sjs/simple_oauth
1
0
Fork 0
mirror of https://github.com/samsonjs/simple_oauth.git synced 2026-03-28 09:15:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: sjs:master
Branches Tags
sjs:master
sjs:v0.3.2
sjs:v0.3.1
sjs:v0.3.0
sjs:v0.2.0
sjs:v0.1.9
sjs:v0.1.8
sjs:v0.1.7
sjs:v0.1.6
sjs:v0.1.5
sjs:v0.1.4
sjs:v0.1.3
sjs:v0.1.2
sjs:v0.1.1
sjs:v0.1.0
..
compare: sjs:v0.1.8
Branches Tags
sjs:master
sjs:v0.3.2
sjs:v0.3.1
sjs:v0.3.0
sjs:v0.2.0
sjs:v0.1.9
sjs:v0.1.8
sjs:v0.1.7
sjs:v0.1.6
sjs:v0.1.5
sjs:v0.1.4
sjs:v0.1.3
sjs:v0.1.2
sjs:v0.1.1
sjs:v0.1.0

No commits in common. "master" and "v0.1.8" have entirely different histories.
master ... v0.1.8

24 changed files with 384 additions and 568 deletions
Show stats Expand all files Collapse all files

0
.gemtest Normal file
View file

29
.github/workflows/main.yml vendored
View file

@ -1,29 +0,0 @@
name: Ruby
on:
push:
branches:
- master
pull_request:
jobs:
build:
runs-on: ubuntu-latest
name: Ruby ${{ matrix.ruby }}
strategy:
matrix:
ruby:
- "3.0"
- "3.1"
- "3.2"
steps:
- uses: actions/checkout@v3
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true
- name: Run the default task
run: bundle exec rake

16
.gitignore vendored
View file

@ -1,9 +1,9 @@
/.bundle/ *.rbc
/.yardoc .bundle
/_yardoc/ .DS_Store
/coverage/ .yardoc
/doc/ coverage
/pkg/ doc
/spec/reports/
/tmp/
Gemfile.lock Gemfile.lock
pkg
rdoc

2
.rspec
View file

@ -1,2 +0,0 @@
--color
--order random

77
.rubocop.yml
View file

@ -1,77 +0,0 @@
require:
- standard
plugins:
- standard-performance
- rubocop-rspec
- rubocop-performance
- rubocop-rake
AllCops:
NewCops: enable
TargetRubyVersion: 3.0
Layout/ArgumentAlignment:
Enabled: true
EnforcedStyle: with_fixed_indentation
Layout/ArrayAlignment:
Enabled: true
EnforcedStyle: with_fixed_indentation
Layout/EndAlignment:
Enabled: true
EnforcedStyleAlignWith: variable
Layout/HashAlignment:
Enabled: true
EnforcedHashRocketStyle: key
EnforcedColonStyle: key
EnforcedLastArgumentHashStyle: always_inspect
Layout/LineLength:
Enabled: false
Layout/ParameterAlignment:
Enabled: true
EnforcedStyle: with_fixed_indentation
IndentationWidth: ~
Layout/SpaceInsideHashLiteralBraces:
Enabled: false
Metrics/ParameterLists:
CountKeywordArgs: false
RSpec/MultipleExpectations:
Enabled: false
RSpec/ExampleLength:
Enabled: false
RSpec/MessageSpies:
Enabled: false
RSpec/PendingWithoutReason:
Enabled: false
RSpec/SpecFilePathFormat:
Enabled: false
RSpec/SpecFilePathSuffix:
Enabled: false
Style/Alias:
Enabled: true
EnforcedStyle: prefer_alias_method
Style/FrozenStringLiteralComment:
Enabled: false
Style/StringLiterals:
Enabled: true
EnforcedStyle: double_quotes
Style/StringLiteralsInInterpolation:
Enabled: true
EnforcedStyle: double_quotes

21
.travis.yml
View file

@ -1,21 +1,10 @@
language: ruby language: ruby
env:
global:
- JRUBY_OPTS="$JRUBY_OPTS --debug"
rvm: rvm:
- 1.8.7 - rbx-18mode
- 1.9.3 - rbx-19mode
- 2.0.0
- 2.1
- jruby-18mode - jruby-18mode
- jruby-19mode - jruby-19mode
- jruby-head - 1.8.7
- rbx-2 - 1.9.2
- 1.9.3
- ruby-head - ruby-head
matrix:
allow_failures:
- rvm: jruby-head
- rvm: rbx-2
- rvm: ruby-head
fast_finish: true
sudo: false

3
.yardopts
View file

@ -1,5 +1,4 @@
--markup markdown --markup markdown
- -
CONTRIBUTING.md HISTORY.md
LICENSE.md LICENSE.md
README.md

5
CHANGELOG.md
View file

@ -1,5 +0,0 @@
## [Unreleased]
## [0.4.0] - 2023-08-10
- Update

8
CONTRIBUTING.md
View file

@ -1,8 +0,0 @@
## Contributing
1. Fork the project.
2. Create a topic branch.
3. Add failing tests.
4. Add code to pass the failing tests.
5. Run `bundle exec rake`. If failing, repeat step 4.
6. Commit and push your changes.
7. Submit a pull request. Please do not include changes to the gemspec.

