body => token_response)
222
+
223
+ consumer=OAuth::Consumer.new(
224
+ "key",
225
+ "secret")
226
+ request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
227
+ nonce = rand(2**128).to_s
228
+ timestamp = Time.now.to_i.to_s
229
+ http = Net::HTTP.new(request_uri.host, request_uri.port)
230
+
231
+ request = Net::HTTP::Get.new(request_uri.path)
232
+ signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
233
+ assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_version%3D1.0",signature_base_string
234
+
235
+ # request = Net::HTTP::Get.new(request_uri.path)
236
+ request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
237
+ assert_equal 'GET', request.method
238
+ assert_nil request.body
239
+ assert_nil request['authorization']
240
+ # assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
241
+
242
+ response=http.request(request)
243
+ assert_equal "200",response.code
244
+ # assert_equal request['authorization'],response.body
245
+ assert_equal token_response, response.body
246
+ end
247
+
248
+ def test_that_put_bodies_signed
249
+ request = Net::HTTP::Put.new(@request_uri.path)
250
+ request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
251
+ request["Content-Type"] = "application/xml"
252
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
253
+ assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
254
+ end
255
+
256
+ def test_that_put_bodies_not_signed_even_if_form_urlencoded
257
+ request = Net::HTTP::Put.new(@request_uri.path)
258
+ request.set_form_data( { 'key2' => 'value2' } )
259
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
260
+ assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
261
+ end
262
+
263
+ def test_that_post_bodies_signed_if_form_urlencoded
264
+ request = Net::HTTP::Post.new(@request_uri.path)
265
+ request.set_form_data( { 'key2' => 'value2' } )
266
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
267
+ assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
268
+ end
269
+
270
+ def test_that_post_bodies_signed_if_other_content_type
271
+ request = Net::HTTP::Post.new(@request_uri.path)
272
+ request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
273
+ request["Content-Type"] = "application/xml"
274
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
275
+ assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
276
+ end
277
+
278
+ def test_that_site_address_is_not_modified_in_place
279
+ options = { :site => 'http://twitter.com', :request_endpoint => 'http://api.twitter.com' }
280
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
281
+ request.oauth!(@http, @consumer, @token, options)
282
+ assert_equal "http://twitter.com", options[:site]
283
+ assert_equal "http://api.twitter.com", options[:request_endpoint]
284
+ end
285
+
286
+ protected
287
+
288
+ def request_parameters_to_s
289
+ @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
290
+ end
291
+
292
+ end
@@ -0,0 +1,72 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class NetHTTPRequestProxyTest < Test::Unit::TestCase
4
+
5
+ def test_that_proxy_simple_get_request_works
6
+ request = Net::HTTP::Get.new('/test?key=value')
7
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
8
+
9
+ expected_parameters = {'key' => ['value']}
10
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
11
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
12
+ assert_equal 'GET', request_proxy.method
13
+ end
14
+
15
+ def test_that_proxy_simple_post_request_works_with_arguments
16
+ request = Net::HTTP::Post.new('/test')
17
+ params = {'key' => 'value'}
18
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
19
+
20
+ expected_parameters = {'key' => ['value']}
21
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
22
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
23
+ assert_equal 'POST', request_proxy.method
24
+ end
25
+
26
+ def test_that_proxy_simple_post_request_works_with_form_data
27
+ request = Net::HTTP::Post.new('/test')
28
+ params = {'key' => 'value'}
29
+ request.set_form_data(params)
30
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
31
+
32
+ expected_parameters = {'key' => ['value']}
33
