@Test public void testTrustedParams() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
@Test public void testTrustedParams() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
@Test public void testTrustedParams() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
/** * Test trusted parameters will always be sent when signOwner and signViewer * are false. */ @Test public void testAlwaysAppendTrustedParams() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeStrictNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
/** * Test trusted parameters will always be sent when signOwner and signViewer * are false. */ @Test public void testAlwaysAppendTrustedParams() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeStrictNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
/** * Test trusted parameters will always be sent when signOwner and signViewer * are false. */ @Test public void testAlwaysAppendTrustedParams() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeStrictNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
/** * Test different behaviors of trusted parameters. * 1) pass two parameters with same name, the latter will win. * 2) parameter name starting with 'oauth' 'oauth' or 'opensocial'. * 3) trusted parameter can override existing parameter. */ @Test public void testTrustedParamsMisc() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux_overridden"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
/** * Test different behaviors of trusted parameters. * 1) pass two parameters with same name, the latter will win. * 2) parameter name starting with 'oauth' 'oauth' or 'opensocial'. * 3) trusted parameter can override existing parameter. */ @Test public void testTrustedParamsMisc() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux_overridden"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }
/** * Test different behaviors of trusted parameters. * 1) pass two parameters with same name, the latter will win. * 2) parameter name starting with 'oauth' 'oauth' or 'opensocial'. * 3) trusted parameter can override existing parameter. */ @Test public void testTrustedParamsMisc() throws Exception { serviceProvider.setCheckTrustedParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.setTrustedParam("oauth_magic", "foo"); client.setTrustedParam("opensocial_magic", "bar"); client.setTrustedParam("xoauth_magic", "quux_overridden"); client.setTrustedParam("xoauth_magic", "quux"); client.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(12, serviceProvider.getTrustedParamCount()); }