pelle-oauth 0.2.6
Sign up to get free protection for your applications and to get access to all the features.
- data/History.txt +24 -0
- data/License.txt +20 -0
- data/Manifest.txt +55 -0
- data/Rakefile +4 -0
- data/config/hoe.rb +71 -0
- data/config/requirements.rb +17 -0
- data/lib/oauth.rb +3 -0
- data/lib/oauth/client.rb +4 -0
- data/lib/oauth/client/action_controller_request.rb +52 -0
- data/lib/oauth/client/helper.rb +74 -0
- data/lib/oauth/client/net_http.rb +75 -0
- data/lib/oauth/consumer.rb +218 -0
- data/lib/oauth/helper.rb +14 -0
- data/lib/oauth/request_proxy.rb +24 -0
- data/lib/oauth/request_proxy/action_controller_request.rb +64 -0
- data/lib/oauth/request_proxy/base.rb +77 -0
- data/lib/oauth/request_proxy/net_http.rb +67 -0
- data/lib/oauth/request_proxy/rack_request.rb +42 -0
- data/lib/oauth/server.rb +68 -0
- data/lib/oauth/signature.rb +28 -0
- data/lib/oauth/signature/base.rb +76 -0
- data/lib/oauth/signature/hmac/base.rb +12 -0
- data/lib/oauth/signature/hmac/md5.rb +9 -0
- data/lib/oauth/signature/hmac/rmd160.rb +9 -0
- data/lib/oauth/signature/hmac/sha1.rb +10 -0
- data/lib/oauth/signature/hmac/sha2.rb +9 -0
- data/lib/oauth/signature/md5.rb +13 -0
- data/lib/oauth/signature/plaintext.rb +23 -0
- data/lib/oauth/signature/rsa/sha1.rb +44 -0
- data/lib/oauth/signature/sha1.rb +13 -0
- data/lib/oauth/token.rb +137 -0
- data/lib/oauth/version.rb +9 -0
- data/script/destroy +14 -0
- data/script/generate +14 -0
- data/script/txt2html +74 -0
- data/setup.rb +1585 -0
- data/tasks/deployment.rake +34 -0
- data/tasks/environment.rake +7 -0
- data/tasks/website.rake +17 -0
- data/test/test_action_controller_request_proxy.rb +27 -0
- data/test/test_consumer.rb +284 -0
- data/test/test_helper.rb +7 -0
- data/test/test_hmac_sha1.rb +21 -0
- data/test/test_net_http_client.rb +169 -0
- data/test/test_net_http_request_proxy.rb +38 -0
- data/test/test_rack_request_proxy.rb +40 -0
- data/test/test_server.rb +40 -0
- data/test/test_signature.rb +11 -0
- data/test/test_signature_base.rb +32 -0
- data/test/test_token.rb +14 -0
- data/website/index.html +87 -0
- data/website/index.txt +73 -0
- data/website/javascripts/rounded_corners_lite.inc.js +285 -0
- data/website/stylesheets/screen.css +138 -0
- data/website/template.rhtml +48 -0
- metadata +137 -0
@@ -0,0 +1,34 @@
|
|
1
|
+
desc 'Release the website and new gem version'
|
2
|
+
task :deploy => [:check_version, :website, :release] do
|
3
|
+
puts "Remember to create SVN tag:"
|
4
|
+
puts "svn copy svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/trunk " +
|
5
|
+
"svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/tags/REL-#{VERS} "
|
6
|
+
puts "Suggested comment:"
|
7
|
+
puts "Tagging release #{CHANGES}"
|
8
|
+
end
|
9
|
+
|
10
|
+
desc 'Runs tasks website_generate and install_gem as a local deployment of the gem'
|
11
|
+
task :local_deploy => [:website_generate, :install_gem]
