@Test(expected=RuntimeException.class) public void testGetTamperedFormContent() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("foo=quux".getBytes()); return serviceProvider.fetch(request); } }); client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, OAuth.FORM_ENCODED, "foo=bar".getBytes()); fail("Should have thrown with oauth signature mismatch"); }
@Test(expected=RuntimeException.class) public void testGetTamperedFormContent() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("foo=quux".getBytes()); return serviceProvider.fetch(request); } }); client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, OAuth.FORM_ENCODED, "foo=bar".getBytes()); fail("Should have thrown with oauth signature mismatch"); }
@Test(expected=RuntimeException.class) public void testGetTamperedFormContent() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("foo=quux".getBytes()); return serviceProvider.fetch(request); } }); client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, OAuth.FORM_ENCODED, "foo=bar".getBytes()); fail("Should have thrown with oauth signature mismatch"); }
@Test(expected=RuntimeException.class) public void testPostTamperedFormContent() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("foo=quux".getBytes()); return serviceProvider.fetch(request); } }); client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "foo=bar"); fail("Should have thrown with oauth signature mismatch"); }
@Test(expected=RuntimeException.class) public void testPostTamperedFormContent() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("foo=quux".getBytes()); return serviceProvider.fetch(request); } }); client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "foo=bar"); fail("Should have thrown with oauth signature mismatch"); }
@Test(expected=RuntimeException.class) public void testPostTamperedFormContent() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("foo=quux".getBytes()); return serviceProvider.fetch(request); } }); client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "foo=bar"); fail("Should have thrown with oauth signature mismatch"); }
@Test(expected=RuntimeException.class) public void testGetTamperedRemoveRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY); request.setHeader("Content-Type", "application/x-www-form-urlencoded"); return serviceProvider.fetch(request); } }); client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with body hash in form encoded request"); }
@Test(expected=RuntimeException.class) public void testPostTamperedRemoveRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY); request.setHeader("Content-Type", "application/x-www-form-urlencoded"); return serviceProvider.fetch(request); } }); client.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with body hash in form encoded request"); }
@Test(expected=RuntimeException.class) public void testPostTamperedRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("yo momma".getBytes()); return serviceProvider.fetch(request); } }); client.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with oauth_body_hash mismatch"); }
@Test(expected=RuntimeException.class) public void testGetTamperedRemoveRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY); request.setHeader("Content-Type", "application/x-www-form-urlencoded"); return serviceProvider.fetch(request); } }); client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with body hash in form encoded request"); }
@Test(expected=RuntimeException.class) public void testPostTamperedRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("yo momma".getBytes()); return serviceProvider.fetch(request); } }); client.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with oauth_body_hash mismatch"); }
@Test(expected=RuntimeException.class) public void testPostTamperedRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("yo momma".getBytes()); return serviceProvider.fetch(request); } }); client.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with oauth_body_hash mismatch"); }
@Test(expected=RuntimeException.class) public void testGetTamperedRemoveRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY); request.setHeader("Content-Type", "application/x-www-form-urlencoded"); return serviceProvider.fetch(request); } }); client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with body hash in form encoded request"); }
@Test(expected=RuntimeException.class) public void testPostTamperedRemoveRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY); request.setHeader("Content-Type", "application/x-www-form-urlencoded"); return serviceProvider.fetch(request); } }); client.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with body hash in form encoded request"); }
@Test(expected=RuntimeException.class) public void testPostTamperedRemoveRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY); request.setHeader("Content-Type", "application/x-www-form-urlencoded"); return serviceProvider.fetch(request); } }); client.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with body hash in form encoded request"); }
@Test public void testGetTamperedRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("yo momma".getBytes()); return serviceProvider.fetch(request); } }); try { client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with oauth_body_hash mismatch"); } catch (RuntimeException e) { // good } }
@Test public void testGetTamperedRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("yo momma".getBytes()); return serviceProvider.fetch(request); } }); try { client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with oauth_body_hash mismatch"); } catch (RuntimeException e) { // good } }
@Test public void testGetTamperedRawContent() throws Exception { byte[] raw = { 0, 1, 2, 3, 4, 5 }; MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); // Tamper with the body before it hits the service provider client.setNextFetcher(new HttpFetcher() { public HttpResponse fetch(HttpRequest request) throws GadgetException { request.setPostBody("yo momma".getBytes()); return serviceProvider.fetch(request); } }); try { client.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", raw); fail("Should have thrown with oauth_body_hash mismatch"); } catch (RuntimeException e) { // good } }