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
34
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
35
+ assert_equal 'POST', request_proxy.method
36
+ end
37
+
38
+ def test_that_proxy_simple_put_request_works_with_argugments
39
+ request = Net::HTTP::Put.new('/test')
40
+ params = {'key' => 'value'}
41
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
42
+
43
+ expected_parameters = {'key' => ['value']}
44
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
45
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
46
+ assert_equal 'PUT', request_proxy.method
47
+ end
48
+
49
+ def test_that_proxy_simple_put_request_works_with_form_data
50
+ request = Net::HTTP::Put.new('/test')
51
+ params = {'key' => 'value'}
52
+ request.set_form_data(params)
53
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
54
+
55
+ expected_parameters = {'key' => ['value']}
56
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
57
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
58
+ assert_equal 'PUT', request_proxy.method
59
+ end
60
+
61
+ def test_that_proxy_post_request_uses_post_parameters
62
+ request = Net::HTTP::Post.new('/test?key=value')
63
+ request.set_form_data({'key2' => 'value2'})
64
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => {'key3' => 'value3'}})
65
+
66
+ expected_parameters = {'key' => ['value'], 'key2' => ['value2'], 'key3' => ['value3']}
67
+ assert_equal expected_parameters, request_proxy.parameters_for_signature
68
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
69
+ assert_equal 'POST', request_proxy.method
70
+ end
71
+
72
+ end
@@ -0,0 +1,94 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class TestOAuthHelper < Test::Unit::TestCase
4
+
5
+ def test_parse_valid_header
6
+ header = 'OAuth ' \
7
+ 'realm="http://example.com/method", ' \
8
+ 'oauth_consumer_key="vince_clortho", ' \
9
+ 'oauth_token="token_value", ' \
10
+ 'oauth_signature_method="HMAC-SHA1", ' \
11
+ 'oauth_signature="signature_here", ' \
12
+ 'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
13
+ 'oauth_version="1.0" '
14
+
15
+ params = OAuth::Helper.parse_header(header)
16
+
17
+ assert_equal "http://example.com/method", params['realm']
18
+ assert_equal "vince_clortho", params['oauth_consumer_key']
19
+ assert_equal "token_value", params['oauth_token']
20
+ assert_equal "HMAC-SHA1", params['oauth_signature_method']
21
+ assert_equal "signature_here", params['oauth_signature']
22
+ assert_equal "1240004133", params['oauth_timestamp']
23
+ assert_equal "nonce", params['oauth_nonce']
24
+ assert_equal "1.0", params['oauth_version']
25
+ end
26
+
27
+ def test_parse_header_ill_formed
28
+ header = "OAuth garbage"
29
+
30
+ assert_raise OAuth::Problem do
31
+ OAuth::Helper.parse_header(header)
32
+ end
33
+ end
34
+
35
+ def test_parse_header_contains_equals
36
+ header = 'OAuth ' \
37
+ 'realm="http://example.com/method", ' \
38
+ 'oauth_consumer_key="vince_clortho", ' \
39
+ 'oauth_token="token_value", ' \
40
+ 'oauth_signature_method="HMAC-SHA1", ' \
41
+ 'oauth_signature="signature_here_with_=", ' \
42
+ 'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
43
+ 'oauth_version="1.0" '
44
+
45
+ assert_raise OAuth::Problem do
46
+ OAuth::Helper.parse_header(header)
47
+ end
48
+ end
49
+
50
+ def test_parse_valid_header_with_and_signs
51
+ header = 'OAuth ' \
52
+ 'realm="http://example.com/method"&' \
53
+ 'oauth_consumer_key="vince_clortho"&' \
54
+ 'oauth_token="token_value"&' \
55
+ 'oauth_signature_method="HMAC-SHA1"&' \
56
+ 'oauth_signature="signature_here"&' \
57
+ 'oauth_timestamp="1240004133"&oauth_nonce="nonce"&' \
58
+ 'oauth_version="1.0"'
59
+
60
+ params = OAuth::Helper.parse_header(header)
61
+
62
+ assert_equal "http://example.com/method", params['realm']
63
+ assert_equal "vince_clortho", params['oauth_consumer_key']
64
+ assert_equal "token_value", params['oauth_token']
65
+ assert_equal "HMAC-SHA1", params['oauth_signature_method']
66
+ assert_equal "signature_here", params['oauth_signature']
67
+ assert_equal "1240004133", params['oauth_timestamp']
68
+ assert_equal "nonce", params['oauth_nonce']
69
+ assert_equal "1.0", params['oauth_version']
70
