/** * Track state (see gadgets.io.makeRequest handling of the oauthState parameter). */ private void saveState(HttpResponse response) { approvalUrl = null; if (response.getMetadata() != null) { if (response.getMetadata().containsKey("oauthState")) { oauthState = response.getMetadata().get("oauthState"); } approvalUrl = response.getMetadata().get("oauthApprovalUrl"); } }
/** * Track state (see gadgets.io.makeRequest handling of the oauthState parameter). */ private void saveState(HttpResponse response) { approvalUrl = null; if (response.getMetadata() != null) { if (response.getMetadata().containsKey("oauthState")) { oauthState = response.getMetadata().get("oauthState"); } approvalUrl = response.getMetadata().get("oauthApprovalUrl"); } }
/** * Track state (see gadgets.io.makeRequest handling of the oauthState parameter). */ private void saveState(HttpResponse response) { approvalUrl = null; if (response.getMetadata() != null) { if (response.getMetadata().containsKey("oauthState")) { oauthState = response.getMetadata().get("oauthState"); } approvalUrl = response.getMetadata().get("oauthApprovalUrl"); } }
public HttpResponseBuilder(GadgetHtmlParser parser, HttpResponse response) { super(parser, response); if (response != null) { httpStatusCode = response.getHttpStatusCode(); headers.putAll(response.getHeaders()); metadata.putAll(response.getMetadata()); } else { setResponse(null); } responseObj = response; responseObjNumChanges = getNumChanges(); }
public HttpResponseBuilder(GadgetHtmlParser parser, HttpResponse response) { super(parser, response); if (response != null) { httpStatusCode = response.getHttpStatusCode(); headers.putAll(response.getHeaders()); metadata.putAll(response.getMetadata()); } else { setResponse(null); } responseObj = response; responseObjNumChanges = getNumChanges(); }
private void verifyHash(HttpResponse resp, int metadataSize, String hash) { HttpResponseMetadataHelper metdataHelper = new HttpResponseMetadataHelper(); HttpResponse compiled = HttpResponseMetadataHelper.updateHash(resp, metdataHelper); assertEquals(metadataSize, compiled.getMetadata().size()); assertEquals(hash, compiled.getMetadata().get(HttpResponseMetadataHelper.DATA_HASH)); }
private void verifyHash(HttpResponse resp, int metadataSize, String hash) { HttpResponseMetadataHelper metdataHelper = new HttpResponseMetadataHelper(); HttpResponse compiled = HttpResponseMetadataHelper.updateHash(resp, metdataHelper); assertEquals(metadataSize, compiled.getMetadata().size()); assertEquals(hash, compiled.getMetadata().get(HttpResponseMetadataHelper.DATA_HASH)); }
@Test public void testTrickyParametersInBody() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); String tricky = "%6fpensocial_owner_id=gotcha"; HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, tricky); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_owner_id, applications may not override " + "oauth, xoauth, or opensocial parameters"); }
@Test public void testStripOpenSocialParamsFromQuery() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL + "?opensocial_foo=bar", null); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_foo"); }
@Test public void testStripOAuthParamsFromQuery() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL + "?oauth_foo=bar", "name=value"); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name oauth_foo"); }
@Test public void testTrickyParametersInQuery() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); String tricky = "%6fpensocial_owner_id=gotcha"; HttpResponse resp = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + '?' + tricky); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_owner_id, applications may not override " + "oauth, xoauth, or opensocial parameters"); }
@Test public void testStripOAuthParamsFromBody() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "oauth_foo=bar"); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name oauth_foo"); }
@Test public void testTrickyParametersInQuery() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); String tricky = "%6fpensocial_owner_id=gotcha"; HttpResponse resp = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + '?' + tricky); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_owner_id, applications may not override " + "oauth, xoauth, or opensocial parameters"); }
@Test public void testStripOAuthParamsFromBody() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "oauth_foo=bar"); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name oauth_foo"); }
@Test public void testStripOAuthParamsFromBody() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "oauth_foo=bar"); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name oauth_foo"); }
@Test public void testStripOpenSocialParamsFromBody() throws Exception { MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "opensocial_foo=bar"); assertEquals(OAuthError.INVALID_PARAMETER.name(), resp.getMetadata().get(OAuthResponseParams.ERROR_CODE)); checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_foo"); }
@Test public void testExtraParamsRejected() throws Exception { serviceProvider.setRejectExtraParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("parameter_rejected", response.getMetadata().get("oauthError")); }
@Test public void testExtraParamsRejected() throws Exception { serviceProvider.setRejectExtraParams(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("parameter_rejected", response.getMetadata().get("oauthError")); }
@Test public void testOAuthFlow_unauthUser() throws Exception { MakeRequestClient client = makeNonSocialClient(null, null, GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(403, response.getHttpStatusCode()); assertEquals(-1, response.getCacheTtl()); assertEquals(OAuthError.UNAUTHENTICATED.name(), response.getMetadata().get("oauthError")); }
@Test public void testOAuthFlow_unauthUser() throws Exception { MakeRequestClient client = makeNonSocialClient(null, null, GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(403, response.getHttpStatusCode()); assertEquals(-1, response.getCacheTtl()); assertEquals(OAuthError.UNAUTHENTICATED.name(), response.getMetadata().get("oauthError")); }