@Test public void testPreapprovedToken_invalid() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.getBaseArgs().setRequestToken("garbage"); client.getBaseArgs().setRequestTokenSecret("garbage"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(0, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=2"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_invalid() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.getBaseArgs().setRequestToken("garbage"); client.getBaseArgs().setRequestTokenSecret("garbage"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(0, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=2"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_invalid() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); client.getBaseArgs().setRequestToken("garbage"); client.getBaseArgs().setRequestTokenSecret("garbage"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(0, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=2"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_notUsedIfAccessTokenExists() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_notUsedIfAccessTokenExists() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testPreapprovedToken_notUsedIfAccessTokenExists() throws Exception { MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); TokenPair reqToken = serviceProvider.getPreapprovedToken("preapproved"); client.getBaseArgs().setRequestToken(reqToken.token); client.getBaseArgs().setRequestTokenSecret(reqToken.secret); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); MakeRequestClient client2 = makeNonSocialClient("owner", "owner", GADGET_URL); response = client2.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cachebust=1"); assertEquals("User data is preapproved", response.getResponseAsString()); assertEquals(0, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(4, serviceProvider.getResourceAccessCount());
assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(3, serviceProvider.getResourceAccessCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(4, serviceProvider.getResourceAccessCount());
@Test public void testAccessTokenExpires_onServer() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); // clears oauthState client = makeNonSocialClient("owner", "owner", GADGET_URL); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testAccessTokenExpires_onServer() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); // clears oauthState client = makeNonSocialClient("owner", "owner", GADGET_URL); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testBadSessionHandle() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); serviceProvider.changeAllSessionHandles(); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("", response.getResponseAsString()); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=renewed"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals("User data is renewed", response.getResponseAsString()); checkLogContains("oauth_session_handle=REMOVED"); }
@Test public void testAccessTokenExpires_onServer() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); // clears oauthState client = makeNonSocialClient("owner", "owner", GADGET_URL); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); }
@Test public void testBadSessionHandle() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); serviceProvider.changeAllSessionHandles(); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("", response.getResponseAsString()); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=renewed"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals("User data is renewed", response.getResponseAsString()); checkLogContains("oauth_session_handle=REMOVED"); }
@Test public void testBadSessionHandle() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); serviceProvider.changeAllSessionHandles(); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("", response.getResponseAsString()); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=renewed"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals("User data is renewed", response.getResponseAsString()); checkLogContains("oauth_session_handle=REMOVED"); }
@Test public void testAccessTokenExpired_andRevoked() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); serviceProvider.revokeAllAccessTokens(); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("", response.getResponseAsString()); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=renewed"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals("User data is renewed", response.getResponseAsString()); checkLogContains("oauth_token_secret=REMOVED"); }
@Test public void testAccessTokenExpired_andRevoked() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); serviceProvider.revokeAllAccessTokens(); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("", response.getResponseAsString()); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=renewed"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals("User data is renewed", response.getResponseAsString()); checkLogContains("oauth_token_secret=REMOVED"); }
@Test public void testAccessTokenExpired_andRevoked() throws Exception { serviceProvider.setSessionExtension(true); MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("", response.getResponseAsString()); client.approveToken("user_data=hello-oauth"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertEquals("User data is hello-oauth", response.getResponseAsString()); assertEquals(1, serviceProvider.getRequestTokenCount()); assertEquals(1, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); clock.incrementSeconds(FakeOAuthServiceProvider.TOKEN_EXPIRATION_SECONDS + 1); serviceProvider.revokeAllAccessTokens(); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals("", response.getResponseAsString()); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(2, serviceProvider.getAccessTokenCount()); assertEquals(1, serviceProvider.getResourceAccessCount()); client.approveToken("user_data=renewed"); response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + "?cb=1"); assertEquals(2, serviceProvider.getRequestTokenCount()); assertEquals(3, serviceProvider.getAccessTokenCount()); assertEquals(2, serviceProvider.getResourceAccessCount()); assertEquals("User data is renewed", response.getResponseAsString()); checkLogContains("oauth_token_secret=REMOVED"); }