+ end
71
+
72
+ def test_normalize
73
+ params = {
74
+ 'oauth_nonce' => 'nonce',
75
+ 'weight' => { :value => "65" },
76
+ 'oauth_signature_method' => 'HMAC-SHA1',
77
+ 'oauth_timestamp' => "1240004133",
78
+ 'oauth_consumer_key' => 'vince_clortho',
79
+ 'oauth_token' => 'token_value',
80
+ 'oauth_version' => "1.0"
81
+ }
82
+ assert_equal("oauth_consumer_key=vince_clortho&oauth_nonce=nonce&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1240004133&oauth_token=token_value&oauth_version=1.0&weight%5Bvalue%5D=65", OAuth::Helper.normalize(params))
83
+ end
84
+
85
+ def test_normalize_nested_query
86
+ assert_equal([], OAuth::Helper.normalize_nested_query({}))
87
+ assert_equal(["foo=bar"], OAuth::Helper.normalize_nested_query({:foo => 'bar'}))
88
+ assert_equal(["prefix%5Bfoo%5D=bar"], OAuth::Helper.normalize_nested_query({:foo => 'bar'}, 'prefix'))
89
+ assert_equal(["prefix%5Buser%5D%5Bage%5D=12",
90
+ "prefix%5Buser%5D%5Bdate%5D=2011-10-05",
91
+ "prefix%5Buser%5D%5Btwitter_id%5D=123"], OAuth::Helper.normalize_nested_query({:user => {:twitter_id => 123, :date => '2011-10-05', :age => 12}}, 'prefix'))
92
+ end
93
+
94
+ end
@@ -0,0 +1,40 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+ require 'oauth/request_proxy/rack_request'
3
+ require 'rack/request'
4
+ require 'rack/mock'
5
+
6
+ class RackRequestProxyTest < Test::Unit::TestCase
7
+
8
+ def test_that_proxy_simple_get_request_works
9
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value'))
10
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
11
+
12
+ expected_parameters = {'key' => 'value'}
13
+ assert_equal expected_parameters, request_proxy.parameters
14
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
15
+ assert_equal 'GET', request_proxy.method
16
+ end
17
+
18
+ def test_that_proxy_simple_post_request_works
19
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test', :method => 'POST'))
20
+ params = {'key' => 'value'}
21
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
22
+
23
+ expected_parameters = {'key' => 'value'}
24
+ assert_equal expected_parameters, request_proxy.parameters
25
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
26
+ assert_equal 'POST', request_proxy.method
27
+ end
28
+
29
+ def test_that_proxy_post_and_get_request_works
30
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value', :method => 'POST', :input => 'key2=value2'))
31
+ params = {'key2' => 'value2'}
32
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => params})
33
+
34
+ expected_parameters = {'key' => 'value', 'key2' => 'value2'}
35
+ assert_equal expected_parameters, request_proxy.parameters
36
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
37
+ assert_equal 'POST', request_proxy.method
38
+ end
39
+
40
+ end
@@ -0,0 +1,51 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+
3
+ class StubbedToken < OAuth::RequestToken
4
+ define_method :build_authorize_url_promoted do |root_domain, params|
5
+ build_authorize_url root_domain, params
6
+ end
7
+ end
8
+
9
+ class TestRequestToken < Test::Unit::TestCase
10
+ def setup
11
+ # setup a fake req. token. mocking Consumer would be more appropriate...
12
+ @request_token = OAuth::RequestToken.new(
13
+ OAuth::Consumer.new("key", "secret", {}),
14
+ "key",
15
+ "secret"
16
+ )
17
+ end
18
+
19
+ def test_request_token_builds_authorize_url_connectly_with_additional_params
20
+ auth_url = @request_token.authorize_url({:oauth_callback => "github.com"})
21
+ assert_not_nil auth_url
22
+ assert_match(/oauth_token/, auth_url)
23
+ assert_match(/oauth_callback/, auth_url)
24
+ end
25
+
26
+ def test_request_token_builds_authorize_url_connectly_with_no_or_nil_params
27
+ # we should only have 1 key in the url returned if we didn't pass anything.
28
+ # this is the only required param to authenticate the client.
29
+ auth_url = @request_token.authorize_url(nil)
30
+ assert_not_nil auth_url
31
+ assert_match(/\?oauth_token=/, auth_url)
32
+
33
+ auth_url = @request_token.authorize_url
34
+ assert_not_nil auth_url
35
+ assert_match(/\?oauth_token=/, auth_url)
36
+ end
37
+
38
+ #TODO: mock out the Consumer to test the Consumer/AccessToken interaction.
