oauth_weshays 0.4.8.pre

data/test/test_net_http_client.rb

@@ -0,0 +1,292 @@
+require File.expand_path('../test_helper', __FILE__)
+
+class NetHTTPClientTest < Test::Unit::TestCase
+
+  def setup
+    @consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
+    @token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
+    @request_uri = URI.parse('http://example.com/test?key=value')
+    @request_parameters = { 'key' => 'value' }
+    @nonce = 225579211881198842005988698334675835446
+    @timestamp = "1199645624"
+    @http = Net::HTTP.new(@request_uri.host, @request_uri.port)
+  end
+
+  def test_that_using_auth_headers_on_get_requests_works
+    request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'GET', request.method
+    assert_equal '/test?key=value', request.path
+    correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\""
+    auth_intro, auth_params = request['authorization'].split(' ', 2)
+    assert_equal auth_intro, 'OAuth'
+    assert_matching_headers correct_sorted_params, request['authorization']
+  end
+
+  def test_that_using_auth_headers_on_get_requests_works_with_plaintext
+    require 'oauth/signature/plaintext'
+    c = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237',{
+      :signature_method => 'PLAINTEXT'
+    })
+    request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, c, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
+
+    assert_equal 'GET', request.method
+    assert_equal '/test?key=value', request.path
+    assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"PLAINTEXT\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
+  end
+
+  def test_that_using_auth_headers_on_post_requests_works
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_equal 'key=value', request.body
+    correct_sorted_params = "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\""
+    assert_matching_headers correct_sorted_params, request['authorization']
+  end
+
+  def test_that_using_auth_headers_on_post_requests_with_data_works
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.body = "data"
+    request.content_type = 'text/ascii'
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_equal 'data', request.body
+    assert_equal 'text/ascii', request.content_type
+    assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_body_hash=\"oXyaqmHoChv3HQ2FCvTluqmAC70%3D\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"0DA6pGTapdHSqC15RZelY5rNLDw%3D\", oauth_version=\"1.0\"", request['authorization']
+  end
+
+  def test_that_body_hash_is_obmitted_when_no_algorithm_is_defined
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.body = "data"
+    request.content_type = 'text/ascii'
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp, :signature_method => 'plaintext'})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_equal 'data', request.body
+    assert_equal 'text/ascii', request.content_type
+    assert_matching_headers "oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"plaintext\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"5888bf0345e5d237%263196ffd991c8ebdb\", oauth_version=\"1.0\"", request['authorization']
+  end
+
+  def test_that_version_is_added_to_existing_user_agent
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request['User-Agent'] = "MyApp"
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal "MyApp (OAuth gem v#{OAuth::VERSION})", request['User-Agent']
+  end
+
+  def test_that_version_is_set_when_no_user_agent
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal "OAuth gem v#{OAuth::VERSION}", request['User-Agent']
+  end
+
+  def test_that_using_get_params_works
+    request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'GET', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_get_params_works_with_plaintext
+    request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
+
+    assert_equal 'GET', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_post_params_works
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_match /key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3[Dd]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0/, request.body.split("&").sort.join("&")
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_post_params_works_with_plaintext
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( @request_parameters )
+    request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp, :signature_method => 'PLAINTEXT'})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=5888bf0345e5d237%263196ffd991c8ebdb&oauth_signature_method=PLAINTEXT&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_post_body_works
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request['content-type'] = 'application/x-www-form-urlencoded'
+    request.body = 'this is a test of the emergency broad cast system. This is only a test.'
+    request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    assert_equal '/test', request.path
+    assert_match /OAuth oauth_consumer_key="consumer_key_86cad9", oauth_nonce="225579211881198842005988698334675835446", oauth_signature="%2[fF]DMMBOJzQ6JmEaXlAXDLGtD1z2I%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1199645624", oauth_token="token_411a7f", oauth_version="1.0"/, request['authorization'].split("&").sort.join("&")
+    # assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_post_with_uri_params_works
