[Jifty-commit] r4347 - in jifty/trunk: . lib/Jifty/Plugin/OAuth

jifty-commit at lists.jifty.org jifty-commit at lists.jifty.org
Wed Oct 31 13:21:39 EDT 2007


Author: sartak
Date: Wed Oct 31 13:21:39 2007
New Revision: 4347

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
   jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
   jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t

Log:
 r44449 at onn:  sartak | 2007-10-31 13:21:07 -0400
 Implement callback URLs and test them


Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm	Wed Oct 31 13:21:39 2007
@@ -11,6 +11,7 @@
 
 on     POST '/oauth/request_token' => \&request_token;
 before GET  '/oauth/authorize'     => \&authorize;
+on     POST '/oauth/authorize'     => \&authorize_post;
 on     POST '/oauth/access_token'  => \&access_token;
 
 =head2 abortmsg CODE, MSG
@@ -109,6 +110,22 @@
     }
 }
 
+=head2 authorize_post
+
+The user is submitting an AuthorizeRequestToken action
+
+=cut
+
+sub authorize_post {
+    my $result = Jifty->web->response->result("authorize_request_token");
+    unless ($result && $result->success) {
+        redirect '/oauth/authorize';
+    }
+
+    set result => $result;
+    show '/oauth/authorized';
+}
+
 =head2 access_token
 
 The consumer is trying to trade a request token for an access token

Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/View.pm	Wed Oct 31 13:21:39 2007
@@ -104,9 +104,6 @@
     );
 
     Jifty->web->form->start();
-    Jifty->web->form->next_page(url => "/oauth/authorized");
-
-    outs $authorize->hidden(callback => get 'callback');
 
     # if the site put the token in the request, then use it
     # otherwise, prompt the user for it
@@ -119,6 +116,8 @@
         $authorize->form_field('token')->render;
     }
 
+    outs_raw $authorize->hidden(callback => get 'callback');
+
     outs_raw($authorize->button(
         label => 'Allow',
         arguments => { %args, authorize => 'allow' },
@@ -141,7 +140,7 @@
 
 template 'oauth/authorized' => page { title => 'XXX' }
 content {
-    my $result    = Jifty->web->response->result('authorize_request_token');
+    my $result    = get 'result';
     my $callback  = $result->content('callback');
     my $token     = $result->content('token');
     my $token_obj = $result->content('token_obj');
@@ -159,7 +158,7 @@
 
         p {
             outs 'To return to ';
-            show 'oauth/consumer';
+            show '/oauth/consumer';
             outs ', ';
             hyperlink(
                 label => 'click here',

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t	Wed Oct 31 13:21:39 2007
@@ -8,7 +8,7 @@
 use TestApp::Plugin::OAuth::Test;
 
 if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
-    plan tests => 40;
+    plan tests => 69;
 }
 else {
     plan skip_all => "Net::OAuth isn't installed";
@@ -66,7 +66,6 @@
 $mech->get_ok('/login');
 $mech->fill_in_action_ok($mech->moniker_for('TestApp::Plugin::OAuth::Action::Login'), email => 'youzer at example.com', password => 'secret');
 $mech->submit;
-$mech->save_content('m2.html');
 $mech->content_contains('Logout');
 # }}}
 # try to navigate to protected pages while logged in {{{
@@ -213,9 +212,10 @@
 $mech->click_button(value => 'Deny');
 
 $mech->content_contains("Denying FooBar Industries the right to access your stuff");
-$mech->content_contains("Click here");
+$mech->content_contains("click here");
 $mech->content_contains("http://google.com?oauth_token=" . $token_obj->token);
-$mech->content_contains("to return to FooBar Industries");
+$mech->content_contains("To return to");
+$mech->content_contains("FooBar Industries");
 # }}}
 # get another request token as a known consumer (PLAINTEXT) {{{
 response_is(
@@ -227,7 +227,7 @@
 );
 # }}}
 # deny it with a callback + request params {{{
-$mech->get_ok('/oauth/authorize?oauth_token='.$token_obj->token.'&oauth_callback=http%3A%2f%2fgoogle.com%3ffoo%3d=bar');
+$mech->get_ok('/oauth/authorize?oauth_token='.$token_obj->token.'&oauth_callback=http%3A%2F%2Fgoogle.com%2F%3Ffoo%3Dbar');
 $mech->content_like(qr/If you trust this application/);
 $mech->content_unlike(qr/should have provided it/, "token hint doesn't show up if we already have it");
 
@@ -235,8 +235,10 @@
 $mech->click_button(value => 'Deny');
 
 $mech->content_contains("Denying FooBar Industries the right to access your stuff");
-$mech->content_contains("Click here");
-$mech->content_contains("http://google.com?foo=bar&oauth_token=" . $token_obj->token);
-$mech->content_contains("to return to FooBar Industries");
+$mech->content_contains("click here");
+my $token = $token_obj->token;
+$mech->content_like(qr{http://google\.com/\?foo=bar&(?:amp;|#38;)?oauth_token=$token});
+$mech->content_contains("To return to");
+$mech->content_contains("FooBar Industries");
 # }}}
 


More information about the Jifty-commit mailing list