|
12
|
+
|
13
|
+
task :check_version do
|
14
|
+
unless ENV['VERSION']
|
15
|
+
puts 'Must pass a VERSION=x.y.z release version'
|
16
|
+
exit
|
17
|
+
end
|
18
|
+
unless ENV['VERSION'] == VERS
|
19
|
+
puts "Please update your version.rb to match the release version, currently #{VERS}"
|
20
|
+
exit
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
desc 'Install the package as a gem, without generating documentation(ri/rdoc)'
|
25
|
+
task :install_gem_no_doc => [:clean, :package] do
|
26
|
+
sh "#{'sudo ' unless Hoe::WINDOZE }gem install pkg/*.gem --no-rdoc --no-ri"
|
27
|
+
end
|
28
|
+
|
29
|
+
namespace :manifest do
|
30
|
+
desc 'Recreate Manifest.txt to include ALL files'
|
31
|
+
task :refresh do
|
32
|
+
`rake check_manifest | patch -p0 > Manifest.txt`
|
33
|
+
end
|
34
|
+
end
|
data/tasks/website.rake
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
desc 'Generate website files'
|
2
|
+
task :website_generate => :ruby_env do
|
3
|
+
(Dir['website/**/*.txt'] - Dir['website/version*.txt']).each do |txt|
|
4
|
+
sh %{ #{RUBY_APP} script/txt2html #{txt} > #{txt.gsub(/txt$/,'html')} }
|
5
|
+
end
|
6
|
+
end
|
7
|
+
|
8
|
+
desc 'Upload website files to rubyforge'
|
9
|
+
task :website_upload do
|
10
|
+
host = "#{rubyforge_username}@rubyforge.org"
|
11
|
+
remote_dir = "/var/www/gforge-projects/#{PATH}/"
|
12
|
+
local_dir = 'website'
|
13
|
+
sh %{rsync -aCv #{local_dir}/ #{host}:#{remote_dir}}
|
14
|
+
end
|
15
|
+
|
16
|
+
desc 'Generate and upload website files'
|
17
|
+
task :website => [:website_generate, :website_upload, :publish_docs]
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
2
|
+
require 'oauth/request_proxy/action_controller_request.rb'
|
3
|
+
require 'action_controller'
|
4
|
+
require 'action_controller/test_process'
|
5
|
+
|
6
|
+
class ActionControllerRequestProxyTest < Test::Unit::TestCase
|
7
|
+
|
8
|
+
def request_proxy(parameters)
|
9
|
+
request = ActionController::TestRequest.new({}, parameters)
|
10
|
+
request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
|
11
|
+
OAuth::RequestProxy.proxy(request)
|
12
|
+
end
|
13
|
+
|
14
|
+
def test_parameter_keys_should_preserve_brackets_from_hash
|
15
|
+
assert_equal(
|
16
|
+
[["message[body]", "This is a test"]],
|
17
|
+
request_proxy({ :message => { :body => 'This is a test' }}).parameters_for_signature
|
18
|
+
)
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_parameter_keys_should_preserve_brackets_from_array
|
22
|
+
assert_equal(
|
23
|
+
[["foo[]", "123"], ["foo[]", "456"]],
|
24
|
+
request_proxy({ :foo => [123, 456] }).parameters_for_signature.sort
|
25
|
+
)
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,284 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
gem 'oauth'
|
3
|
+
require 'test/unit'
|
4
|
+
require 'oauth/consumer'
|
5
|
+
require 'oauth/signature/rsa/sha1'
