proletarian-oauth 0.3.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (71) hide show
  1. data/History.txt +48 -0
  2. data/License.txt +20 -0
  3. data/Manifest.txt +71 -0
  4. data/README.rdoc +73 -0
  5. data/Rakefile +34 -0
  6. data/TODO +14 -0
  7. data/bin/oauth +5 -0
  8. data/lib/oauth/cli.rb +130 -0
  9. data/lib/oauth/client/action_controller_request.rb +52 -0
  10. data/lib/oauth/client/helper.rb +75 -0
  11. data/lib/oauth/client/net_http.rb +75 -0
  12. data/lib/oauth/client.rb +4 -0
  13. data/lib/oauth/consumer.rb +246 -0
  14. data/lib/oauth/helper.rb +17 -0
  15. data/lib/oauth/oauth_test_helper.rb +26 -0
  16. data/lib/oauth/request_proxy/action_controller_request.rb +62 -0
  17. data/lib/oauth/request_proxy/base.rb +107 -0
  18. data/lib/oauth/request_proxy/jabber_request.rb +42 -0
  19. data/lib/oauth/request_proxy/mock_request.rb +36 -0
  20. data/lib/oauth/request_proxy/net_http.rb +65 -0
  21. data/lib/oauth/request_proxy/rack_request.rb +40 -0
  22. data/lib/oauth/request_proxy.rb +24 -0
  23. data/lib/oauth/server.rb +68 -0
  24. data/lib/oauth/signature/base.rb +89 -0
  25. data/lib/oauth/signature/hmac/base.rb +12 -0
  26. data/lib/oauth/signature/hmac/md5.rb +9 -0
  27. data/lib/oauth/signature/hmac/rmd160.rb +9 -0
  28. data/lib/oauth/signature/hmac/sha1.rb +10 -0
  29. data/lib/oauth/signature/hmac/sha2.rb +9 -0
  30. data/lib/oauth/signature/md5.rb +13 -0
  31. data/lib/oauth/signature/plaintext.rb +23 -0
  32. data/lib/oauth/signature/rsa/sha1.rb +44 -0
  33. data/lib/oauth/signature/sha1.rb +13 -0
  34. data/lib/oauth/signature.rb +28 -0
  35. data/lib/oauth/token.rb +137 -0
  36. data/lib/oauth/version.rb +3 -0
  37. data/lib/oauth.rb +3 -0
  38. data/oauth.gemspec +43 -0
  39. data/script/destroy +14 -0
  40. data/script/generate +14 -0
  41. data/script/txt2html +74 -0
  42. data/setup.rb +1585 -0
  43. data/tasks/deployment.rake +34 -0
  44. data/tasks/environment.rake +7 -0
  45. data/tasks/website.rake +17 -0
  46. data/test/cases/oauth_case.rb +19 -0
  47. data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
  48. data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
  49. data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
  50. data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
  51. data/test/keys/rsa.cert +11 -0
  52. data/test/keys/rsa.pem +16 -0
  53. data/test/test_action_controller_request_proxy.rb +28 -0
  54. data/test/test_consumer.rb +328 -0
  55. data/test/test_helper.rb +15 -0
  56. data/test/test_hmac_sha1.rb +21 -0
  57. data/test/test_net_http_client.rb +169 -0
  58. data/test/test_net_http_request_proxy.rb +38 -0
  59. data/test/test_rack_request_proxy.rb +40 -0
  60. data/test/test_rsa_sha1.rb +59 -0
  61. data/test/test_server.rb +40 -0
  62. data/test/test_signature.rb +11 -0
  63. data/test/test_signature_base.rb +32 -0
  64. data/test/test_signature_plain_text.rb +31 -0
  65. data/test/test_token.rb +14 -0
  66. data/website/index.html +87 -0
  67. data/website/index.txt +73 -0
  68. data/website/javascripts/rounded_corners_lite.inc.js +285 -0
  69. data/website/stylesheets/screen.css +138 -0
  70. data/website/template.rhtml +48 -0
  71. metadata +177 -0
@@ -0,0 +1,328 @@
1
+ require 'rubygems'
2
+ require 'test/unit'
3
+ require 'oauth/consumer'
4
+ require 'oauth/signature/rsa/sha1'
5
+
6
+
7
+ # This performs testing against Andy Smith's test server http://term.ie/oauth/example/
8
+ # Thanks Andy.