17
Gemfile
View file

@ -1,14 +1,7 @@
source "https://rubygems.org" source 'https://rubygems.org'
platforms :jruby do
gem 'jruby-openssl', '~> 0.7'
end
# Specify your gem's dependencies in simple_oauth.gemspec
gemspec gemspec
gem "rake", ">= 13.0.6"
gem "rspec", ">= 3.12"
gem "rubocop", ">= 1.21"
gem "rubocop-performance", ">= 1.18"
gem "rubocop-rake", ">= 0.6"
gem "rubocop-rspec", ">= 0.31"
gem "simplecov", ">= 0.22"
gem "standard", ">= 1.30.1"
gem "webmock", ">= 3.18.1"

22
LICENSE Normal file
View file

@ -0,0 +1,22 @@
Copyright (c) 2010 Steve Richert, Erik Michaels-Ober
MIT License
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

21
LICENSE.md
View file

@ -1,21 +0,0 @@
The MIT License (MIT)
Copyright (c) 2010-2023 Steve Richert, Erik Michaels-Ober
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

50
README.md
View file

@ -1,24 +1,42 @@
# simple_oauth # simple_oauth [![Build Status](https://secure.travis-ci.org/laserlemon/simple_oauth.png)](http://travis-ci.org/laserlemon/simple_oauth) [![Dependency Status](https://gemnasium.com/laserlemon/simple_oauth.png)](https://gemnasium.com/laserlemon/simple_oauth)
Simply builds and verifies OAuth headers Simply builds and verifies OAuth headers
## Installation
Install the gem and add to the application's Gemfile by executing:
$ bundle add simple_oauth
If bundler is not being used to manage dependencies, install the gem by executing:
$ gem install simple_oauth
## Contributing ## Contributing
1. Fork the project.
2. Create a topic branch.
3. Add failing tests.
4. Add code to pass the failing tests.
5. Run `bundle exec rake`. If failing, repeat step 4.
6. Commit and push your changes.
7. Submit a pull request. Please do not include changes to the gemspec.
Bug reports and pull requests are welcome on GitHub at https://github.com/laserlemon/simple_oauth. ## Supported Rubies
This library aims to support and is [tested
against](http://travis-ci.org/laserlemon/simple_oauth) the following Ruby
implementations:
This project conforms to [Standard Ruby](https://github.com/standardrb/standard). Patches that dont maintain that standard will not be accepted. * Ruby 1.8.7
* Ruby 1.9.2
* Ruby 1.9.3
* Ruby head
* [JRuby](http://www.jruby.org/)
* [Rubinius](http://rubini.us/)
## License If something doesn't work on one of these interpreters, it should be considered
a bug.
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT). This library may inadvertently work (or seem to work) on other Ruby
implementations, however support will only be provided for the versions listed
above.
If you would like this library to support another Ruby version, you may
volunteer to be a maintainer. Being a maintainer entails making sure all tests
run and pass on that implementation. When something breaks on your
implementation, you will be personally responsible for providing patches in a
timely fashion. If critical issues for a particular implementation exist at the
time of a major release, support for that Ruby version may be dropped.
## Copyright
Copyright (c) 2010 Steve Richert, Erik Michaels-Ober.
See [LICENSE](https://github.com/laserlemon/simple_oauth/blob/master/LICENSE) for details.

10
Rakefile
View file

@ -1,10 +1,6 @@
require "bundler/gem_tasks" require 'bundler/gem_tasks'
require "rspec/core/rake_task" require 'rspec/core/rake_task'
require "rubocop/rake_task"
require "standard/rake"
RSpec::Core::RakeTask.new(:spec) RSpec::Core::RakeTask.new(:spec)
RuboCop::RakeTask.new task :default => :spec
task default: %i[spec rubocop standard]

10
bin/console
View file

@ -1,10 +0,0 @@
#!/usr/bin/env ruby
require "bundler/setup"
require "simple_oauth"
# You can add fixtures and/or initialization code here to make experimenting
# with your gem easier. You can also use a different console, if you like.
require "irb"
IRB.start(__FILE__)

8
bin/setup
View file

@ -1,8 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
IFS=$'\n\t'
set -vx
bundle install
# Do any other automated setup that you need to do here

3
lib/simple_oauth.rb
View file

@ -1,2 +1 @@
require_relative "simple_oauth/header" require 'simple_oauth/header'
require_relative "simple_oauth/version"