+    request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.set_form_data( {} ) # just to make sure we have a correct mime type and thus no body hash
+    request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
+    assert_equal "", request.body
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_post_with_uri_and_form_params_works
+    request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.set_form_data( { 'key2' => 'value2' } )
+    request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
+    assert_equal "key2=value2", request.body
+    assert_equal nil, request['authorization']
+  end
+
+  def test_that_using_post_with_uri_and_data_works
+    request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.body = "data"
+    request.content_type = 'text/ascii'
+    request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
+
+    assert_equal 'POST', request.method
+    uri = URI.parse(request.path)
+    assert_equal '/test', uri.path
+    assert_equal nil, uri.fragment
+    assert_equal "data", request.body
+    assert_equal 'text/ascii', request.content_type
+    assert_equal "key=value&oauth_body_hash=oXyaqmHoChv3HQ2FCvTluqmAC70%3D&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=MHRKU42iVHU4Ke9kBUDa9Zw6IAM%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
+    assert_equal nil, request['authorization']
+  end
+
+
+  def test_example_from_specs
+    consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
+    token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
+    request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
+    nonce = 'kllo9940pd9333jh'
+    timestamp = "1191242096"
+    http = Net::HTTP.new(request_uri.host, request_uri.port)
+
+    request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
+    signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
+    assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
+
+#    request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
+    request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp, :realm=>"http://photos.example.net/"})
+
+    assert_equal 'GET', request.method
+    correct_sorted_params = 'oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort
+    correct_sorted_params.unshift 'OAuth realm="http://photos.example.net/"'
+    assert_equal correct_sorted_params, request['authorization'].split(', ').sort
+  end
+
+  def test_step_by_step_token_request
+    token_response = "oauth_token=requestkey&oauth_token_secret=requestsecret"
+    stub_request(:get, %r{http://term\.ie/oauth/example/request_token\.php(\?.*)?}).to_return(:body => token_response)
+
+    consumer=OAuth::Consumer.new(
+        "key",
+        "secret")
+    request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
+    nonce = rand(2**128).to_s
+    timestamp = Time.now.to_i.to_s
+    http = Net::HTTP.new(request_uri.host, request_uri.port)
+
+    request = Net::HTTP::Get.new(request_uri.path)
+    signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
+    assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_version%3D1.0",signature_base_string
+
+#    request = Net::HTTP::Get.new(request_uri.path)
+    request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
+    assert_equal 'GET', request.method
+    assert_nil request.body
+    assert_nil request['authorization']
+#    assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
+
+    response=http.request(request)
+    assert_equal "200",response.code
+#    assert_equal request['authorization'],response.body
+    assert_equal token_response, response.body
+  end
+
+  def test_that_put_bodies_signed
+    request = Net::HTTP::Put.new(@request_uri.path)
+    request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
+    request["Content-Type"] = "application/xml"
+    signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
+    assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
+  end
+
+  def test_that_put_bodies_not_signed_even_if_form_urlencoded
+    request = Net::HTTP::Put.new(@request_uri.path)
+    request.set_form_data( { 'key2' => 'value2' } )
+    signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
+    assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
+  end
+
+  def test_that_post_bodies_signed_if_form_urlencoded
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.set_form_data( { 'key2' => 'value2' } )
+    signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
+    assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
+  end
+
+  def test_that_post_bodies_signed_if_other_content_type
+    request = Net::HTTP::Post.new(@request_uri.path)
+    request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
+    request["Content-Type"] = "application/xml"
+    signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
+    assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&oauth_body_hash%3DDvAa1AWdFoH9K%252B%252F2AHm3f6wH27k%253D%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
+  end
+
+  def test_that_site_address_is_not_modified_in_place
+    options = { :site => 'http://twitter.com', :request_endpoint => 'http://api.twitter.com' }
+    request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
+    request.oauth!(@http, @consumer, @token, options)
+    assert_equal "http://twitter.com", options[:site]
+    assert_equal "http://api.twitter.com", options[:request_endpoint]
+  end
+
+  protected
+
+    def request_parameters_to_s
+      @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
+    end
+
+end