9
+ # This also means you have to be online to be able to run these.
10
+ class ConsumerTest < Test::Unit::TestCase
11
+ def setup
12
+ @consumer=OAuth::Consumer.new(
13
+ 'consumer_key_86cad9', '5888bf0345e5d237',
14
+ {
15
+ :site=>"http://blabla.bla",
16
+ :request_token_path=>"/oauth/example/request_token.php",
17
+ :access_token_path=>"/oauth/example/access_token.php",
18
+ :authorize_path=>"/oauth/example/authorize.php",
19
+ :scheme=>:header,
20
+ :http_method=>:get
21
+ })
22
+ @token = OAuth::ConsumerToken.new(@consumer,'token_411a7f', '3196ffd991c8ebdb')
23
+ @request_uri = URI.parse('http://example.com/test?key=value')
24
+ @request_parameters = { 'key' => 'value' }
25
+ @nonce = 225579211881198842005988698334675835446
26
+ @timestamp = "1199645624"
27
+ @consumer.http=Net::HTTP.new(@request_uri.host, @request_uri.port)
28
+ end
29
+
30
+ def test_initializer
31
+ assert_equal "consumer_key_86cad9",@consumer.key
32
+ assert_equal "5888bf0345e5d237",@consumer.secret
33
+ assert_equal "http://blabla.bla",@consumer.site
34
+ assert_equal "/oauth/example/request_token.php",@consumer.request_token_path
35
+ assert_equal "/oauth/example/access_token.php",@consumer.access_token_path
36
+ assert_equal "http://blabla.bla/oauth/example/request_token.php",@consumer.request_token_url
37
+ assert_equal "http://blabla.bla/oauth/example/access_token.php",@consumer.access_token_url
38
+ assert_equal "http://blabla.bla/oauth/example/authorize.php",@consumer.authorize_url
39
+ assert_equal :header,@consumer.scheme
40
+ assert_equal :get,@consumer.http_method
41
+ end
42
+
43
+ def test_defaults
44
+ @consumer=OAuth::Consumer.new(
45
+ "key",
46
+ "secret",
47
+ {
48
+ :site=>"http://twitter.com"
49
+ })
50
+ assert_equal "key",@consumer.key
51
+ assert_equal "secret",@consumer.secret
52
+ assert_equal "http://twitter.com",@consumer.site
53
+ assert_equal "/oauth/request_token",@consumer.request_token_path
54
+ assert_equal "/oauth/access_token",@consumer.access_token_path
55
+ assert_equal "http://twitter.com/oauth/request_token",@consumer.request_token_url
56
+ assert_equal "http://twitter.com/oauth/access_token",@consumer.access_token_url
57
+ assert_equal "http://twitter.com/oauth/authorize",@consumer.authorize_url
58
+ assert_equal :header,@consumer.scheme
59
+ assert_equal :post,@consumer.http_method
60
+ end
61
+
62
+ def test_override_paths
63
+ @consumer=OAuth::Consumer.new(
64
+ "key",
65
+ "secret",
66
+ {
67
+ :site=>"http://twitter.com",
68
+ :request_token_url=>"http://oauth.twitter.com/request_token",
69
+ :access_token_url=>"http://oauth.twitter.com/access_token",
70
+ :authorize_url=>"http://site.twitter.com/authorize"
71
+ })
72
+ assert_equal "key",@consumer.key
73
+ assert_equal "secret",@consumer.secret
74
+ assert_equal "http://twitter.com",@consumer.site
75
+ assert_equal "/oauth/request_token",@consumer.request_token_path
76
+ assert_equal "/oauth/access_token",@consumer.access_token_path
77
+ assert_equal "http://oauth.twitter.com/request_token",@consumer.request_token_url
78
+ assert_equal "http://oauth.twitter.com/access_token",@consumer.access_token_url
79
+ assert_equal "http://site.twitter.com/authorize",@consumer.authorize_url
80
+ assert_equal :header,@consumer.scheme
81
+ assert_equal :post,@consumer.http_method
82
+ end
83
+
84
+ def test_that_signing_auth_headers_on_get_requests_works
85
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
86
+ @token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
87
+
88
+ assert_equal 'GET', request.method
89
+ assert_equal '/test?key=value', request.path
90
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
91
+ end
92
+
93
+ def test_that_setting_signature_method_on_consumer_effects_signing
94
+ require 'oauth/signature/plaintext'
95
+ request = Net::HTTP::Get.new(@request_uri.path)
96
+ consumer = @consumer.dup
97
+ consumer.options[:signature_method] = 'PLAINTEXT'
98
+ token = OAuth::ConsumerToken.new(consumer, 'token_411a7f', '3196ffd991c8ebdb')
99