88
lib/simple_oauth/header.rb
View file

@ -1,51 +1,38 @@
require "openssl" require 'openssl'
require "uri" require 'uri'
require "base64" require 'base64'
require "cgi" require 'cgi'
module SimpleOAuth module SimpleOAuth
# Generates OAuth header for HTTP request
class Header class Header
ATTRIBUTE_KEYS = %i[callback consumer_key nonce signature_method timestamp token verifier version].freeze unless defined? ::SimpleOAuth::Header::ATTRIBUTE_KEYS ATTRIBUTE_KEYS = [:consumer_key, :nonce, :signature_method, :timestamp, :token, :version] unless defined? ::SimpleOAuth::Header::ATTRIBUTE_KEYS
IGNORED_KEYS = %i[consumer_secret token_secret signature].freeze unless defined? ::SimpleOAuth::Header::IGNORED_KEYS def self.default_options
{
:nonce => OpenSSL::Random.random_bytes(16).unpack('H*')[0],
:signature_method => 'HMAC-SHA1',
:timestamp => Time.now.to_i.to_s,
:version => '1.0'
}
end
attr_reader :method, :params, :options def self.encode(value)
URI.encode(value.to_s, /[^a-z0-9\-\.\_\~]/i)
end
class << self def self.decode(value)
def default_options URI.decode(value.to_s)
{ end
nonce: OpenSSL::Random.random_bytes(16).unpack1("H*"),
signature_method: "HMAC-SHA1",
timestamp: Time.now.to_i.to_s,
version: "1.0"
}
end
def parse(header) def self.parse(header)
header.to_s.sub(/^OAuth\s/, "").split(/,\s*/).inject({}) do |attributes, pair| header.to_s.sub(/^OAuth\s/, '').split(/,\s*/).inject({}) do |attributes, pair|
match = pair.match(/^(\w+)="([^"]*)"$/) match = pair.match(/^(\w+)\=\"([^\"]*)\"$/)
attributes.merge(match[1].sub(/^oauth_/, "").to_sym => unescape(match[2])) attributes.merge(match[1].sub(/^oauth_/, '').to_sym => decode(match[2]))
end
end
def escape(value)
uri_parser.escape(value.to_s, /[^a-z0-9\-._~]/i)
end
alias_method :encode, :escape
def unescape(value)
uri_parser.unescape(value.to_s)
end
alias_method :decode, :unescape
private
def uri_parser
@uri_parser ||= URI.const_defined?(:Parser) ? URI::RFC2396_PARSER : URI
end end
end end
attr_reader :method, :params, :options
def initialize(method, url, params, oauth = {}) def initialize(method, url, params, oauth = {})
@method = method.to_s.upcase @method = method.to_s.upcase
@uri = URI.parse(url.to_s) @uri = URI.parse(url.to_s)
@ -75,42 +62,38 @@ module SimpleOAuth
end end
def signed_attributes def signed_attributes
attributes.merge(oauth_signature: signature) attributes.merge(:oauth_signature => signature)
end end
private private
def normalized_attributes def normalized_attributes
signed_attributes.sort_by { |k, _| k.to_s }.collect { |k, v| %(#{k}="#{self.class.escape(v)}") }.join(", ") signed_attributes.sort_by{|k,v| k.to_s }.map{|k,v| %(#{k}="#{self.class.encode(v)}") }.join(', ')
end end
def attributes def attributes
matching_keys, extra_keys = options.keys.partition { |key| ATTRIBUTE_KEYS.include?(key) } ATTRIBUTE_KEYS.inject({}){|a,k| options.key?(k) ? a.merge(:"oauth_#{k}" => options[k]) : a }
extra_keys -= IGNORED_KEYS
raise "SimpleOAuth: Found extra option keys not matching ATTRIBUTE_KEYS:\n [#{extra_keys.collect(&:inspect).join(", ")}]" unless options[:ignore_extra_keys] || extra_keys.empty?
options.slice(*matching_keys).transform_keys { |key| :"oauth_#{key}" }
end end
def signature def signature
send("#{options[:signature_method].downcase.tr("-", "_")}_signature") send(options[:signature_method].downcase.tr('-', '_') + '_signature')
end end
def hmac_sha1_signature def hmac_sha1_signature
Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest.new("SHA1"), secret, signature_base)).chomp.delete("\n") Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, secret, signature_base)).chomp.gsub(/\n/, '')
end end
def secret def secret
options.values_at(:consumer_secret, :token_secret).collect { |v| self.class.escape(v) }.join("&") options.values_at(:consumer_secret, :token_secret).map{|v| self.class.encode(v) }.join('&')
end end
alias_method :plaintext_signature, :secret alias_method :plaintext_signature, :secret
def signature_base def signature_base
[method, url, normalized_params].collect { |v| self.class.escape(v) }.join("&") [method, url, normalized_params].map{|v| self.class.encode(v) }.join('&')
end end
def normalized_params def normalized_params
signature_params.collect { |p| p.collect { |v| self.class.escape(v) } }.sort.collect { |p| p.join("=") }.join("&") signature_params.map{|p| p.map{|v| self.class.encode(v) } }.sort.map{|p| p.join('=') }.join('&')
end end
def signature_params def signature_params
@ -118,15 +101,16 @@ module SimpleOAuth
end end
def url_params def url_params
CGI.parse(@uri.query || "").inject([]) { |p, (k, vs)| p + vs.sort.collect { |v| [k, v] } } CGI.parse(@uri.query || '').inject([]){|p,(k,vs)| p + vs.sort.map{|v| [k, v] } }
end end
def rsa_sha1_signature def rsa_sha1_signature
Base64.encode64(private_key.sign(OpenSSL::Digest.new("SHA1"), signature_base)).chomp.delete("\n") Base64.encode64(private_key.sign(OpenSSL::Digest::SHA1.new, signature_base)).chomp.gsub(/\n/, '')
end end
def private_key def private_key
OpenSSL::PKey::RSA.new(options[:consumer_secret]) OpenSSL::PKey::RSA.new(options[:consumer_secret])
end end
end end
end end

3
lib/simple_oauth/version.rb
View file

@ -1,3 +0,0 @@
module SimpleOauth
VERSION = "0.3.1".freeze
end

45
simple_oauth.gemspec
View file

@ -1,35 +1,20 @@
require_relative "lib/simple_oauth/version" # encoding: utf-8
Gem::Specification.new do |spec| Gem::Specification.new do |gem|
spec.name = "simple_oauth" gem.name = 'simple_oauth'
spec.version = SimpleOauth::VERSION gem.version = '0.1.8'
spec.authors = ["Steve Richert", "Erik Berlin"]
spec.email = ["steve.richert@gmail.com", "sferik@gmail.com"]
spec.summary = "Simply builds and verifies OAuth headers" gem.authors = ["Steve Richert", "Erik Michaels-Ober"]
spec.description = spec.summary gem.email = ['steve.richert@gmail.com', 'sferik@gmail.com']
spec.homepage = "https://github.com/laserlemon/simple_oauth" gem.description = 'Simply builds and verifies OAuth headers'
spec.license = "MIT" gem.summary = gem.description
spec.required_ruby_version = ">= 3.0" gem.homepage = 'https://github.com/laserlemon/simple_oauth'
spec.metadata["allowed_push_host"] = "https://rubygems.org" gem.add_development_dependency 'rake'
gem.add_development_dependency 'rspec', '~> 2.0'
gem.add_development_dependency 'simplecov'
spec.metadata["homepage_uri"] = spec.homepage gem.files = `git ls-files`.split($\)
spec.metadata["source_code_uri"] = "https://github.com/laserlemon/simple_oauth" gem.test_files = gem.files.grep(/^test\//)
spec.metadata["changelog_uri"] = "https://github.com/laserlemon/simple_oauth/blob/master/CHANGELOG.md" gem.require_paths = ["lib"]
# Specify which files should be added to the gem when it is released.
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
spec.files = Dir.chdir(__dir__) do
`git ls-files -z`.split("\x0").reject do |f|
(File.expand_path(f) == __FILE__) ||
f.start_with?(*%w[bin/ test/ spec/ features/ .git .circleci appveyor Gemfile])
end
end
spec.bindir = "exe"
spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
spec.require_paths = ["lib"]
spec.metadata["rubygems_mfa_required"] = "true"
spec.add_dependency "base64"
end end