data/test/test_net_http_request_proxy.rb

@@ -0,0 +1,72 @@
+require File.expand_path('../test_helper', __FILE__)
+
+class NetHTTPRequestProxyTest < Test::Unit::TestCase
+
+  def test_that_proxy_simple_get_request_works
+    request = Net::HTTP::Get.new('/test?key=value')
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works_with_arguments
+    request = Net::HTTP::Post.new('/test')
+    params = {'key' => 'value'}
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works_with_form_data
+    request = Net::HTTP::Post.new('/test')
+    params = {'key' => 'value'}
+    request.set_form_data(params)
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_argugments
+    request = Net::HTTP::Put.new('/test')
+    params = {'key' => 'value'}
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'PUT', request_proxy.method
+  end
+
+  def test_that_proxy_simple_put_request_works_with_form_data
+    request = Net::HTTP::Put.new('/test')
+    params = {'key' => 'value'}
+    request.set_form_data(params)
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test'})
+
+    expected_parameters = {'key' => ['value']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'PUT', request_proxy.method
+  end
+
+  def test_that_proxy_post_request_uses_post_parameters
+    request = Net::HTTP::Post.new('/test?key=value')
+    request.set_form_data({'key2' => 'value2'})
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => {'key3' => 'value3'}})
+
+    expected_parameters = {'key' => ['value'], 'key2' => ['value2'], 'key3' => ['value3']}
+    assert_equal expected_parameters, request_proxy.parameters_for_signature
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+end

data/test/test_oauth_helper.rb

@@ -0,0 +1,94 @@
+require File.expand_path('../test_helper', __FILE__)
+
+class TestOAuthHelper < Test::Unit::TestCase
+
+  def test_parse_valid_header
+    header = 'OAuth ' \
+             'realm="http://example.com/method", ' \
+             'oauth_consumer_key="vince_clortho", ' \
+             'oauth_token="token_value", ' \
+             'oauth_signature_method="HMAC-SHA1", ' \
+             'oauth_signature="signature_here", ' \
+             'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
+             'oauth_version="1.0" '
+
+    params = OAuth::Helper.parse_header(header)
+
+    assert_equal "http://example.com/method", params['realm']
+    assert_equal "vince_clortho", params['oauth_consumer_key']
+    assert_equal "token_value", params['oauth_token']
+    assert_equal "HMAC-SHA1", params['oauth_signature_method']
+    assert_equal "signature_here", params['oauth_signature']
+    assert_equal "1240004133", params['oauth_timestamp']
+    assert_equal "nonce", params['oauth_nonce']
+    assert_equal "1.0", params['oauth_version']
+  end
+
+  def test_parse_header_ill_formed
+    header = "OAuth garbage"
+
+    assert_raise OAuth::Problem do
+      OAuth::Helper.parse_header(header)
+    end
+  end
+
+  def test_parse_header_contains_equals
+    header = 'OAuth ' \
+             'realm="http://example.com/method", ' \
+             'oauth_consumer_key="vince_clortho", ' \
+             'oauth_token="token_value", ' \
+             'oauth_signature_method="HMAC-SHA1", ' \
+             'oauth_signature="signature_here_with_=", ' \
+             'oauth_timestamp="1240004133", oauth_nonce="nonce", ' \
+             'oauth_version="1.0" '
+
+    assert_raise OAuth::Problem do
+      OAuth::Helper.parse_header(header)
+    end
+  end
+
+  def test_parse_valid_header_with_and_signs
+    header = 'OAuth ' \
+             'realm="http://example.com/method"&' \
+             'oauth_consumer_key="vince_clortho"&' \
+             'oauth_token="token_value"&' \
+             'oauth_signature_method="HMAC-SHA1"&' \
+             'oauth_signature="signature_here"&' \
+             'oauth_timestamp="1240004133"&oauth_nonce="nonce"&' \
+             'oauth_version="1.0"'
+
+    params = OAuth::Helper.parse_header(header)
+
+    assert_equal "http://example.com/method", params['realm']
+    assert_equal "vince_clortho", params['oauth_consumer_key']
+    assert_equal "token_value", params['oauth_token']
+    assert_equal "HMAC-SHA1", params['oauth_signature_method']
+    assert_equal "signature_here", params['oauth_signature']
+    assert_equal "1240004133", params['oauth_timestamp']
+    assert_equal "nonce", params['oauth_nonce']
+    assert_equal "1.0", params['oauth_version']
+  end
+  
+  def test_normalize
+    params = {
+      'oauth_nonce' => 'nonce',
+      'weight' => { :value => "65" },
+      'oauth_signature_method' => 'HMAC-SHA1',
+      'oauth_timestamp' => "1240004133",
+      'oauth_consumer_key' => 'vince_clortho',
+      'oauth_token' => 'token_value',
+      'oauth_version' => "1.0"
+    }
+    assert_equal("oauth_consumer_key=vince_clortho&oauth_nonce=nonce&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1240004133&oauth_token=token_value&oauth_version=1.0&weight%5Bvalue%5D=65", OAuth::Helper.normalize(params))
+  end
+  
+  def test_normalize_nested_query
+    assert_equal([], OAuth::Helper.normalize_nested_query({}))
+    assert_equal(["foo=bar"], OAuth::Helper.normalize_nested_query({:foo => 'bar'}))
+    assert_equal(["prefix%5Bfoo%5D=bar"], OAuth::Helper.normalize_nested_query({:foo => 'bar'}, 'prefix'))
+    assert_equal(["prefix%5Buser%5D%5Bage%5D=12",
+     "prefix%5Buser%5D%5Bdate%5D=2011-10-05",
+     "prefix%5Buser%5D%5Btwitter_id%5D=123"], OAuth::Helper.normalize_nested_query({:user => {:twitter_id => 123, :date => '2011-10-05', :age => 12}}, 'prefix'))
+  end
+
+end