+ token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
100
+
101
+ assert_no_match( /oauth_signature_method="HMAC-SHA1"/, request['authorization'])
102
+ assert_match( /oauth_signature_method="PLAINTEXT"/, request['authorization'])
103
+ end
104
+
105
+ def test_that_setting_signature_method_on_consumer_effects_signature_base_string
106
+ require 'oauth/signature/plaintext'
107
+ request = Net::HTTP::Get.new(@request_uri.path)
108
+ consumer = @consumer.dup
109
+ consumer.options[:signature_method] = 'PLAINTEXT'
110
+
111
+ request = Net::HTTP::Get.new('/')
112
+ signature_base_string = consumer.signature_base_string(request)
113
+
114
+ assert_no_match( /HMAC-SHA1/, signature_base_string)
115
+ assert_equal( "#{consumer.secret}%26", signature_base_string)
116
+ end
117
+
118
+ def test_that_plaintext_signature_works
119
+ require 'oauth/signature/plaintext'
120
+ consumer = OAuth::Consumer.new("key", "secret",
121
+ :site => "http://term.ie", :signature_method => 'PLAINTEXT')
122
+ access_token = OAuth::AccessToken.new(consumer, 'accesskey', 'accesssecret')
123
+ response = access_token.get("/oauth/example/echo_api.php?echo=hello")
124
+
125
+ assert_equal 'echo=hello', response.body
126
+ end
127
+
128
+ def test_that_signing_auth_headers_on_post_requests_works
129
+ request = Net::HTTP::Post.new(@request_uri.path)
130
+ request.set_form_data( @request_parameters )
131
+ @token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
132
+ # assert_equal "",request.oauth_helper.signature_base_string
133
+
134
+ assert_equal 'POST', request.method
135
+ assert_equal '/test', request.path
136
+ assert_equal 'key=value', request.body
137
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
138
+ end
139
+
140
+ def test_that_signing_post_params_works
141
+ request = Net::HTTP::Post.new(@request_uri.path)
142
+ request.set_form_data( @request_parameters )
143
+ @token.sign!(request, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
144
+
145
+ assert_equal 'POST', request.method
146
+ assert_equal '/test', request.path
147
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=iMZaUTbQof%2fHMFyIde%2bOIkhW5is%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
148
+ assert_equal nil, request['authorization']
149
+ end
150
+
151
+ def test_that_using_auth_headers_on_get_on_create_signed_requests_works
152
+ request=@consumer.create_signed_request(:get,@request_uri.path+ "?" + request_parameters_to_s,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters)
153
+
154
+ assert_equal 'GET', request.method
155
+ assert_equal '/test?key=value', request.path
156
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
157
+ end
158
+
159
+ def test_that_using_auth_headers_on_post_on_create_signed_requests_works
160
+ request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
161
+ assert_equal 'POST', request.method
162
+ assert_equal '/test', request.path
163
+ assert_equal 'key=value', request.body
164
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
165
+ end
166
+
167
+ def test_that_signing_post_params_works
168
+ request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
169
+
170
+ assert_equal 'POST', request.method
171
+ assert_equal '/test', request.path
172
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
173
+ assert_equal nil, request['authorization']
174
+ end
175
+
176
+ def test_step_by_step_token_request
177
+ @consumer=OAuth::Consumer.new(
178
+ "key",
179
+ "secret",
180
+ {
181
+ :site=>"http://term.ie",
182
+ :request_token_path=>"/oauth/example/request_token.php",
183
+ :access_token_path=>"/oauth/example/access_token.php",
184
+ :authorize_path=>"/oauth/example/authorize.php",
185
+ :scheme=>:header
186
+ })
187
+ options={:nonce=>'nonce',:timestamp=>Time.now.to_i.to_s}
188
+
189
+ request = Net::HTTP::Get.new("/oauth/example/request_token.php")
190
+ signature_base_string=@consumer.signature_base_string(request,nil,options)
191
+ assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{options[:nonce]}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{options[:timestamp]}%26oauth_version%3D1.0",signature_base_string
192
+ @consumer.sign!(request, nil,options)
193
+
194
+ assert_equal 'GET', request.method
195
+ assert_equal nil, request.body
196
+ response=@consumer.http.request(request)
197
+ assert_equal "200",response.code
198
+ assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
199
+ end
200
+
201
+ def test_get_token_sequence
202
+ @consumer=OAuth::Consumer.new(
203
+ "key",
204
+ "secret",
205
+ {
206
+ :site=>"http://term.ie",
207
+ :request_token_path=>"/oauth/example/request_token.php",
208
+ :access_token_path=>"/oauth/example/access_token.php",
209
+ :authorize_path=>"/oauth/example/authorize.php"
210
+ })
211
+ assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
212
+ assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
213
+
214
+ assert !@consumer.request_token_url?, "Should not use fully qualified request token url"
215
+ assert !@consumer.access_token_url?, "Should not use fully qualified access token url"
216
+ assert !@consumer.authorize_url?, "Should not use fully qualified url"
217
+
218
+ @request_token=@consumer.get_request_token
219
+ assert_not_nil @request_token
220
+ assert_equal "requestkey",@request_token.token
221
+ assert_equal "requestsecret",@request_token.secret
222
+ assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
223
+
224
+ @access_token=@request_token.get_access_token
225
+ assert_not_nil @access_token
226
+ assert_equal "accesskey",@access_token.token
227
+ assert_equal "accesssecret",@access_token.secret
228
+
229
+ @response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
230
+ assert_not_nil @response
231
+ assert_equal "200",@response.code
232
+ assert_equal( "ok=hello&test=this",@response.body)
233
+
234
+ @response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
235
+ assert_not_nil @response
236
+ assert_equal "200",@response.code
237
+ assert_equal( "ok=hello&test=this",@response.body)
238
+ end
239
+
240
+ def test_get_token_sequence_using_fqdn
241
+ @consumer=OAuth::Consumer.new(
242
+ "key",
243
+ "secret",
244
+ {
245
+ :site=>"http://term.ie",
246
+ :request_token_url=>"http://term.ie/oauth/example/request_token.php",
247
+ :access_token_url=>"http://term.ie/oauth/example/access_token.php",
248
+ :authorize_url=>"http://term.ie/oauth/example/authorize.php"
249
+ })
250
+ assert_equal "http://term.ie/oauth/example/request_token.php",@consumer.request_token_url
251
+ assert_equal "http://term.ie/oauth/example/access_token.php",@consumer.access_token_url
252
+
253
+ assert @consumer.request_token_url?, "Should use fully qualified request token url"
254
+ assert @consumer.access_token_url?, "Should use fully qualified access token url"
255
+ assert @consumer.authorize_url?, "Should use fully qualified url"
256
+
257
+ @request_token=@consumer.get_request_token
258
+ assert_not_nil @request_token
259
+ assert_equal "requestkey",@request_token.token
260
+ assert_equal "requestsecret",@request_token.secret
261
+ assert_equal "http://term.ie/oauth/example/authorize.php?oauth_token=requestkey",@request_token.authorize_url
262
+
263
+ @access_token=@request_token.get_access_token
264
+ assert_not_nil @access_token
265
+ assert_equal "accesskey",@access_token.token
266
+ assert_equal "accesssecret",@access_token.secret
267
+
268
+ @response=@access_token.get("/oauth/example/echo_api.php?ok=hello&test=this")
269
+ assert_not_nil @response
270
+ assert_equal "200",@response.code
271
+ assert_equal( "ok=hello&test=this",@response.body)
272
+
273
+ @response=@access_token.post("/oauth/example/echo_api.php",{'ok'=>'hello','test'=>'this'})
274
+ assert_not_nil @response
275
+ assert_equal "200",@response.code
276
+ assert_equal( "ok=hello&test=this",@response.body)
277
+ end
278
+
279
+
280
+ # This test does an actual https request (the result doesn't matter)
281
+ # to initialize the same way as get_request_token does. Can be any
282
+ # site that supports https.