23
spec/helper.rb
View file

@ -1,23 +0,0 @@
$LOAD_PATH.unshift File.expand_path("../lib", __dir__)
require "simplecov"
SimpleCov.start do
add_filter "/spec/"
minimum_coverage(100)
end
require "rspec"
require "simple_oauth"
def uri_parser
@uri_parser ||= URI.const_defined?(:Parser) ? URI::DEFAULT_PARSER : URI
end
RSpec.configure do |config|
config.expect_with :rspec do |c|
c.syntax = :expect
end
end
Dir[File.expand_path("support/**/*.rb", __dir__)].each { |f| require f }

479
spec/simple_oauth/header_spec.rb
View file

@ -1,365 +1,372 @@
require "helper" # encoding: utf-8
require 'spec_helper'
describe SimpleOAuth::Header do describe SimpleOAuth::Header do
describe ".default_options" do describe '.default_options' do
let(:default_options) { described_class.default_options } let(:default_options){ SimpleOAuth::Header.default_options }
it "is different every time" do it 'is different every time' do
expect(described_class.default_options).not_to eq default_options SimpleOAuth::Header.default_options.should_not == default_options
end end
it "is used for new headers" do it 'is used for new headers' do
allow(described_class).to receive(:default_options).and_return(default_options) SimpleOAuth::Header.stub(:default_options => default_options)
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json", {}) header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {})
expect(header.options).to eq default_options header.options.should == default_options
end end
it "includes a signature method and an OAuth version" do it 'includes a signature method and an OAuth version' do
expect(default_options[:signature_method]).not_to be_nil default_options[:signature_method].should_not be_nil
expect(default_options[:version]).not_to be_nil default_options[:version].should_not be_nil
end end
end end
describe ".escape" do describe '.encode' do
it "escapes (most) non-word characters" do it 'encodes (most) non-word characters' do
[" ", "!", "@", "#", "$", "%", "^", "&"].each do |character| [' ', '!', '@', '#', '$', '%', '^', '&'].each do |character|
escaped = described_class.escape(character) encoded = SimpleOAuth::Header.encode(character)
expect(escaped).not_to eq character encoded.should_not == character
expect(escaped).to eq uri_parser.escape(character, /.*/) encoded.should == URI.encode(character, /.*/)
end end
end end
it "does not escape - . or ~" do it 'does not encode - . or ~' do
["-", ".", "~"].each do |character| ['-', '.', '~'].each do |character|
escaped = described_class.escape(character) encoded = SimpleOAuth::Header.encode(character)
expect(escaped).to eq character encoded.should == character
end end
end end
it "escapes non-ASCII characters" do def self.test_special_characters
expect(described_class.escape("é")).to eq "%C3%A9" it 'encodes non-ASCII characters' do
SimpleOAuth::Header.encode('é').should == '%C3%A9'
end
it 'encodes multibyte characters' do
SimpleOAuth::Header.encode('あ').should == '%E3%81%82'
end
end end
it "escapes multibyte characters" do if RUBY_VERSION >= '1.9'
expect(described_class.escape("")).to eq "%E3%81%82" test_special_characters
else
%w(n N e E s S u U).each do |kcode|
describe %(when $KCODE = "#{kcode}") do
original_kcode = $KCODE
begin
$KCODE = kcode
test_special_characters
ensure
$KCODE = original_kcode
end
end
end
end end
end end
describe ".unescape" do describe '.decode' do
pending pending
end end
describe ".parse" do describe '.parse' do
let(:header) { described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}) } let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}) }
let(:parsed_options) { described_class.parse(header) } let(:parsed_options){ SimpleOAuth::Header.parse(header) }
it "returns a hash" do it 'returns a hash' do
expect(parsed_options).to be_a(Hash) parsed_options.should be_a(Hash)
end end
it "includes the options used to build the header" do it 'includes the options used to build the header' do
expect(parsed_options.except(:signature)).to eq header.options parsed_options.reject{|k,_| k == :signature }.should == header.options
end end
it "includes a signature" do it 'includes a signature' do
expect(header.options).not_to have_key(:signature) header.options.should_not have_key(:signature)
expect(parsed_options).to have_key(:signature) parsed_options.should have_key(:signature)
expect(parsed_options[:signature]).not_to be_nil parsed_options[:signature].should_not be_nil
end end
it 'should handle optional "linear white space"' do
parsed_header_with_spaces = SimpleOAuth::Header.parse 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"'
parsed_header_with_spaces.should be_a_kind_of(Hash)
parsed_header_with_spaces.keys.size.should eq 7
it "handles optional 'linear white space'" do parsed_header_with_tabs = SimpleOAuth::Header.parse 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"'
parsed_header_with_spaces = described_class.parse 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"' parsed_header_with_tabs.should be_a_kind_of(Hash)
expect(parsed_header_with_spaces).to be_a(Hash) parsed_header_with_tabs.keys.size.should eq 7
expect(parsed_header_with_spaces.keys.size).to eq 7
parsed_header_with_tabs = described_class.parse 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"' parsed_header_with_spaces_and_tabs = SimpleOAuth::Header.parse 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"'
expect(parsed_header_with_tabs).to be_a(Hash) parsed_header_with_spaces_and_tabs.should be_a_kind_of(Hash)