39
+ def test_get_access_token
40
+ end
41
+
42
+ def test_build_authorize_url
43
+ @stubbed_token = StubbedToken.new(nil, nil, nil)
44
+ assert_respond_to @stubbed_token, :build_authorize_url_promoted
45
+ url = @stubbed_token.build_authorize_url_promoted(
46
+ "http://github.com/oauth/authorize",
47
+ {:foo => "bar bar"})
48
+ assert url
49
+ assert_equal "http://github.com/oauth/authorize?foo=bar+bar", url
50
+ end
51
+ end
@@ -0,0 +1,59 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+ require 'oauth/consumer'
3
+ require 'oauth/signature/rsa/sha1'
4
+
5
+ class TestSignatureRsaSha1 < Test::Unit::TestCase
6
+
7
+ def setup
8
+ @request = Net::HTTP::Get.new('/photos?file=vacaction.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&oauth_signature_method=RSA-SHA1')
9
+
10
+ @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', OpenSSL::PKey::RSA.new(IO.read(File.dirname(__FILE__) + "/keys/rsa.pem")))
11
+
12
+ end
13
+
14
+ def test_that_rsa_sha1_implements_rsa_sha1
15
+ assert OAuth::Signature.available_methods.include?('rsa-sha1')
16
+ end
17
+
18
+ def test_that_get_request_from_oauth_test_cases_produces_matching_signature_base_string
19
+ sbs = OAuth::Signature.signature_base_string(@request, { :consumer => @consumer,
20
+ :uri => 'http://photos.example.net/photos' } )
21
+
22
+ assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal', sbs
23
+ end
24
+
25
+ def test_that_get_request_from_oauth_test_cases_produces_matching_signature
26
+ signature = OAuth::Signature.sign(@request, { :consumer => @consumer,
27
+ :uri => 'http://photos.example.net/photos' } )
28
+
29
+ assert_equal 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=', signature
30
+
31
+ end
32
+
33
+ def test_that_get_request_from_oauth_test_cases_produces_matching_signature_using_private_key_file
34
+ @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03',nil)
35
+
36
+ signature = OAuth::Signature.sign(@request, { :consumer => @consumer,
37
+ :private_key_file=>File.dirname(__FILE__) + "/keys/rsa.pem",
38
+ :uri => 'http://photos.example.net/photos' } )
39
+
40
+ assert_equal 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=', signature
41
+ end
42
+
43
+ def test_that_get_request_from_oauth_test_cases_verifies_signature
44
+ @request = Net::HTTP::Get.new('/photos?oauth_signature_method=RSA-SHA1&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&file=vacaction.jpg&size=original&oauth_signature=jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D')
45
+ @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03',OpenSSL::X509::Certificate.new(IO.read(File.dirname(__FILE__) + "/keys/rsa.cert")))
46
+
47
+ assert OAuth::Signature.verify(@request, { :consumer => @consumer,
48
+ :uri => 'http://photos.example.net/photos' } )
49
+
50
+ end
51
+
52
+ def test_that_get_request_from_oauth_test_cases_verifies_signature_with_pem
53
+ @request = Net::HTTP::Get.new('/photos?oauth_signature_method=RSA-SHA1&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&file=vacaction.jpg&size=original&oauth_signature=jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D')
54
+ assert OAuth::Signature.verify(@request, { :consumer => @consumer,
55
+ :uri => 'http://photos.example.net/photos' } )
56
+
57
+ end
58
+
59
+ end
@@ -0,0 +1,40 @@
1
+ require File.expand_path('../test_helper', __FILE__)
2
+ require 'oauth/server'
3
+ class ServerTest < Test::Unit::TestCase
4
+ def setup
5
+ @server=OAuth::Server.new "http://test.com"
6
+ end
7
+
8
+ def test_default_paths
9
+ assert_equal "/oauth/request_token",@server.request_token_path
10
+ assert_equal "/oauth/authorize",@server.authorize_path
11
+ assert_equal "/oauth/access_token",@server.access_token_path
12
+ end
13
+
14
+ def test_default_urls
15
+ assert_equal "http://test.com/oauth/request_token",@server.request_token_url
16
+ assert_equal "http://test.com/oauth/authorize",@server.authorize_url
17
+ assert_equal "http://test.com/oauth/access_token",@server.access_token_url
18
+ end
19
+
20
+ def test_generate_consumer_credentials
21
+ consumer=@server.generate_consumer_credentials
22
+ assert_not_nil consumer.key
23
+ assert_not_nil consumer.secret
24
+ end
25
+
26
+ def test_create_consumer
27
+ @consumer=@server.create_consumer
28
+ assert_not_nil @consumer
29
+ assert_not_nil @consumer.key
30
+ assert_not_nil @consumer.secret
31
+ assert_equal "http://test.com",@consumer.site
32
+ assert_equal "/oauth/request_token",@consumer.request_token_path
33
+ assert_equal "/oauth/authorize",@consumer.authorize_path
34
+ assert_equal "/oauth/access_token",@consumer.access_token_path
35
+ assert_equal "http://test.com/oauth/request_token",@consumer.request_token_url
36
+ assert_equal "http://test.com/oauth/authorize",@consumer.authorize_url
37
+ assert_equal "http://test.com/oauth/access_token",@consumer.access_token_url
38
+ end
39
+
40
+ end