283
+ #
284
+ # It also generates "warning: using default DH parameters." which I
285
+ # don't know how to get rid of
286
+ # def test_serialization_with_https
287
+ # consumer = OAuth::Consumer.new('token', 'secret', :site => 'https://plazes.net')
288
+ # consumer.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
289
+ # consumer.http.get('/')
290
+ #
291
+ # assert_nothing_raised do
292
+ # # Specifically this should not raise TypeError: no marshal_dump
293
+ # # is defined for class OpenSSL::SSL::SSLContext
294
+ # Marshal.dump(consumer)
295
+ # end
296
+ # end
297
+ #
298
+ def test_get_request_token_with_custom_arguments
299
+ @consumer=OAuth::Consumer.new(
300
+ "key",
301
+ "secret",
302
+ {
303
+ :site=>"http://term.ie",
304
+ :request_token_path=>"/oauth/example/request_token.php",
305
+ :access_token_path=>"/oauth/example/access_token.php",
306
+ :authorize_path=>"/oauth/example/authorize.php"
307
+ })
308
+
309
+
310
+ debug = ""
311
+ @consumer.http.set_debug_output(debug)
312
+
313
+ # get_request_token should receive our custom request_options and *arguments parameters from get_request_token.
314
+ @consumer.get_request_token({}, {:scope => "http://www.google.com/calendar/feeds http://picasaweb.google.com/data"})
315
+
316
+ # Because this is a POST request, create_http_request should take the first element of *arguments
317
+ # and turn it into URL-encoded data in the body of the POST.
318
+ assert_match( /^<- "scope=http%3a%2f%2fwww.google.com%2fcalendar%2ffeeds%20http%3a%2f%2fpicasaweb.google.com%2fdata"/,
319
+ debug)
320
+ end
321
+
322
+ protected
323
+
324
+ def request_parameters_to_s
325
+ @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
326
+ end
327
+
328
+ end
@@ -0,0 +1,15 @@
1
+ require 'test/unit'
2
+ require File.dirname(__FILE__) + '/../lib/oauth'
3
+
4
+ begin
5
+ # load redgreen unless running from within TextMate (in which case ANSI
6
+ # color codes mess with the output)
7
+ require 'redgreen' unless ENV['TM_CURRENT_LINE']
8
+ rescue LoadError
9
+ nil
10
+ end
11
+
12
+ def requests(request)
13
+ Marshal.load(File.read(File.dirname(__FILE__) + '/fixtures/' + request))
14
+ end
15
+
@@ -0,0 +1,21 @@
1
+ require File.dirname(__FILE__) + '/test_helper.rb'
2
+ require 'oauth/signature/hmac/sha1'
3
+
4
+ class TestSignatureHmacSha1 < Test::Unit::TestCase
5
+ def test_that_hmac_sha1_implements_hmac_sha1
6
+ assert OAuth::Signature.available_methods.include?('hmac-sha1')
7
+ end
8
+
9
+ def test_that_get_request_from_oauth_test_cases_produces_matching_signature
10
+ request = Net::HTTP::Get.new('/photos?file=vacation.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_token=nnch734d00sl2jdk&oauth_timestamp=1191242096&oauth_nonce=kllo9940pd9333jh&oauth_signature_method=HMAC-SHA1')
11
+
12
+ consumer = OAuth::Consumer.new('dpf43f3p2l4k3l03', 'kd94hf93k423kf44')
13
+ token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
14
+
15
+ signature = OAuth::Signature.sign(request, { :consumer => consumer,
16
+ :token => token,
17
+ :uri => 'http://photos.example.net/photos' } )
18
+
19
+ assert_equal 'tR3+Ty81lMeYAr/Fid0kMTYa/WM=', signature
20
+ end
21
+ end
@@ -0,0 +1,169 @@
1
+ require File.dirname(__FILE__) + '/test_helper.rb'
2
+ require 'oauth/client/net_http'
3
+
4
+ class NetHTTPClientTest < Test::Unit::TestCase
5
+
6
+ def setup
7
+ @consumer = OAuth::Consumer.new('consumer_key_86cad9', '5888bf0345e5d237')
8
+ @token = OAuth::Token.new('token_411a7f', '3196ffd991c8ebdb')
9
+ @request_uri = URI.parse('http://example.com/test?key=value')
10
+ @request_parameters = { 'key' => 'value' }
11
+ @nonce = 225579211881198842005988698334675835446
12
+ @timestamp = "1199645624"
13