data/test/test_rack_request_proxy.rb

@@ -0,0 +1,40 @@
+require File.expand_path('../test_helper', __FILE__)
+require 'oauth/request_proxy/rack_request'
+require 'rack/request'
+require 'rack/mock'
+
+class RackRequestProxyTest < Test::Unit::TestCase
+
+  def test_that_proxy_simple_get_request_works
+    request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value'))
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
+
+    expected_parameters = {'key' => 'value'}
+    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'GET', request_proxy.method
+  end
+
+  def test_that_proxy_simple_post_request_works
+    request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test', :method => 'POST'))
+    params = {'key' => 'value'}
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
+
+    expected_parameters = {'key' => 'value'}
+    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+  def test_that_proxy_post_and_get_request_works
+    request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value', :method => 'POST', :input => 'key2=value2'))
+    params = {'key2' => 'value2'}
+    request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => params})
+
+    expected_parameters = {'key' => 'value', 'key2' => 'value2'}
+    assert_equal expected_parameters, request_proxy.parameters
+    assert_equal 'http://example.com/test', request_proxy.normalized_uri
+    assert_equal 'POST', request_proxy.method
+  end
+
+end

data/test/test_request_token.rb

@@ -0,0 +1,51 @@
+require File.expand_path('../test_helper', __FILE__)
+
+class StubbedToken < OAuth::RequestToken
+  define_method :build_authorize_url_promoted do |root_domain, params|
+    build_authorize_url root_domain, params
+  end
+end
+
+class TestRequestToken < Test::Unit::TestCase
+  def setup
+    # setup a fake req. token. mocking Consumer would be more appropriate...
+    @request_token = OAuth::RequestToken.new(
+      OAuth::Consumer.new("key", "secret", {}),
+      "key",
+      "secret"
+    )
+  end
+
+  def test_request_token_builds_authorize_url_connectly_with_additional_params
+    auth_url = @request_token.authorize_url({:oauth_callback => "github.com"})
+    assert_not_nil auth_url
+    assert_match(/oauth_token/, auth_url)
+    assert_match(/oauth_callback/, auth_url)
+  end
+
+  def test_request_token_builds_authorize_url_connectly_with_no_or_nil_params
+    # we should only have 1 key in the url returned if we didn't pass anything.
+    # this is the only required param to authenticate the client.
+    auth_url = @request_token.authorize_url(nil)
+    assert_not_nil auth_url
+    assert_match(/\?oauth_token=/, auth_url)
+
+    auth_url = @request_token.authorize_url
+    assert_not_nil auth_url
+    assert_match(/\?oauth_token=/, auth_url)
+  end
+
+  #TODO: mock out the Consumer to test the Consumer/AccessToken interaction.
+  def test_get_access_token
+  end
+
+  def test_build_authorize_url
+   @stubbed_token = StubbedToken.new(nil, nil, nil)
+    assert_respond_to @stubbed_token, :build_authorize_url_promoted
+    url = @stubbed_token.build_authorize_url_promoted(
+      "http://github.com/oauth/authorize",
+      {:foo => "bar bar"})
+    assert url
+    assert_equal "http://github.com/oauth/authorize?foo=bar+bar", url
+  end
+end