|
6
|
+
|
7
|
+
|
8
|
+
# This performs testing against Andy Smith's test server http://term.ie/oauth/example/
|
9
|
+
# Thanks Andy.
|
10
|
+
# This also means you have to be online to be able to run these.
|
11
|
+
class ConsumerTest < Test::Unit::TestCase
|
12
|
+
def setup
|
13
|
+
@consumer=OAuth::Consumer.new(
|
14
|
+
'consumer_key_86cad9', '5888bf0345e5d237',
|
15
|
+
{
|
16
|
+
:site=>"http://blabla.bla",
|
17
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
18
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
19
|
+
:authorize_path=>"/oauth/example/authorize.php",
|
20
|
+
:scheme=>:header,
|
21
|
+
:http_method=>:get
|
22
|
+
})
|
23
|
+
@token = OAuth::ConsumerToken.new(@consumer,'token_411a7f', '3196ffd991c8ebdb')
|
24
|
+
@request_uri = URI.parse('http://example.com/test?key=value')
|
25
|
+
@request_parameters = { 'key' => 'value' }
|
26
|
+
@nonce = 225579211881198842005988698334675835446
|
27
|
+
@timestamp = "1199645624"
|
28
|
+
@consumer.http=Net::HTTP.new(@request_uri.host, @request_uri.port)
|
29
|
+
end
|
30
|
+
|
31
|
+
def test_initializer
|
32
|
+
assert_equal "consumer_key_86cad9",@consumer.key
|
33
|
+
assert_equal "5888bf0345e5d237",@consumer.secret
|
34
|
+
assert_equal "http://blabla.bla",@consumer.site
|
35
|
+
assert_equal "/oauth/example/request_token.php",@consumer.request_token_path
|
36
|
+
assert_equal "/oauth/example/access_token.php",@consumer.access_token_path
|
37
|
+
assert_equal "http://blabla.bla/oauth/example/request_token.php",@consumer.request_token_url
|
38
|
+
assert_equal "http://blabla.bla/oauth/example/access_token.php",@consumer.access_token_url
|
39
|
+
assert_equal "http://blabla.bla/oauth/example/authorize.php",@consumer.authorize_url
|
40
|
+
assert_equal :header,@consumer.scheme
|
41
|
+
assert_equal :get,@consumer.http_method
|
42
|
+
end
|
43
|
+
|
44
|
+
def test_defaults
|
45
|
+
@consumer=OAuth::Consumer.new(
|
46
|
+
"key",
|
47
|
+
"secret",
|
48
|
+
{
|
49
|
+
:site=>"http://twitter.com"
|
50
|
+
})
|
51
|
+
assert_equal "key",@consumer.key
|
52
|
+
assert_equal "secret",@consumer.secret
|
53
|
+
assert_equal "http://twitter.com",@consumer.site
|
54
|
+
assert_equal "/oauth/request_token",@consumer.request_token_path
|
55
|
+
assert_equal "/oauth/access_token",@consumer.access_token_path
|
56
|
+
assert_equal "http://twitter.com/oauth/request_token",@consumer.request_token_url
|
57
|
+
assert_equal "http://twitter.com/oauth/access_token",@consumer.access_token_url
|
58
|
+
assert_equal "http://twitter.com/oauth/authorize",@consumer.authorize_url
|
59
|
+
assert_equal :header,@consumer.scheme
|
60
|
+
assert_equal :post,@consumer.http_method
|
61
|
+
end
|
62
|
+
|
63
|
+
def test_override_paths
|
64
|
+
@consumer=OAuth::Consumer.new(
|
65
|
+
"key",
|
66
|
+
"secret",
|
67
|
+
{
|
68
|
+
:site=>"http://twitter.com",
|
69
|
+
:request_token_url=>"http://oauth.twitter.com/request_token",
|
70
|
+
:access_token_url=>"http://oauth.twitter.com/access_token",
|
71
|
+
:authorize_url=>"http://site.twitter.com/authorize"
|
72
|
+
})
|
73
|
+
assert_equal "key",@consumer.key
|
74
|
+
assert_equal "secret",@consumer.secret
|
75
|
+
assert_equal "http://twitter.com",@consumer.site
|
76
|
+
assert_equal "/oauth/request_token",@consumer.request_token_path
|
77
|
+
assert_equal "/oauth/access_token",@consumer.access_token_path
|
78
|
+
assert_equal "http://oauth.twitter.com/request_token",@consumer.request_token_url
|
79
|
+
assert_equal "http://oauth.twitter.com/access_token",@consumer.access_token_url
|
80
|
+
assert_equal "http://site.twitter.com/authorize",@consumer.authorize_url
|
81
|
+
assert_equal :header,@consumer.scheme
|
82
|
+
assert_equal :post,@consumer.http_method
|
83
|
+
end
|
84
|
+
|
85
|
+
def test_that_signing_auth_headers_on_get_requests_works
|
86
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
87
|
+
@token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
|
88
|
+
|
89
|
+
assert_equal 'GET', request.method
|
90
|
+
assert_equal '/test?key=value', request.path
|
91
|
+
assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
92
|
+
end
|
93
|
+
|
94
|
+
def test_that_setting_signature_method_on_consumer_effects_signing
|
95
|
+
require 'oauth/signature/plaintext'
|
96
|
+
request = Net::HTTP::Get.new(@request_uri.path)
|
97
|
+
consumer = @consumer.dup
|
98
|
+
consumer.options[:signature_method] = 'PLAINTEXT'
|
99
|
+
token = OAuth::ConsumerToken.new(consumer, 'token_411a7f', '3196ffd991c8ebdb')
|
100
|
+
token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
|
101
|
+
|
102
|
+
assert_no_match /oauth_signature_method="HMAC-SHA1"/, request['authorization']
|
103
|
+
assert_match /oauth_signature_method="PLAINTEXT"/, request['authorization']
|
104
|
+
end
|
105
|
+
|
106
|
+
def test_that_setting_signature_method_on_consumer_effects_signature_base_string
|
107
|
+
require 'oauth/signature/plaintext'
|
108
|
+
request = Net::HTTP::Get.new(@request_uri.path)
|
109
|
+
consumer = @consumer.dup
|
110
|
+
consumer.options[:signature_method] = 'PLAINTEXT'
|
111
|
+
|
112
|
+
request = Net::HTTP::Get.new('/')
|
113
|
+
signature_base_string = consumer.signature_base_string(request)
|
114
|
+
|
115
|
+
assert_no_match /HMAC-SHA1/, signature_base_string
|
116
|
+
assert_equal "#{consumer.secret}%26", signature_base_string
|
117
|
+
end
|
118
|
+
|
119
|
+
def test_that_plaintext_signature_works
|
120
|
+
require 'oauth/signature/plaintext'
|
121
|
+
consumer = OAuth::Consumer.new("key", "secret",
|
122
|
+
:site => "http://term.ie", :signature_method => 'PLAINTEXT')
|
123
|
+
access_token = OAuth::AccessToken.new(consumer, 'accesskey', 'accesssecret')
|
124
|
+
response = access_token.get("/oauth/example/echo_api.php?echo=hello")
|
125
|
+
|
126
|
+
assert_equal 'echo=hello', response.body
|
127
|
+
end
|
128
|
+
|
129
|
+
def test_that_signing_auth_headers_on_post_requests_works
|
130
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
131
|
+
request.set_form_data( @request_parameters )
|
132
|
+
@token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
|
133
|
+
# assert_equal "",request.oauth_helper.signature_base_string
|
134
|
+
|
135
|
+
assert_equal 'POST', request.method
|
136
|
+
assert_equal '/test', request.path
|
137
|
+
assert_equal 'key=value', request.body
|
138
|
+
assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
139
|
+
end
|
140
|
+
|
141
|
+
def test_that_signing_post_params_works
|
142
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
143
|
+
request.set_form_data( @request_parameters )
|
144
|
+
@token.sign!(request, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
|
145
|
+
|
146
|
+
assert_equal 'POST', request.method
|
147
|
+
assert_equal '/test', request.path
|
148
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=iMZaUTbQof%2fHMFyIde%2bOIkhW5is%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
149
|
+
assert_equal nil, request['authorization']
|
150
|
+
end
|
151
|
+
|
152
|
+
def test_that_using_auth_headers_on_get_on_create_signed_requests_works
|
153
|
+
request=@consumer.create_signed_request(:get,@request_uri.path+ "?" + request_parameters_to_s,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters)
|
154
|
+
|
155
|
+
assert_equal 'GET', request.method
|
156
|
+
assert_equal '/test?key=value', request.path
|
157
|
+
assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
158
|
+
end
|
159
|
+
|
160
|
+
def test_that_using_auth_headers_on_post_on_create_signed_requests_works
|
161
|
+
request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
|
162
|
+
assert_equal 'POST', request.method
|
163
|
+
assert_equal '/test', request.path
|
164
|
+
assert_equal 'key=value', request.body
|
165
|
+
assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
166
|
+
end
|
167
|
+
|
168
|
+
def test_that_signing_post_params_works
|
169
|
+
request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
|
170
|
+
|
171
|
+
assert_equal 'POST', request.method
|
172
|
+
assert_equal '/test', request.path
|
173
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
174
|
+
assert_equal nil, request['authorization']
|
175
|