+ @http = Net::HTTP.new(@request_uri.host, @request_uri.port)
14
+ end
15
+
16
+ def test_that_using_auth_headers_on_get_requests_works
17
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
18
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
19
+
20
+ assert_equal 'GET', request.method
21
+ assert_equal '/test?key=value', request.path
22
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
23
+ end
24
+
25
+ def test_that_using_auth_headers_on_post_requests_works
26
+ request = Net::HTTP::Post.new(@request_uri.path)
27
+ request.set_form_data( @request_parameters )
28
+ request.oauth!(@http, @consumer, @token, {:nonce => @nonce, :timestamp => @timestamp})
29
+
30
+ assert_equal 'POST', request.method
31
+ assert_equal '/test', request.path
32
+ assert_equal 'key=value', request.body
33
+ assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
34
+ end
35
+
36
+ def test_that_using_post_params_works
37
+ request = Net::HTTP::Post.new(@request_uri.path)
38
+ request.set_form_data( @request_parameters )
39
+ request.oauth!(@http, @consumer, @token, {:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp})
40
+
41
+ assert_equal 'POST', request.method
42
+ assert_equal '/test', request.path
43
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
44
+ assert_equal nil, request['authorization']
45
+ end
46
+
47
+ def test_that_using_get_params_works
48
+ request = Net::HTTP::Get.new(@request_uri.path + "?" + request_parameters_to_s)
49
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
50
+
51
+ assert_equal 'GET', request.method
52
+ uri = URI.parse(request.path)
53
+ assert_equal '/test', uri.path
54
+ assert_equal nil, uri.fragment
55
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=1oO2izFav1GP4kEH2EskwXkCRFg%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join("&")
56
+ assert_equal nil, request['authorization']
57
+ end
58
+
59
+ def test_that_using_get_params_works_with_post_requests
60
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
61
+ request.oauth!(@http, @consumer, @token, {:scheme => 'query_string', :nonce => @nonce, :timestamp => @timestamp})
62
+
63
+ assert_equal 'POST', request.method
64
+ uri = URI.parse(request.path)
65
+ assert_equal '/test', uri.path
66
+ assert_equal nil, uri.fragment
67
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
68
+ assert_equal nil, request.body
69
+ assert_equal nil, request['authorization']
70
+ end
71
+
72
+ def test_that_using_get_params_works_with_post_requests_that_have_post_bodies
73
+ request = Net::HTTP::Post.new(@request_uri.path + "?" + request_parameters_to_s)
74
+ request.set_form_data( { 'key2' => 'value2' } )
75
+ request.oauth!(@http, @consumer, @token, {:scheme => :query_string, :nonce => @nonce, :timestamp => @timestamp})
76
+
77
+ assert_equal 'POST', request.method
78
+ uri = URI.parse(request.path)
79
+ assert_equal '/test', uri.path
80
+ assert_equal nil, uri.fragment
81
+ assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=4kSU8Zd1blWo3W6qJH7eaRTMkg0%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", uri.query.split("&").sort.join('&')
82
+ assert_equal "key2=value2", request.body
83
+ assert_equal nil, request['authorization']
84
+ end
85
+
86
+
87
+ def test_example_from_specs
88
+ consumer=OAuth::Consumer.new("dpf43f3p2l4k3l03","kd94hf93k423kf44")
89
+ token = OAuth::Token.new('nnch734d00sl2jdk', 'pfkkdhi9sl3r4s00')
90
+ request_uri = URI.parse('http://photos.example.net/photos?file=vacation.jpg&size=original')
91
+ nonce = 'kllo9940pd9333jh'
92
+ timestamp = "1191242096"
93
+ http = Net::HTTP.new(request_uri.host, request_uri.port)
94
+
95
+ request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
96
