@Test public void testExtraApprovalParams() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_APPROVAL_PARAMS); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); String approvalUrl = response.getMetadata().get("oauthApprovalUrl"); Assert.assertSame(approvalUrl, 0, approvalUrl.indexOf( "http://www.example.com/authorize?oauth_callback=foo&oauth_token=")); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); checkEmptyLog(); }
@Test public void testExtraApprovalParams() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_APPROVAL_PARAMS); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); String approvalUrl = response.getMetadata().get("oauthApprovalUrl"); Assert.assertSame(approvalUrl, 0, approvalUrl.indexOf( "http://www.example.com/authorize?oauth_callback=foo&oauth_token=")); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); checkEmptyLog(); }
@Test public void testParamsInBody_forGetRequestStrictSp() throws Exception { serviceProvider.setParamLocation(OAuthParamLocation.POST_BODY); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_BODY); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(HttpResponse.SC_FORBIDDEN, response.getHttpStatusCode()); assertEquals("parameter_absent", response.getMetadata().get("oauthError")); assertNull(response.getMetadata().get("oauthApprovalUrl")); }
@Test public void testParamsInBody_forGetRequestStrictSp() throws Exception { serviceProvider.setParamLocation(OAuthParamLocation.POST_BODY); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_BODY); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(HttpResponse.SC_FORBIDDEN, response.getHttpStatusCode()); assertEquals("parameter_absent", response.getMetadata().get("oauthError")); assertNull(response.getMetadata().get("oauthApprovalUrl")); }
@Test public void testParamsInBody_forGetRequestStrictSp() throws Exception { serviceProvider.setParamLocation(OAuthParamLocation.POST_BODY); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_BODY); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(HttpResponse.SC_FORBIDDEN, response.getHttpStatusCode()); assertEquals("parameter_absent", response.getMetadata().get("oauthError")); assertNull(response.getMetadata().get("oauthApprovalUrl")); }
@Test public void testParamsInHeader() throws Exception { serviceProvider.setParamLocation(OAuthParamLocation.AUTH_HEADER); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_HEADER); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); String aznHeader = response.getHeader(FakeOAuthServiceProvider.AUTHZ_ECHO_HEADER); assertNotNull(aznHeader); Assert.assertNotSame("azn header: " + aznHeader, aznHeader.indexOf("OAuth"), -1); }
@Test public void testParamsInBody() throws Exception { serviceProvider.setParamLocation(OAuthParamLocation.POST_BODY); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_BODY); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, ""); assertEquals("User data is hello-oauth", response.getResponseAsString()); String echoedBody = response.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER); assertNotNull(echoedBody); Assert.assertNotSame("body: " + echoedBody, echoedBody.indexOf("oauth_consumer_key="), -1); }
@Test public void testParamsInBody() throws Exception { serviceProvider.setParamLocation(OAuthParamLocation.POST_BODY); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL_BODY); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, ""); assertEquals("User data is hello-oauth", response.getResponseAsString()); String echoedBody = response.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER); assertNotNull(echoedBody); Assert.assertNotSame("body: " + echoedBody, echoedBody.indexOf("oauth_consumer_key="), -1); }
@Test public void testExtraParamsSuppressed() throws Exception { serviceProvider.setRejectExtraParams(true); MakeRequestClient client = makeStrictNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); }
@Test public void testExtraParamsSuppressed() throws Exception { serviceProvider.setRejectExtraParams(true); MakeRequestClient client = makeStrictNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); }
@Test public void testOAuthFlow() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); checkEmptyLog(); }
@Test public void testOAuthFlow() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); checkEmptyLog(); }
@Test public void testOAuthFlow() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); checkEmptyLog(); }
@Test public void testExtraParamsSuppressed() throws Exception { serviceProvider.setRejectExtraParams(true); MakeRequestClient client = makeStrictNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); }
@Test(expected=RuntimeException.class) public void testAccessTokenData_noDirectRequest() throws Exception { serviceProvider.setReturnAccessTokenData(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL); fail("Service provider should have rejected bogus request to access token URL"); }
@Test(expected=RuntimeException.class) public void testAccessTokenData_noDirectRequest() throws Exception { serviceProvider.setReturnAccessTokenData(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL); fail("Service provider should have rejected bogus request to access token URL"); }
@Test(expected=RuntimeException.class) public void testAccessTokenData_noDirectRequest() throws Exception { serviceProvider.setReturnAccessTokenData(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL); fail("Service provider should have rejected bogus request to access token URL"); }
@Test public void testOAuthFlow_tokenReused() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); // Check out what happens if the client-side oauth state vanishes. MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); }
@Test public void testOAuthFlow_tokenReused() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); // Check out what happens if the client-side oauth state vanishes. MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); }
@Test public void testOAuthFlow_tokenReused() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); // Check out what happens if the client-side oauth state vanishes. MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); }