1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
require "test_helper"
module SimpleOAuth
# Tests for parameter normalization per RFC 5849 Section 3.4.1.3.2.
class HeaderParamsTest < Minitest::Test
include TestHelpers
cover "SimpleOAuth::Header*"
# #normalized_params tests
def test_normalized_params_returns_a_string
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
header.define_singleton_method(:signature_params) { [%w[A 4], %w[B 3], %w[B 2], %w[C 1], ["D[]", "0 "]] }
assert_kind_of String, header.send(:normalized_params)
end
def test_normalized_params_joins_pairs_with_ampersands
# RFC 5849 Section 3.4.1.3.2 - parameters joined with &
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
signature_params = [%w[A 4], %w[B 3], %w[B 2], %w[C 1], ["D[]", "0 "]]
header.define_singleton_method(:signature_params) { signature_params }
parts = header.send(:normalized_params).split("&")
assert_equal signature_params.size, parts.size
end
def test_normalized_params_joins_key_value_with_equal_signs
# RFC 5849 Section 3.4.1.3.2 - name=value pairs
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
header.define_singleton_method(:signature_params) { [%w[A 4], %w[B 3], %w[B 2], %w[C 1], ["D[]", "0 "]] }
pairs = header.send(:normalized_params).split("&").collect { |p| p.split("=") }
assert(pairs.all? { |p| p.size == 2 })
end
# #signature_params tests
def test_signature_params_combines_attributes_params_and_url_params
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
header.define_singleton_method(:attributes) { {attribute: "ATTRIBUTE"} }
header.define_singleton_method(:params) { {"param" => "PARAM"} }
header.define_singleton_method(:url_params) { [%w[url_param 1], %w[url_param 2]] }
expected = [[:attribute, "ATTRIBUTE"], %w[param PARAM], %w[url_param 1], %w[url_param 2]]
assert_equal expected, header.send(:signature_params)
end
# #url_params tests
def test_url_params_returns_empty_array_when_no_query_parameters
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
assert_empty header.send(:url_params)
end
def test_url_params_returns_key_value_pairs_for_query_parameters
# RFC 5849 Section 1.2 - file and size query parameters
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos?file=vacation.jpg", {})
assert_equal [%w[file vacation.jpg]], header.send(:url_params)
end
def test_url_params_sorts_values_for_repeated_keys
# RFC 5849 Section 3.4.1.3.2 - values for same key sorted
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos?size=3&size=1&size=2", {})
assert_equal [%w[size 1], %w[size 2], %w[size 3]], header.send(:url_params)
end
def test_url_params_handles_empty_query_string
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos?", {})
assert_empty header.send(:url_params)
end
def test_normalized_params_sorts_params_alphabetically
# RFC 5849 Section 3.4.1.3.2 - parameters sorted by name
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
header.define_singleton_method(:signature_params) { [%w[z last], %w[a first], %w[m middle]] }
result = header.send(:normalized_params)
assert_equal "a=first&m=middle&z=last", result
end
def test_url_params_accumulates_multiple_keys
# RFC 5849 Section 1.2 - multiple query parameters
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos?file=vacation.jpg&size=original", {})
url_params = header.send(:url_params)
expected = [%w[file vacation.jpg], %w[size original]]
assert_equal expected, url_params.sort
end
def test_normalized_params_escapes_special_characters_in_keys
# RFC 5849 Section 3.6 - percent-encoding
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
header.define_singleton_method(:signature_params) { [["a[]", "value"]] }
result = header.send(:normalized_params)
assert_equal "a%5B%5D=value", result
end
def test_normalized_params_escapes_special_characters_in_values
# RFC 5849 Section 3.6 - percent-encoding
header = SimpleOAuth::Header.new(:get, "https://photos.example.net/photos", {})
header.define_singleton_method(:signature_params) { [["key", "value with spaces"]] }
result = header.send(:normalized_params)
assert_equal "key=value%20with%20spaces", result
end
def test_params_are_included_in_signature_calculation
# Verify that params passed to initialize affect the signature
header1 = SimpleOAuth::Header.new(:post, "https://photos.example.net/photos", {status: "Hello"},
consumer_key: RFC5849::CONSUMER_KEY, consumer_secret: RFC5849::CONSUMER_SECRET,
nonce: "chapoH", timestamp: "137131202")
header2 = SimpleOAuth::Header.new(:post, "https://photos.example.net/photos", {status: "Goodbye"},
consumer_key: RFC5849::CONSUMER_KEY, consumer_secret: RFC5849::CONSUMER_SECRET,
nonce: "chapoH", timestamp: "137131202")
refute_equal header1.signed_attributes[:oauth_signature], header2.signed_attributes[:oauth_signature]
end
def test_params_accessor_returns_initialized_params
params = {status: "Hello", count: "5"}
header = SimpleOAuth::Header.new(:post, "https://photos.example.net/photos", params,
consumer_key: RFC5849::CONSUMER_KEY, consumer_secret: RFC5849::CONSUMER_SECRET)
assert_equal params, header.params
end
end
end
|