+ signature_base_string=request.signature_base_string(http, consumer, token, {:nonce => nonce, :timestamp => timestamp})
97
+ assert_equal 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal',signature_base_string
98
+
99
+ # request = Net::HTTP::Get.new(request_uri.path + "?" + request_uri.query)
100
+ request.oauth!(http, consumer, token, {:nonce => nonce, :timestamp => timestamp,:realm=>"http://photos.example.net/"})
101
+
102
+ assert_equal 'GET', request.method
103
+ assert_equal 'OAuth realm="http://photos.example.net/", oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="nnch734d00sl2jdk", oauth_timestamp="1191242096", oauth_consumer_key="dpf43f3p2l4k3l03", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"'.split(', ').sort, request['authorization'].split(', ').sort
104
+
105
+ end
106
+
107
+ def test_step_by_step_token_request
108
+ consumer=OAuth::Consumer.new(
109
+ "key",
110
+ "secret")
111
+ request_uri = URI.parse('http://term.ie/oauth/example/request_token.php')
112
+ nonce = rand(2**128).to_s
113
+ timestamp = Time.now.to_i.to_s
114
+ http = Net::HTTP.new(request_uri.host, request_uri.port)
115
+
116
+ request = Net::HTTP::Get.new(request_uri.path)
117
+ signature_base_string=request.signature_base_string(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
118
+ assert_equal "GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key%3Dkey%26oauth_nonce%3D#{nonce}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D#{timestamp}%26oauth_version%3D1.0",signature_base_string
119
+
120
+ # request = Net::HTTP::Get.new(request_uri.path)
121
+ request.oauth!(http, consumer, nil, {:scheme=>:query_string,:nonce => nonce, :timestamp => timestamp})
122
+ assert_equal 'GET', request.method
123
+ assert_nil request.body
124
+ assert_nil request['authorization']
125
+ # assert_equal 'OAuth oauth_nonce="kllo9940pd9333jh", oauth_signature_method="HMAC-SHA1", oauth_token="", oauth_timestamp="'+timestamp+'", oauth_consumer_key="key", oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D", oauth_version="1.0"', request['authorization']
126
+
127
+ response=http.request(request)
128
+ assert_equal "200",response.code
129
+ # assert_equal request['authorization'],response.body
130
+ assert_equal "oauth_token=requestkey&oauth_token_secret=requestsecret",response.body
131
+ end
132
+
133
+ def test_that_put_bodies_not_signed
134
+ request = Net::HTTP::Put.new(@request_uri.path)
135
+ request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
136
+ request["Content-Type"] = "application/xml"
137
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
138
+ assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
139
+ end
140
+
141
+ def test_that_put_bodies_not_signed_even_if_form_urlencoded
142
+ request = Net::HTTP::Put.new(@request_uri.path)
143
+ request.set_form_data( { 'key2' => 'value2' } )
144
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
145
+ assert_equal "PUT&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
146
+ end
147
+
148
+ def test_that_post_bodies_signed_if_form_urlencoded
149
+ request = Net::HTTP::Post.new(@request_uri.path)
150
+ request.set_form_data( { 'key2' => 'value2' } )
151
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
152
+ assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&key2%3Dvalue2%26oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
153
+ end
154
+
155
+ def test_that_post_bodies_not_signed_if_other_content_type
156
+ request = Net::HTTP::Post.new(@request_uri.path)
157
+ request.body = "<?xml version=\"1.0\"?><foo><bar>baz</bar></foo>"
158
+ request["Content-Type"] = "application/xml"
159
+ signature_base_string=request.signature_base_string(@http, @consumer, nil, { :nonce => @nonce, :timestamp => @timestamp })