+
end
|
176
|
+
|
177
|
+
def test_step_by_step_token_request
|
178
|
+
@consumer=OAuth::Consumer.new(
|
179
|
+
"key",
|
180
|
+
"secret",
|
181
|
+
{
|
182
|
+
:site=>"http://term.ie",
|
183
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
184
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
185
|
+
:authorize_path=>"/oauth/example/authorize.php",
|
186
|
+
:scheme=>:header
|
187
|
+
})
|
188
|
+
options={:nonce=>'nonce',:timestamp=>Time.now.to_i.to_s}
|
189
|
+
|
190
|
+
request = Net::HTTP::Get.new("/oauth/example/request_token.php")
|
191
|
+
signature_base_string=@consumer.signature_base_string(request,nil,options)
|
192
|
+
assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{options[:nonce]}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{options[:timestamp]}%26oauth_token%3D%26oauth_version%3D1.0",signature_base_string
|
193
|
+
@consumer.sign!(request, nil,options)
|
194
|
+
|
195
|
+
assert_equal 'GET', request.method
|
196
|
+
assert_equal nil, request.body
|
197
|
+
response=@consumer.http.request(request)
|
198
|
+
assert_equal "200",response.code
|
199
|
+
assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
|
200
|
+
end
|
201
|
+
|
202
|
+
def test_get_token_sequence
|
203
|
+
@consumer=OAuth::Consumer.new(
|
204
|
+
"key",
|
205
|
+
"secret",
|
206
|
+
{
|
207
|
+
:site=>"http://term.ie",
|
208
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
209
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
210
|
+
:authorize_path=>"/oauth/example/authorize.php"
|
211
|
+
})
|
212
|
+
|
213
|
+
@request_token=@consumer.get_request_token
|
214
|
+
assert_not_nil @request_token
|
215
|
+
assert_equal "requestkey",@request_token.token
|
216
|
+
assert_equal "requestsecret",@request_token.secret
|
217
|
+
assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
|
218
|
+
|
219
|
+
@access_token=@request_token.get_access_token
|
220
|
+
assert_not_nil @access_token
|
221
|
+
assert_equal "accesskey",@access_token.token
|
222
|
+
assert_equal "accesssecret",@access_token.secret
|
223
|
+
|
224
|
+
@response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
|
225
|
+
assert_not_nil @response
|
226
|
+
assert_equal "200",@response.code
|
227
|
+
assert_equal( "ok=hello&test=this",@response.body)
|
228
|
+
|
229
|
+
@response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
|
230
|
+
assert_not_nil @response
|
231
|
+
assert_equal "200",@response.code
|
232
|
+
assert_equal( "ok=hello&test=this",@response.body)
|
233
|
+
end
|
234
|
+
|
235
|
+
|
236
|
+
# This test does an actual https request (the result doesn't matter)
|
237
|
+
# to initialize the same way as get_request_token does. Can be any
|
238
|
+
# site that supports https.
|
239
|
+
#
|
240
|
+
# It also generates "warning: using default DH parameters." which I
|
241
|
+
# don't know how to get rid of
|
242
|
+
def test_serialization_with_https
|
243
|
+
consumer = OAuth::Consumer.new('token', 'secret', :site => 'https://plazes.net')
|
244
|
+
consumer.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
245
|
+
consumer.http.get('/')
|
246
|
+
|
247
|
+
assert_nothing_raised do
|
248
|
+
# Specifically this should not raise TypeError: no marshal_dump
|
249
|
+
# is defined for class OpenSSL::SSL::SSLContext
|
250
|
+
Marshal.dump(consumer)
|
251
|
+
end
|
252
|
+
end
|
253
|
+
|
254
|
+
def test_get_request_token_with_custom_arguments
|
255
|
+
@consumer=OAuth::Consumer.new(
|
256
|
+
"key",
|
257
|
+
"secret",
|
258
|
+
{
|
259
|
+
:site=>"http://term.ie",
|
260
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
261
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
262
|
+
:authorize_path=>"/oauth/example/authorize.php"
|
263
|
+
})
|
264
|
+
|
265
|
+
|
266
|
+
debug = ""
|
267
|
+
@consumer.http.set_debug_output(debug)
|
268
|
+
|
269
|
+
# get_request_token should receive our custom request_options and *arguments parameters from get_request_token.
|
270
|
+
@consumer.get_request_token({}, {:scope => "http://www.google.com/calendar/feeds http://picasaweb.google.com/data"})