expect(parsed_header_with_tabs.keys.size).to eq 7 parsed_header_with_spaces_and_tabs.keys.size.should eq 7
parsed_header_with_spaces_and_tabs = described_class.parse 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"' parsed_header_without_spaces = SimpleOAuth::Header.parse 'OAuth oauth_consumer_key="abcd",oauth_nonce="oLKtec51GQy",oauth_signature="efgh%26mnop",oauth_signature_method="PLAINTEXT",oauth_timestamp="1286977095",oauth_token="ijkl",oauth_version="1.0"'
expect(parsed_header_with_spaces_and_tabs).to be_a(Hash) parsed_header_without_spaces.should be_a_kind_of(Hash)
expect(parsed_header_with_spaces_and_tabs.keys.size).to eq 7 parsed_header_without_spaces.keys.size.should eq 7
parsed_header_without_spaces = described_class.parse 'OAuth oauth_consumer_key="abcd",oauth_nonce="oLKtec51GQy",oauth_signature="efgh%26mnop",oauth_signature_method="PLAINTEXT",oauth_timestamp="1286977095",oauth_token="ijkl",oauth_version="1.0"'
expect(parsed_header_without_spaces).to be_a(Hash)
expect(parsed_header_without_spaces.keys.size).to eq 7
end end
end end
describe "#initialize" do describe '#initialize' do
let(:header) do let(:header){ SimpleOAuth::Header.new(:get, 'HTTPS://api.TWITTER.com:443/1/statuses/friendships.json?foo=bar#anchor', {}) }
described_class.new(:get, "HTTPS://api.TWITTER.com:443/1/statuses/friendships.json?foo=bar#anchor", {})
it 'stringifies and uppercases the request method' do
header.method.should == 'GET'
end end
it "stringifies and uppercases the request method" do it 'downcases the scheme and authority' do
expect(header.method).to eq "GET" header.url.should =~ %r(^https://api\.twitter\.com/)
end end
it "downcases the scheme and authority" do it 'ignores the query and fragment' do
expect(header.url).to match %r{^https://api\.twitter\.com/} header.url.should =~ %r(/1/statuses/friendships\.json$)
end
it "ignores the query and fragment" do
expect(header.url).to match %r{/1/statuses/friendships\.json$}
end end
end end
describe "#valid?" do describe '#valid?' do
context "when using the HMAC-SHA1 signature method" do context 'using the HMAC-SHA1 signature method' do
it "requires consumer and token secrets" do it 'requires consumer and token secrets' do
secrets = {consumer_secret: "CONSUMER_SECRET", token_secret: "TOKEN_SECRET"} secrets = {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET'}
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, secrets) header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, secrets)
parsed_header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, header) parsed_header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, header)
expect(parsed_header).not_to be_valid parsed_header.should_not be_valid
expect(parsed_header).to be_valid(secrets) parsed_header.should be_valid(secrets)
end end
end end
context "when using the RSA-SHA1 signature method" do context 'using the RSA-SHA1 signature method' do
it "requires an identical private key" do it 'requires an identical private key' do
secrets = {consumer_secret: rsa_private_key} secrets = {:consumer_secret => rsa_private_key}
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, secrets.merge(:signature_method => 'RSA-SHA1'))
secrets.merge(signature_method: "RSA-SHA1")) parsed_header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, header)
parsed_header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, header) expect{ parsed_header.valid? }.to raise_error(TypeError)
expect { parsed_header.valid? }.to raise_error(TypeError) parsed_header.should be_valid(secrets)
expect(parsed_header).to be_valid(secrets)
end end
end end
context "when using the PLAINTEXT signature method" do context 'using the RSA-SHA1 signature method' do
it "requires consumer and token secrets" do it 'requires consumer and token secrets' do
secrets = {consumer_secret: "CONSUMER_SECRET", token_secret: "TOKEN_SECRET"} secrets = {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET'}
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, secrets.merge(:signature_method => 'PLAINTEXT'))
secrets.merge(signature_method: "PLAINTEXT")) parsed_header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, header)
parsed_header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, header) parsed_header.should_not be_valid
expect(parsed_header).not_to be_valid parsed_header.should be_valid(secrets)
expect(parsed_header).to be_valid(secrets)
end end
end end
end end
describe "#normalized_attributes" do describe '#normalized_attributes' do
let(:header) { described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}) } let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}) }
let(:normalized_attributes) { header.send(:normalized_attributes) } let(:normalized_attributes){ header.send(:normalized_attributes) }
it "returns a sorted-key, quoted-value and comma-separated list" do it 'returns a sorted-key, quoted-value and comma-separated list' do
allow(header).to receive(:signed_attributes).and_return(d: 1, c: 2, b: 3, a: 4) header.stub(:signed_attributes => {:d => 1, :c => 2, :b => 3, :a => 4})
expect(normalized_attributes).to eq 'a="4", b="3", c="2", d="1"' normalized_attributes.should == 'a="4", b="3", c="2", d="1"'
end end
it "URI encodes its values" do it 'url-encodes its values' do
allow(header).to receive(:signed_attributes).and_return(1 => "!", 2 => "@", 3 => "#", 4 => "$") header.stub(:signed_attributes => {1 => '!', 2 => '@', 3 => '#', 4 => '$'})
expect(normalized_attributes).to eq '1="%21", 2="%40", 3="%23", 4="%24"' normalized_attributes.should == '1="%21", 2="%40", 3="%23", 4="%24"'
