[Jifty-commit] r4347 - in jifty/trunk: . lib/Jifty/Plugin/OAuth
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Wed Oct 31 13:21:39 EDT 2007
Author: sartak
Date: Wed Oct 31 13:21:39 2007
New Revision: 4347
Modified:
jifty/trunk/ (props changed)
jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
Log:
r44449 at onn: sartak | 2007-10-31 13:21:07 -0400
Implement callback URLs and test them
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm Wed Oct 31 13:21:39 2007
@@ -11,6 +11,7 @@
on POST '/oauth/request_token' => \&request_token;
before GET '/oauth/authorize' => \&authorize;
+on POST '/oauth/authorize' => \&authorize_post;
on POST '/oauth/access_token' => \&access_token;
=head2 abortmsg CODE, MSG
@@ -109,6 +110,22 @@
}
}
+=head2 authorize_post
+
+The user is submitting an AuthorizeRequestToken action
+
+=cut
+
+sub authorize_post {
+ my $result = Jifty->web->response->result("authorize_request_token");
+ unless ($result && $result->success) {
+ redirect '/oauth/authorize';
+ }
+
+ set result => $result;
+ show '/oauth/authorized';
+}
+
=head2 access_token
The consumer is trying to trade a request token for an access token
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm Wed Oct 31 13:21:39 2007
@@ -104,9 +104,6 @@
);
Jifty->web->form->start();
- Jifty->web->form->next_page(url => "/oauth/authorized");
-
- outs $authorize->hidden(callback => get 'callback');
# if the site put the token in the request, then use it
# otherwise, prompt the user for it
@@ -119,6 +116,8 @@
$authorize->form_field('token')->render;
}
+ outs_raw $authorize->hidden(callback => get 'callback');
+
outs_raw($authorize->button(
label => 'Allow',
arguments => { %args, authorize => 'allow' },
@@ -141,7 +140,7 @@
template 'oauth/authorized' => page { title => 'XXX' }
content {
- my $result = Jifty->web->response->result('authorize_request_token');
+ my $result = get 'result';
my $callback = $result->content('callback');
my $token = $result->content('token');
my $token_obj = $result->content('token_obj');
@@ -159,7 +158,7 @@
p {
outs 'To return to ';
- show 'oauth/consumer';
+ show '/oauth/consumer';
outs ', ';
hyperlink(
label => 'click here',
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t Wed Oct 31 13:21:39 2007
@@ -8,7 +8,7 @@
use TestApp::Plugin::OAuth::Test;
if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
- plan tests => 40;
+ plan tests => 69;
}
else {
plan skip_all => "Net::OAuth isn't installed";
@@ -66,7 +66,6 @@
$mech->get_ok('/login');
$mech->fill_in_action_ok($mech->moniker_for('TestApp::Plugin::OAuth::Action::Login'), email => 'youzer at example.com', password => 'secret');
$mech->submit;
-$mech->save_content('m2.html');
$mech->content_contains('Logout');
# }}}
# try to navigate to protected pages while logged in {{{
@@ -213,9 +212,10 @@
$mech->click_button(value => 'Deny');
$mech->content_contains("Denying FooBar Industries the right to access your stuff");
-$mech->content_contains("Click here");
+$mech->content_contains("click here");
$mech->content_contains("http://google.com?oauth_token=" . $token_obj->token);
-$mech->content_contains("to return to FooBar Industries");
+$mech->content_contains("To return to");
+$mech->content_contains("FooBar Industries");
# }}}
# get another request token as a known consumer (PLAINTEXT) {{{
response_is(
@@ -227,7 +227,7 @@
);
# }}}
# deny it with a callback + request params {{{
-$mech->get_ok('/oauth/authorize?oauth_token='.$token_obj->token.'&oauth_callback=http%3A%2f%2fgoogle.com%3ffoo%3d=bar');
+$mech->get_ok('/oauth/authorize?oauth_token='.$token_obj->token.'&oauth_callback=http%3A%2F%2Fgoogle.com%2F%3Ffoo%3Dbar');
$mech->content_like(qr/If you trust this application/);
$mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
@@ -235,8 +235,10 @@
$mech->click_button(value => 'Deny');
$mech->content_contains("Denying FooBar Industries the right to access your stuff");
-$mech->content_contains("Click here");
-$mech->content_contains("http://google.com?foo=bar&oauth_token=" . $token_obj->token);
-$mech->content_contains("to return to FooBar Industries");
+$mech->content_contains("click here");
+my $token = $token_obj->token;
+$mech->content_like(qr{http://google\.com/\?foo=bar&(?:amp;|#38;)?oauth_token=$token});
+$mech->content_contains("To return to");
+$mech->content_contains("FooBar Industries");
# }}}
More information about the Jifty-commit
mailing list