160
+ assert_equal "POST&http%3A%2F%2Fexample.com%2Ftest&oauth_consumer_key%3Dconsumer_key_86cad9%26oauth_nonce%3D225579211881198842005988698334675835446%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1199645624%26oauth_version%3D1.0", signature_base_string
161
+ end
162
+
163
+ protected
164
+
165
+ def request_parameters_to_s
166
+ @request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
167
+ end
168
+
169
+ end
@@ -0,0 +1,38 @@
1
+ require File.dirname(__FILE__) + '/test_helper.rb'
2
+ require 'oauth/request_proxy/net_http'
3
+
4
+ class NetHTTPRequestProxyTest < Test::Unit::TestCase
5
+
6
+ def test_that_proxy_simple_get_request_works
7
+ request = Net::HTTP::Get.new('/test?key=value')
8
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
9
+
10
+ expected_parameters = {'key' => ['value']}
11
+ assert_equal expected_parameters, request_proxy.parameters
12
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
13
+ assert_equal 'GET', request_proxy.method
14
+ end
15
+
16
+ def test_that_proxy_simple_post_request_works
17
+ request = Net::HTTP::Post.new('/test')
18
+ params = {'key' => 'value'}
19
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
20
+
21
+ expected_parameters = {'key' => ['value']}
22
+ assert_equal expected_parameters, request_proxy.parameters
23
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
24
+ assert_equal 'POST', request_proxy.method
25
+ end
26
+
27
+ def test_that_proxy_post_and_get_request_works
28
+ request = Net::HTTP::Post.new('/test?key=value')
29
+ params = {'key2' => 'value2'}
30
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => params})
31
+
32
+ expected_parameters = {'key' => ['value'], 'key2' => ['value2']}
33
+ assert_equal expected_parameters, request_proxy.parameters
34
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
35
+ assert_equal 'POST', request_proxy.method
36
+ end
37
+
38
+ end
@@ -0,0 +1,40 @@
1
+ require File.dirname(__FILE__) + '/test_helper.rb'
2
+ require 'oauth/request_proxy/rack_request'
3
+ require 'rack/request'
4
+ require 'rack/mock'
5
+
6
+ class RackRequestProxyTest < Test::Unit::TestCase
7
+
8
+ def test_that_proxy_simple_get_request_works
9
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value'))
10
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value'})
11
+
12
+ expected_parameters = {'key' => 'value'}
13
+ assert_equal expected_parameters, request_proxy.parameters
14
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
15
+ assert_equal 'GET', request_proxy.method
16
+ end
17
+
18
+ def test_that_proxy_simple_post_request_works
19
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test', :method => 'POST'))
20
+ params = {'key' => 'value'}
21
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test', :parameters => params})
22
+
23
+ expected_parameters = {'key' => 'value'}
24
+ assert_equal expected_parameters, request_proxy.parameters
25
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
26
+ assert_equal 'POST', request_proxy.method
27
+ end
28
+
29
+ def test_that_proxy_post_and_get_request_works
30
+ request = Rack::Request.new(Rack::MockRequest.env_for('http://example.com/test?key=value', :method => 'POST', :input => 'key2=value2'))
31
+ params = {'key2' => 'value2'}
32
+ request_proxy = OAuth::RequestProxy.proxy(request, {:uri => 'http://example.com/test?key=value', :parameters => params})
33
+
34
+ expected_parameters = {'key' => 'value', 'key2' => 'value2'}
35
+ assert_equal expected_parameters, request_proxy.parameters
36
+ assert_equal 'http://example.com/test', request_proxy.normalized_uri
37
+ assert_equal 'POST', request_proxy.method
38
+ end
39
+
40
+ end