end end
end end
describe "#signed_attributes" do describe '#signed_attributes' do
it "includes the OAuth signature" do it 'includes the OAuth signature' do
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}) header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {})
expect(header.send(:signed_attributes)).to have_key(:oauth_signature) header.send(:signed_attributes).should have_key(:oauth_signature)
end end
end end
describe "#attributes" do describe '#attributes' do
let(:header) do let(:header) do
options = {} options = {}
SimpleOAuth::Header::ATTRIBUTE_KEYS.each { |k| options[k] = k.to_s.upcase } SimpleOAuth::Header::ATTRIBUTE_KEYS.each{|k| options[k] = k.to_s.upcase }
options[:other] = "OTHER" options[:other] = 'OTHER'
described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json", {}, options) SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}, options)
end
let(:attributes){ header.send(:attributes) }
it 'prepends keys with "oauth_"' do
attributes.keys.should be_all{|k| k.to_s =~ /^oauth_/ }
end end
it "prepends keys with 'oauth_'" do it 'excludes keys not included in the list of valid attributes' do
header.options[:ignore_extra_keys] = true attributes.keys.should be_all{|k| k.is_a?(Symbol) }
expect(header.send(:attributes).keys).to(be_all { |k| k.to_s =~ /^oauth_/ }) attributes.should_not have_key(:oauth_other)
end end
it "excludes keys not included in the list of valid attributes" do it 'preserves values for valid keys' do
header.options[:ignore_extra_keys] = true attributes.size.should == SimpleOAuth::Header::ATTRIBUTE_KEYS.size
expect(header.send(:attributes).keys).to(be_all { |k| k.is_a?(Symbol) }) attributes.should be_all{|k,v| k.to_s == "oauth_#{v.downcase}" }
expect(header.send(:attributes)).not_to have_key(:oauth_other)
end
it "preserves values for valid keys" do
header.options[:ignore_extra_keys] = true
expect(header.send(:attributes).size).to eq SimpleOAuth::Header::ATTRIBUTE_KEYS.size
expect(header.send(:attributes)).to(be_all { |k, v| k.to_s == "oauth_#{v.downcase}" })
end
it "raises exception for extra keys" do
expect do
header.send(:attributes)
end.to raise_error(RuntimeError,
"SimpleOAuth: Found extra option keys not matching ATTRIBUTE_KEYS:\n [:other]")
end end
end end
describe "#signature" do describe '#signature' do
specify "when using HMAC-SHA1" do context 'calls the appropriate signature method' do
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, signature_method: "HMAC-SHA1") specify 'when using HMAC-SHA1' do
expect(header).to receive(:hmac_sha1_signature).once.and_return("HMAC_SHA1_SIGNATURE") header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, :signature_method => 'HMAC-SHA1')
expect(header.send(:signature)).to eq "HMAC_SHA1_SIGNATURE" header.should_receive(:hmac_sha1_signature).once.and_return('HMAC_SHA1_SIGNATURE')
end header.send(:signature).should == 'HMAC_SHA1_SIGNATURE'
end
specify "when using RSA-SHA1" do specify 'when using RSA-SHA1' do
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, signature_method: "RSA-SHA1") header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, :signature_method => 'RSA-SHA1')
expect(header).to receive(:rsa_sha1_signature).once.and_return("RSA_SHA1_SIGNATURE") header.should_receive(:rsa_sha1_signature).once.and_return('RSA_SHA1_SIGNATURE')
expect(header.send(:signature)).to eq "RSA_SHA1_SIGNATURE" header.send(:signature).should == 'RSA_SHA1_SIGNATURE'
end end
specify "when using PLAINTEXT" do specify 'when using PLAINTEXT' do
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, signature_method: "PLAINTEXT") header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, :signature_method => 'PLAINTEXT')
expect(header).to receive(:plaintext_signature).once.and_return("PLAINTEXT_SIGNATURE") header.should_receive(:plaintext_signature).once.and_return('PLAINTEXT_SIGNATURE')
expect(header.send(:signature)).to eq "PLAINTEXT_SIGNATURE" header.send(:signature).should == 'PLAINTEXT_SIGNATURE'
end
end end
end end
describe "#hmac_sha1_signature" do describe '#hmac_sha1_signature' do
it "reproduces a successful Twitter GET" do it 'reproduces a successful Twitter GET' do
options = { options = {
consumer_key: "8karQBlMg6gFOwcf8kcoYw", :consumer_key => '8karQBlMg6gFOwcf8kcoYw',
consumer_secret: "3d0vcHyUiiqADpWxolW8nlDIpSWMlyK7YNgc5Qna2M", :consumer_secret => '3d0vcHyUiiqADpWxolW8nlDIpSWMlyK7YNgc5Qna2M',
nonce: "547fed103e122eecf84c080843eedfe6", :nonce => '547fed103e122eecf84c080843eedfe6',
signature_method: "HMAC-SHA1", :signature_method => 'HMAC-SHA1',
timestamp: "1286830180", :timestamp => '1286830180',
token: "201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", :token => '201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh',
token_secret: "T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ" :token_secret => 'T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ'
} }
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friends.json", {}, options) header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, options)
expect(header.to_s).to eq 'OAuth oauth_consumer_key="8karQBlMg6gFOwcf8kcoYw", oauth_nonce="547fed103e122eecf84c080843eedfe6", oauth_signature="i9CT6ahDRAlfGX3hKYf78QzXsaw%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286830180", oauth_token="201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", oauth_version="1.0"' header.to_s.should == 'OAuth oauth_consumer_key="8karQBlMg6gFOwcf8kcoYw", oauth_nonce="547fed103e122eecf84c080843eedfe6", oauth_signature="i9CT6ahDRAlfGX3hKYf78QzXsaw%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286830180", oauth_token="201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", oauth_version="1.0"'