|
271
|
+
|
272
|
+
# Because this is a POST request, create_http_request should take the first element of *arguments
|
273
|
+
# and turn it into URL-encoded data in the body of the POST.
|
274
|
+
assert_match /^<- "scope=http%3a%2f%2fwww.google.com%2fcalendar%2ffeeds%20http%3a%2f%2fpicasaweb.google.com%2fdata"/,
|
275
|
+
debug
|
276
|
+
end
|
277
|
+
|
278
|
+
protected
|
279
|
+
|
280
|
+
def request_parameters_to_s
|
281
|
+
@request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
|
282
|
+
end
|
283
|
+
|
284
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
2
|
+
require 'oauth/signature/hmac/sha1'
|
3
|
+
|
4
|
+
class TestSignatureHmacSha1 < Test::Unit::TestCase
|
5
|
+
def test_that_hmac_sha1_implements_hmac_sha1
|
6
|
+
assert OAuth::Signature.available_methods.include?('hmac-sha1')
|
7
|
+
end
|
8
|
+
|
9
|
+
def test_that_get_request_from_oauth_test_cases_produces_matching_signature
|
10
|
+
request = Net::HTTP::Get.new('/photos?file=vacation.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_token=nnch734d00sl2jdk&oauth_timestamp=1191242096&oauth_nonce=kllo9940pd9333jh&oauth_signature_method=HMAC-SHA1')
|
11
|
+
|
12
|
+
consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', 'kd94hf93k423kf44')
|
13
|
+
token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
|
14
|
+
|
15
|
+
signature = OAuth::Signature.sign(request, { :consumer => consumer,
|
16
|
+
:token => token,
|
17
|
+
:uri => 'http://photos.example.net/photos' } )
|
18
|
+
|
19
|
+
assert_equal 'tR3+Ty81lMeYAr/Fid0kMTYa/WM=', signature
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,169 @@
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
2
|
+
require 'oauth/client/net_http'
|
3
|
+
|
4
|
+
class NetHTTPClientTest < Test::Unit::TestCase
|
5
|
+
|
6
|
+
def setup
|
7
|
+
@consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
|
8
|
+
@token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
|
9
|
+
@request_uri = URI.parse('http://example.com/test?key=value')
|
10
|
+
@request_parameters = { 'key' => 'value' }
|
11
|
+
@nonce = 225579211881198842005988698334675835446
|
12
|
+
@timestamp = "1199645624"
|
13
|
+
@http = Net::HTTP.new(@request_uri.host, @request_uri.port)
|
14
|
+
end
|
15
|
+
|
16
|
+
def test_that_using_auth_headers_on_get_requests_works
|
17
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
18
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
19
|
+
|
20
|
+
assert_equal 'GET', request.method
|
21
|
+
assert_equal '/test?key=value', request.path
|
22
|
+
assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
23
|
+
end
|
24
|
+
|
25
|
+
def test_that_using_auth_headers_on_post_requests_works
|
26
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
27
|
+
request.set_form_data( @request_parameters )
|
28
|
+
request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
|
29
|
+
|
30
|
+
assert_equal 'POST', request.method
|
31
|
+
assert_equal '/test', request.path
|
32
|
+
assert_equal 'key=value', request.body
|
33
|
+
assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
34
|
+
end
|
35
|
+
|
36
|
+
def test_that_using_post_params_works
|
37
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
38
|
+
request.set_form_data( @request_parameters )
|
39
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
|
40
|
+
|
41
|
+
assert_equal 'POST', request.method
|
42
|
+
assert_equal '/test', request.path
|
43
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
44
|
+
assert_equal nil, request['authorization']
|
45
|
+
end
|
46
|
+
|
47
|
+
def test_that_using_get_params_works
|
48
|
+
request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
|
49
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
|
50
|
+
|
51
|
+
assert_equal 'GET', request.method
|
52
|
+
uri = URI.parse(request.path)
|
53
|
+
assert_equal '/test', uri.path
|
54
|
+
assert_equal nil, uri.fragment
|
55
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
|
56
|
+
assert_equal nil, request['authorization']
|
57
|
+
end
|
58
|
+
|
59
|
+
def test_that_using_get_params_works_with_post_requests
|
60
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
61
|
+
request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
|
62
|
+
|
63
|
+
assert_equal 'POST', request.method
|
64
|
+
uri = URI.parse(request.path)
|
65
|
+
assert_equal '/test', uri.path
|
66
|
+
assert_equal nil, uri.fragment
|
67
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
68
|
+
assert_equal nil, request.body
|
69
|
+
assert_equal nil, request['authorization']
|
70
|
+
end
|
71
|
+
|
72
|
+
def test_that_using_get_params_works_with_post_requests_that_have_post_bodies