data/test/test_rsa_sha1.rb

@@ -0,0 +1,59 @@
+require File.expand_path('../test_helper', __FILE__)
+require 'oauth/consumer'
+require 'oauth/signature/rsa/sha1'
+
+class TestSignatureRsaSha1 < Test::Unit::TestCase
+
+  def setup
+    @request = Net::HTTP::Get.new('/photos?file=vacaction.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&oauth_signature_method=RSA-SHA1')
+
+    @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', OpenSSL::PKey::RSA.new(IO.read(File.dirname(__FILE__) + "/keys/rsa.pem")))
+
+  end
+
+  def test_that_rsa_sha1_implements_rsa_sha1
+    assert OAuth::Signature.available_methods.include?('rsa-sha1')
+  end
+
+  def test_that_get_request_from_oauth_test_cases_produces_matching_signature_base_string
+    sbs = OAuth::Signature.signature_base_string(@request, { :consumer => @consumer,
+                                                 :uri => 'http://photos.example.net/photos' } )
+
+    assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal', sbs
+  end
+
+  def test_that_get_request_from_oauth_test_cases_produces_matching_signature
+    signature = OAuth::Signature.sign(@request, { :consumer => @consumer,
+                                                 :uri => 'http://photos.example.net/photos' } )
+
+    assert_equal 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=', signature
+
+  end
+
+  def test_that_get_request_from_oauth_test_cases_produces_matching_signature_using_private_key_file
+    @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03',nil)
+
+    signature = OAuth::Signature.sign(@request, { :consumer => @consumer,
+                                                  :private_key_file=>File.dirname(__FILE__) + "/keys/rsa.pem",
+                                                 :uri => 'http://photos.example.net/photos' } )
+
+    assert_equal 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=', signature
+  end
+
+  def test_that_get_request_from_oauth_test_cases_verifies_signature
+    @request = Net::HTTP::Get.new('/photos?oauth_signature_method=RSA-SHA1&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&file=vacaction.jpg&size=original&oauth_signature=jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D')
+    @consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03',OpenSSL::X509::Certificate.new(IO.read(File.dirname(__FILE__) + "/keys/rsa.cert")))
+
+    assert OAuth::Signature.verify(@request, { :consumer => @consumer,
+                                                 :uri => 'http://photos.example.net/photos' } )
+
+  end
+
+  def test_that_get_request_from_oauth_test_cases_verifies_signature_with_pem
+    @request = Net::HTTP::Get.new('/photos?oauth_signature_method=RSA-SHA1&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_timestamp=1196666512&oauth_nonce=13917289812797014437&file=vacaction.jpg&size=original&oauth_signature=jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D')
+    assert OAuth::Signature.verify(@request, { :consumer => @consumer,
+                                                 :uri => 'http://photos.example.net/photos' } )
+
+  end
+
+end

data/test/test_server.rb

@@ -0,0 +1,40 @@
+require File.expand_path('../test_helper', __FILE__)
+require 'oauth/server'
+class ServerTest < Test::Unit::TestCase
+  def setup
+    @server=OAuth::Server.new "http://test.com"
+  end
+
+  def test_default_paths
+    assert_equal "/oauth/request_token",@server.request_token_path
+    assert_equal "/oauth/authorize",@server.authorize_path
+    assert_equal "/oauth/access_token",@server.access_token_path
+  end
+
+  def test_default_urls
+    assert_equal "http://test.com/oauth/request_token",@server.request_token_url
+    assert_equal "http://test.com/oauth/authorize",@server.authorize_url
+    assert_equal "http://test.com/oauth/access_token",@server.access_token_url
+  end
+
+  def test_generate_consumer_credentials
+    consumer=@server.generate_consumer_credentials
+    assert_not_nil consumer.key
+    assert_not_nil consumer.secret
+  end
+
+  def test_create_consumer
+    @consumer=@server.create_consumer
+    assert_not_nil @consumer
+    assert_not_nil @consumer.key
+    assert_not_nil @consumer.secret
+    assert_equal "http://test.com",@consumer.site
+    assert_equal "/oauth/request_token",@consumer.request_token_path
+    assert_equal "/oauth/authorize",@consumer.authorize_path
+    assert_equal "/oauth/access_token",@consumer.access_token_path
+    assert_equal "http://test.com/oauth/request_token",@consumer.request_token_url
+    assert_equal "http://test.com/oauth/authorize",@consumer.authorize_url
+    assert_equal "http://test.com/oauth/access_token",@consumer.access_token_url
+  end
+
+end