end end
it "reproduces a successful Twitter POST" do it 'reproduces a successful Twitter POST' do
options = { options = {
consumer_key: "8karQBlMg6gFOwcf8kcoYw", :consumer_key => '8karQBlMg6gFOwcf8kcoYw',
consumer_secret: "3d0vcHyUiiqADpWxolW8nlDIpSWMlyK7YNgc5Qna2M", :consumer_secret => '3d0vcHyUiiqADpWxolW8nlDIpSWMlyK7YNgc5Qna2M',
nonce: "b40a3e0f18590ecdcc0e273f7d7c82f8", :nonce => 'b40a3e0f18590ecdcc0e273f7d7c82f8',
signature_method: "HMAC-SHA1", :signature_method => 'HMAC-SHA1',
timestamp: "1286830181", :timestamp => '1286830181',
token: "201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", :token => '201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh',
token_secret: "T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ" :token_secret => 'T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ'
} }
header = described_class.new(:post, "https://api.twitter.com/1/statuses/update.json", header = SimpleOAuth::Header.new(:post, 'https://api.twitter.com/1/statuses/update.json', {:status => 'hi, again'}, options)
{status: "hi, again"}, options) header.to_s.should == 'OAuth oauth_consumer_key="8karQBlMg6gFOwcf8kcoYw", oauth_nonce="b40a3e0f18590ecdcc0e273f7d7c82f8", oauth_signature="mPqSFKejrWWk3ZT9bTQjhO5b2xI%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286830181", oauth_token="201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", oauth_version="1.0"'
expect(header.to_s).to eq 'OAuth oauth_consumer_key="8karQBlMg6gFOwcf8kcoYw", oauth_nonce="b40a3e0f18590ecdcc0e273f7d7c82f8", oauth_signature="mPqSFKejrWWk3ZT9bTQjhO5b2xI%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286830181", oauth_token="201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", oauth_version="1.0"'
end end
end end
describe "#secret" do describe '#secret' do
let(:header) { described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json", {}) } let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
let(:secret) { header.send(:secret) } let(:secret){ header.send(:secret) }
it "combines the consumer and token secrets with an ampersand" do it 'combines the consumer and token secrets with an ampersand' do
allow(header).to receive(:options).and_return(consumer_secret: "CONSUMER_SECRET", header.stub(:options => {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET'})
token_secret: "TOKEN_SECRET") secret.should == 'CONSUMER_SECRET&TOKEN_SECRET'
expect(secret).to eq "CONSUMER_SECRET&TOKEN_SECRET"
end end
it "URI encodes each secret value before combination" do it 'URL encodes each secret value before combination' do
allow(header).to receive(:options).and_return(consumer_secret: "CONSUM#R_SECRET", header.stub(:options => {:consumer_secret => 'CONSUM#R_SECRET', :token_secret => 'TOKEN_S#CRET'})
token_secret: "TOKEN_S#CRET") secret.should == 'CONSUM%23R_SECRET&TOKEN_S%23CRET'
expect(secret).to eq "CONSUM%23R_SECRET&TOKEN_S%23CRET"
end end
end end
describe "#signature_base" do describe '#signature_base' do
let(:header) { described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json", {}) } let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
let(:signature_base) { header.send(:signature_base) } let(:signature_base){ header.send(:signature_base) }
it "combines the request method, URL and normalized parameters using ampersands" do it 'combines the request method, URL and normalized parameters using ampersands' do
allow(header).to receive_messages(method: "METHOD", url: "URL", normalized_params: "NORMALIZED_PARAMS") header.stub(:method => 'METHOD', :url => 'URL', :normalized_params => 'NORMALIZED_PARAMS')
expect(signature_base).to eq "METHOD&URL&NORMALIZED_PARAMS" signature_base.should == 'METHOD&URL&NORMALIZED_PARAMS'
end end
it "URI encodes each value before combination" do it 'URL encodes each value before combination' do
allow(header).to receive_messages(method: "ME#HOD", url: "U#L", normalized_params: "NORMAL#ZED_PARAMS") header.stub(:method => 'ME#HOD', :url => 'U#L', :normalized_params => 'NORMAL#ZED_PARAMS')
expect(signature_base).to eq "ME%23HOD&U%23L&NORMAL%23ZED_PARAMS" signature_base.should == 'ME%23HOD&U%23L&NORMAL%23ZED_PARAMS'
end end
end end
describe "#normalized_params" do describe '#normalized_params' do
let(:header) do let(:header) do
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json", {}) header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {})
allow(header).to receive(:signature_params).and_return([%w[A 4], %w[B 3], %w[B 2], %w[C 1], ["D[]", "0 "]]) header.stub(:signature_params => [['A', '4'], ['B', '3'], ['B', '2'], ['C', '1'], ['D[]', '0 ']])
header header
end end
let(:signature_params) { header.send(:signature_params) } let(:signature_params){ header.send(:signature_params) }
let(:normalized_params) { header.send(:normalized_params) } let(:normalized_params){ header.send(:normalized_params) }
it "joins key/value pairs with equal signs and ampersands" do it 'joins key/value pairs with equal signs and ampersands' do
expect(normalized_params).to be_a(String) normalized_params.should be_a(String)
parts = normalized_params.split("&") parts = normalized_params.split('&')
expect(parts.size).to eq signature_params.size parts.size.should == signature_params.size
pairs = parts.collect { |p| p.split("=") } pairs = parts.map{|p| p.split('=') }