|
73
|
+
request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
|
74
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
75
|
+
request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
|
76
|
+
|
77
|
+
assert_equal 'POST', request.method
|
78
|
+
uri = URI.parse(request.path)
|
79
|
+
assert_equal '/test', uri.path
|
80
|
+
assert_equal nil, uri.fragment
|
81
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
|
82
|
+
assert_equal "key2=value2", request.body
|
83
|
+
assert_equal nil, request['authorization']
|
84
|
+
end
|
85
|
+
|
86
|
+
|
87
|
+
def test_example_from_specs
|
88
|
+
consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
|
89
|
+
token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
|
90
|
+
request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
|
91
|
+
nonce = 'kllo9940pd9333jh'
|
92
|
+
timestamp = "1191242096"
|
93
|
+
http = Net::HTTP.new(request_uri.host, request_uri.port)
|
94
|
+
|
95
|
+
request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
|
96
|
+
signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
|
97
|
+
assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
|
98
|
+
|
99
|
+
# request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
|
100
|
+
request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp,:realm=>"http://photos.example.net/"})
|
101
|
+
|
102
|
+
assert_equal 'GET', request.method
|
103
|
+
assert_equal 'OAuth realm="http://photos.example.net/", oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort, request['authorization'].split(', ').sort
|
104
|
+
|
105
|
+
end
|
106
|
+
|
107
|
+
def test_step_by_step_token_request
|
108
|
+
consumer=OAuth::Consumer.new(
|
109
|
+
"key",
|
110
|
+
"secret")
|
111
|
+
request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
|
112
|
+
nonce = rand(2**128).to_s
|
113
|
+
timestamp = Time.now.to_i.to_s
|
114
|
+
http = Net::HTTP.new(request_uri.host, request_uri.port)
|
115
|
+
|
116
|
+
request = Net::HTTP::Get.new(request_uri.path)
|
117
|
+
signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
|
118
|
+
assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_token%3D%26oauth_version%3D1.0",signature_base_string
|
119
|
+
|
120
|
+
# request = Net::HTTP::Get.new(request_uri.path)
|
121
|
+
request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
|
122
|
+
assert_equal 'GET', request.method
|
123
|
+
assert_nil request.body
|
124
|
+
assert_nil request['authorization']
|
125
|
+
# assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
|
126
|
+
|
127
|
+
response=http.request(request)
|
128
|
+
assert_equal "200",response.code
|
129
|
+
# assert_equal request['authorization'],response.body
|
130
|
+
assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
|
131
|
+
end
|
132
|
+
|
133
|
+
def test_that_put_bodies_not_signed
|
134
|
+
request = Net::HTTP::Put.new(@request_uri.path)
|
135
|
+
request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
|
136
|
+
request["Content-Type"] = "application/xml"
|
137
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
138
|
+
assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_token%3D%26oauth_version%3D1.0", signature_base_string
|
139
|
+
end
|
140
|
+
|
141
|
+
def test_that_put_bodies_not_signed_even_if_form_urlencoded
|
142
|
+
request = Net::HTTP::Put.new(@request_uri.path)
|
143
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
144
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
145
|
+
assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_token%3D%26oauth_version%3D1.0", signature_base_string
|
146
|
+
end
|
147
|
+
|
148
|
+
def test_that_post_bodies_signed_if_form_urlencoded
|
149
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
150
|
+
request.set_form_data( { 'key2' => 'value2' } )
|
151
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
152
|
+
assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_token%3D%26oauth_version%3D1.0", signature_base_string
|
153
|
+
end
|
154
|
+
|
155
|
+
def test_that_post_bodies_not_signed_if_other_content_type
|
156
|
+
request = Net::HTTP::Post.new(@request_uri.path)
|
157
|
+
request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
|
158
|
+
request["Content-Type"] = "application/xml"
|
159
|
+
signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
|
160
|
+
assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_token%3D%26oauth_version%3D1.0", signature_base_string
|
161
|
+
end
|
162
|
+
|
163
|
+
protected
|
164
|
+
|
165
|
+
def request_parameters_to_s
|
166
|
+
@request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
|
167
|
+
end
|
168
|
+
|
169
|
+
end
|