@Test public void testBrokenAccessTokenResponse() throws Exception { SecurityToken securityToken = getSecurityToken("owner", "owner", GADGET_URL_BAD_OAUTH_URL); MakeRequestClient client = new MakeRequestClient(securityToken, fetcherConfig, serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME); // This lets us skip the access token step client.getBaseArgs().setRequestToken("reqtoken"); client.getBaseArgs().setRequestTokenSecret("reqtokensecret"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals(403, response.getHttpStatusCode()); assertEquals("", response.getResponseAsString()); Map<String, String> metadata = response.getMetadata(); assertNotNull(metadata); assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError")); String errorText = response.getMetadata().get("oauthErrorText"); checkStringContains("oauthErrorText mismatch", errorText, "No oauth_token_secret returned from service provider"); checkStringContains("oauthErrorText mismatch", errorText, "with_fleece_as_white_as_snow"); }
@Test public void testBrokenAccessTokenResponse() throws Exception { SecurityToken securityToken = getSecurityToken("owner", "owner", GADGET_URL_BAD_OAUTH_URL); MakeRequestClient client = new MakeRequestClient(securityToken, fetcherConfig, serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME); // This lets us skip the access token step client.getBaseArgs().setRequestToken("reqtoken"); client.getBaseArgs().setRequestTokenSecret("reqtokensecret"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals(403, response.getHttpStatusCode()); assertEquals("", response.getResponseAsString()); Map<String, String> metadata = response.getMetadata(); assertNotNull(metadata); assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError")); String errorText = response.getMetadata().get("oauthErrorText"); checkStringContains("oauthErrorText mismatch", errorText, "No oauth_token_secret returned from service provider"); checkStringContains("oauthErrorText mismatch", errorText, "with_fleece_as_white_as_snow"); }
@Test public void testBrokenAccessTokenResponse() throws Exception { SecurityToken securityToken = getSecurityToken("owner", "owner", GADGET_URL_BAD_OAUTH_URL); MakeRequestClient client = new MakeRequestClient(securityToken, fetcherConfig, serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME); // This lets us skip the access token step client.getBaseArgs().setRequestToken("reqtoken"); client.getBaseArgs().setRequestTokenSecret("reqtokensecret"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals(403, response.getHttpStatusCode()); assertEquals("", response.getResponseAsString()); Map<String, String> metadata = response.getMetadata(); assertNotNull(metadata); assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError")); String errorText = response.getMetadata().get("oauthErrorText"); checkStringContains("oauthErrorText mismatch", errorText, "No oauth_token_secret returned from service provider"); checkStringContains("oauthErrorText mismatch", errorText, "with_fleece_as_white_as_snow"); }
@Test public void testRequestTokenFromClient_noTokenInStorage() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.ALWAYS); arguments.setRequestToken("preapproved"); arguments.setRequestTokenSecret("preapprovedsecret"); AccessorInfo info = store.getOAuthAccessor(privateToken, arguments, clientState, responseParams, fetcherConfig); assertNull(info.getAccessor().accessToken); assertEquals("preapproved", info.getAccessor().requestToken); assertEquals("preapprovedsecret", info.getAccessor().tokenSecret); }
@Test public void testRequestTokenFromClient_noTokenInStorage() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.ALWAYS); arguments.setRequestToken("preapproved"); arguments.setRequestTokenSecret("preapprovedsecret"); AccessorInfo info = store.getOAuthAccessor(privateToken, arguments, clientState, responseParams, fetcherConfig); assertNull(info.getAccessor().accessToken); assertEquals("preapproved", info.getAccessor().requestToken); assertEquals("preapprovedsecret", info.getAccessor().tokenSecret); }
@Test public void testRequestTokenFromClient_noTokenInStorage() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.ALWAYS); arguments.setRequestToken("preapproved"); arguments.setRequestTokenSecret("preapprovedsecret"); AccessorInfo info = store.getOAuthAccessor(privateToken, arguments, clientState, responseParams, fetcherConfig); assertNull(info.getAccessor().accessToken); assertEquals("preapproved", info.getAccessor().requestToken); assertEquals("preapprovedsecret", info.getAccessor().tokenSecret); }