expect(pairs).to(be_all { |p| p.size == 2 }) pairs.should be_all{|p| p.size == 2 }
end end
end end
describe "#signature_params" do describe '#signature_params' do
let(:header) { described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json", {}) } let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
let(:signature_params) { header.send(:signature_params) } let(:signature_params){ header.send(:signature_params) }
it "combines OAuth header attributes, body parameters and URL parameters into an flattened array of key/value pairs" do it 'combines OAuth header attributes, body parameters and URL parameters into an flattened array of key/value pairs' do
allow(header).to receive_messages(attributes: {attribute: "ATTRIBUTE"}, params: {"param" => "PARAM"}, header.stub(
url_params: [%w[url_param 1], %w[url_param 2]]) :attributes => {:attribute => 'ATTRIBUTE'},
expect(signature_params).to eq [ :params => {'param' => 'PARAM'},
[:attribute, "ATTRIBUTE"], :url_params => [['url_param', '1'], ['url_param', '2']]
%w[param PARAM], )
%w[url_param 1], signature_params.should == [
%w[url_param 2] [:attribute, 'ATTRIBUTE'],
['param', 'PARAM'],
['url_param', '1'],
['url_param', '2']
] ]
end end
end end
describe "#url_params" do describe '#url_params' do
it "returns an empty array when the URL has no query parameters" do it 'returns an empty array when the URL has no query parameters' do
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json", {}) header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {})
expect(header.send(:url_params)).to eq [] header.send(:url_params).should == []
end end
it "returns an array of key/value pairs for each query parameter" do it 'returns an array of key/value pairs for each query parameter' do
header = described_class.new(:get, "https://api.twitter.com/1/statuses/friendships.json?test=TEST", {}) header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json?test=TEST', {})
expect(header.send(:url_params)).to eq [%w[test TEST]] header.send(:url_params).should == [['test', 'TEST']]
end end
it "sorts values for repeated keys" do it 'sorts values for repeated keys' do
header = described_class.new(:get, header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json?test=3&test=1&test=2', {})
"https://api.twitter.com/1/statuses/friendships.json?test=3&test=1&test=2", {}) header.send(:url_params).should == [['test', '1'], ['test', '2'], ['test', '3']]
expect(header.send(:url_params)).to eq [%w[test 1], %w[test 2], %w[test 3]]
end end
end end
describe "#rsa_sha1_signature" do describe '#rsa_sha1_signature' do
it "reproduces a successful OAuth example GET" do it 'reproduces a successful OAuth example GET' do
options = { options = {
consumer_key: "dpf43f3p2l4k3l03", :consumer_key => 'dpf43f3p2l4k3l03',
consumer_secret: rsa_private_key, :consumer_secret => rsa_private_key,
nonce: "13917289812797014437", :nonce => '13917289812797014437',
signature_method: "RSA-SHA1", :signature_method => 'RSA-SHA1',
timestamp: "1196666512" :timestamp => '1196666512'
} }
header = described_class.new(:get, "http://photos.example.net/photos", header = SimpleOAuth::Header.new(:get, 'http://photos.example.net/photos', {:file => 'vacaction.jpg', :size => 'original'}, options)
{file: "vacaction.jpg", size: "original"}, options) header.to_s.should == 'OAuth oauth_consumer_key="dpf43f3p2l4k3l03", oauth_nonce="13917289812797014437", oauth_signature="jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D", oauth_signature_method="RSA-SHA1", oauth_timestamp="1196666512", oauth_version="1.0"'
expect(header.to_s).to eq 'OAuth oauth_consumer_key="dpf43f3p2l4k3l03", oauth_nonce="13917289812797014437", oauth_signature="jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D", oauth_signature_method="RSA-SHA1", oauth_timestamp="1196666512", oauth_version="1.0"'
end end
end end
describe "#private_key" do describe '#private_key' do
pending pending
end end
describe "#plaintext_signature" do describe '#plaintext_signature' do
it "reproduces a successful OAuth example GET" do it 'reproduces a successful OAuth example GET' do
options = { options = {
consumer_key: "abcd", :consumer_key => 'abcd',
consumer_secret: "efgh", :consumer_secret => 'efgh',
nonce: "oLKtec51GQy", :nonce => 'oLKtec51GQy',
signature_method: "PLAINTEXT", :signature_method => 'PLAINTEXT',
timestamp: "1286977095", :timestamp => '1286977095',
token: "ijkl", :token => 'ijkl',
token_secret: "mnop" :token_secret => 'mnop'
} }
header = described_class.new(:get, "http://host.net/resource?name=value", {name: "value"}, options) header = SimpleOAuth::Header.new(:get, 'http://host.net/resource?name=value', {:name => 'value'}, options)
expect(header.to_s).to eq 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"' header.to_s.should == 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"'
end end
end end
end end

10
spec/spec_helper.rb Normal file
View file

@ -0,0 +1,10 @@
unless ENV['CI']
require 'simplecov'
SimpleCov.start do
add_filter 'spec'
end
end
require 'simple_oauth'
Dir[File.expand_path('../support/**/*.rb', __FILE__)].each{|f| require f }

2
spec/support/rsa.rb
View file

@ -1,5 +1,5 @@
module RSAHelpers module RSAHelpers
PRIVATE_KEY_PATH = File.expand_path("fixtures/rsa-private-key", __dir__) PRIVATE_KEY_PATH = File.expand_path('../fixtures/rsa-private-key', __FILE__)
def rsa_private_key def rsa_private_key
@rsa_private_key ||= File.read(PRIVATE_KEY_PATH) @rsa_private_key ||= File.read(PRIVATE_KEY_PATH)