@Test public void testRequestTokenFromClient_preferTokenInStorage() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.ALWAYS); arguments.setRequestToken("preapproved"); arguments.setRequestTokenSecret("preapprovedsecret"); store.storeTokenKeyAndSecret(privateToken, null, arguments, new TokenInfo("access", "secret", null, 0), responseParams); AccessorInfo info = store.getOAuthAccessor(privateToken, arguments, clientState, responseParams, fetcherConfig); assertNull(info.getAccessor().requestToken); assertEquals("access", info.getAccessor().accessToken); assertEquals("secret", info.getAccessor().tokenSecret); }
@Test public void testRequestTokenFromClient_preferTokenInStorage() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.ALWAYS); arguments.setRequestToken("preapproved"); arguments.setRequestTokenSecret("preapprovedsecret"); store.storeTokenKeyAndSecret(privateToken, null, arguments, new TokenInfo("access", "secret", null, 0), responseParams); AccessorInfo info = store.getOAuthAccessor(privateToken, arguments, clientState, responseParams, fetcherConfig); assertNull(info.getAccessor().requestToken); assertEquals("access", info.getAccessor().accessToken); assertEquals("secret", info.getAccessor().tokenSecret); }
@Test public void testRequestTokenFromClient_preferTokenInStorage() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.ALWAYS); arguments.setRequestToken("preapproved"); arguments.setRequestTokenSecret("preapprovedsecret"); store.storeTokenKeyAndSecret(privateToken, null, arguments, new TokenInfo("access", "secret", null, 0), responseParams); AccessorInfo info = store.getOAuthAccessor(privateToken, arguments, clientState, responseParams, fetcherConfig); assertNull(info.getAccessor().requestToken); assertEquals("access", info.getAccessor().accessToken); assertEquals("secret", info.getAccessor().tokenSecret); }
@Test public void testPreapprovedToken_invalid() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.getBaseArgs().setRequestToken("garbage"); client.getBaseArgs().setRequestTokenSecret("garbage"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(0, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_invalid() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.getBaseArgs().setRequestToken("garbage"); client.getBaseArgs().setRequestTokenSecret("garbage"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(0, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_invalid() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.getBaseArgs().setRequestToken("garbage"); client.getBaseArgs().setRequestTokenSecret("garbage"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(0, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_notUsedIfAccessTokenExists() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_notUsedIfAccessTokenExists() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_notUsedIfAccessTokenExists() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testGetAndSet() throws Exception { OAuthArguments args = new OAuthArguments(); args.setBypassSpecCache(true); Assert.assertTrue(args.getBypassSpecCache()); args.setOrigClientState("thestate"); assertEquals("thestate", args.getOrigClientState()); args.setRequestToken("rt"); assertEquals("rt", args.getRequestToken()); args.setRequestTokenSecret("rts"); assertEquals("rts", args.getRequestTokenSecret()); args.setServiceName("s"); assertEquals("s", args.getServiceName()); args.setSignOwner(true); Assert.assertTrue(args.getSignOwner()); args.setSignViewer(true); Assert.assertTrue(args.getSignViewer()); args.setUseToken(UseToken.IF_AVAILABLE); assertEquals(UseToken.IF_AVAILABLE, args.getUseToken()); args.setRequestOption("foo", "bar"); assertEquals("bar", args.getRequestOption("foo")); args.removeRequestOption("foo"); assertNull(args.getRequestOption("foo")); }
@Test public void testGetAndSet() throws Exception { OAuthArguments args = new OAuthArguments(); args.setBypassSpecCache(true); Assert.assertTrue(args.getBypassSpecCache()); args.setOrigClientState("thestate"); assertEquals("thestate", args.getOrigClientState()); args.setRequestToken("rt"); assertEquals("rt", args.getRequestToken()); args.setRequestTokenSecret("rts"); assertEquals("rts", args.getRequestTokenSecret()); args.setServiceName("s"); assertEquals("s", args.getServiceName()); args.setSignOwner(true); Assert.assertTrue(args.getSignOwner()); args.setSignViewer(true); Assert.assertTrue(args.getSignViewer()); args.setUseToken(UseToken.IF_AVAILABLE); assertEquals(UseToken.IF_AVAILABLE, args.getUseToken()); args.setRequestOption("foo", "bar"); assertEquals("bar", args.getRequestOption("foo")); args.removeRequestOption("foo"); assertNull(args.getRequestOption("foo")); }
@Test public void testPreapprovedToken() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=2"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=2"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=2"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); }