[Jifty-commit] r4350 - in jifty/trunk: .
t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Wed Oct 31 17:15:21 EDT 2007
Author: sartak
Date: Wed Oct 31 17:15:18 2007
New Revision: 4350
Added:
jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/View.pm
jifty/trunk/t/TestApp-Plugin-OAuth/t/04-access-token.t
Modified:
jifty/trunk/ (props changed)
jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
jifty/trunk/t/TestApp-Plugin-OAuth/t/00-test-setup.t
jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
Log:
r44469 at onn: sartak | 2007-10-31 17:14:59 -0400
Most AccessToken tests done :) first implementation was right on
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm Wed Oct 31 17:15:18 2007
@@ -41,6 +41,8 @@
@_,
);
+ local $url = delete $params{url} || $url;
+
for (grep {!defined $params{$_}} keys %params) {
delete $params{$_};
}
@@ -52,6 +54,11 @@
my $consumer_secret = delete $params{consumer_secret}
or die "consumer_secret not passed to response_is!";
+ if ($url =~ /access_token/) {
+ $token_secret ||= $token_obj->secret;
+ $params{oauth_token} ||= $token_obj->token;
+ }
+
$params{oauth_signature} ||= sign($method, $token_secret, $consumer_secret, %params);
my $r;
@@ -82,7 +89,7 @@
sub sign {
my ($method, $token_secret, $consumer_secret, %params) = @_;
- local $url = delete $params{url} || $url;
+ local $url = delete $params{sign_url} || $url;
my $key = delete $params{signature_key};
my $sig_method = $params{oauth_signature_method} || delete $params{_signature_method};
Added: jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/View.pm
==============================================================================
--- (empty file)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/View.pm Wed Oct 31 17:15:18 2007
@@ -0,0 +1,12 @@
+#!/usr/bin/env perl
+package TestApp::Plugin::OAuth::View;
+use strict;
+use warnings;
+use Jifty::View::Declare -base;
+
+template '/nuke/the/whales' => page {
+ h1 { "Press the shiny red button." }
+};
+
+1;
+
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/00-test-setup.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/00-test-setup.t (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/00-test-setup.t Wed Oct 31 17:15:18 2007
@@ -30,7 +30,7 @@
'GET',
'pfkkdhi9sl3r4s00',
'kd94hf93k423kf44',
- url => 'http://photos.example.net/photos',
+ sign_url => 'http://photos.example.net/photos',
oauth_consumer_key => 'dpf43f3p2l4k3l03',
oauth_signature_method => 'HMAC-SHA1',
oauth_timestamp => '1191242096',
@@ -49,7 +49,7 @@
'GET',
'pfkkdhi9sl3r4s00',
'kd94hf93k423kf44',
- url => 'http://photos.example.net/photos',
+ sign_url => 'http://photos.example.net/photos',
signature_key => $seckey,
oauth_consumer_key => 'dpf43f3p2l4k3l03',
oauth_signature_method => 'RSA-SHA1',
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/03-authorize.t Wed Oct 31 17:15:18 2007
@@ -8,7 +8,7 @@
use TestApp::Plugin::OAuth::Test;
if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
- plan tests => 69;
+ plan tests => 81;
}
else {
plan skip_all => "Net::OAuth isn't installed";
@@ -55,6 +55,9 @@
$mech->get_ok('/oauth/authorize');
$mech->content_unlike(qr/If you trust this application/);
+$mech->get_ok('/oauth/authorized');
+$mech->content_unlike(qr/If you trust this application/);
+
$mech->get_ok('/nuke/the/whales');
$mech->content_unlike(qr/Press the shiny red button/);
# }}}
@@ -72,6 +75,9 @@
$mech->get_ok('/oauth/authorize');
$mech->content_like(qr/If you trust this application/);
+$mech->get_ok('/oauth/authorized');
+$mech->content_like(qr/If you trust this application/);
+
$mech->get_ok('/nuke/the/whales');
$mech->content_like(qr/Press the shiny red button/);
# }}}
@@ -175,6 +181,10 @@
$mech->click_button(value => 'Deny');
$mech->content_contains("Denying FooBar Industries the right to access your stuff");
+$mech->content_contains("click here");
+$mech->content_contains("http://foo.bar.example.com?oauth_token=" . $token_obj->token);
+$mech->content_contains("To return to");
+$mech->content_contains("FooBar Industries");
# }}}
# get another request token as a known consumer (PLAINTEXT) {{{
response_is(
@@ -194,6 +204,10 @@
$mech->click_button(value => 'Allow');
$mech->content_contains("Allowing FooBar Industries to access your stuff");
+$mech->content_contains("click here");
+$mech->content_contains("http://foo.bar.example.com?oauth_token=" . $token_obj->token);
+$mech->content_contains("To return to");
+$mech->content_contains("FooBar Industries");
# }}}
# get another request token as a known consumer (PLAINTEXT) {{{
response_is(
Added: jifty/trunk/t/TestApp-Plugin-OAuth/t/04-access-token.t
==============================================================================
--- (empty file)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/04-access-token.t Wed Oct 31 17:15:18 2007
@@ -0,0 +1,145 @@
+#!/usr/bin/env perl
+use warnings;
+use strict;
+
+use lib 't/lib';
+use Jifty::SubTest;
+
+use TestApp::Plugin::OAuth::Test;
+
+if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
+ plan tests => 45;
+}
+else {
+ plan skip_all => "Net::OAuth isn't installed";
+}
+
+use Jifty::Test::WWW::Mechanize;
+
+my $server = Jifty::Test->make_server;
+isa_ok($server, 'Jifty::Server');
+my $URL = $server->started_ok;
+$mech = Jifty::Test::WWW::Mechanize->new();
+$url = $URL . '/oauth/access_token';
+
+# helper functions {{{
+sub get_request_token {
+ local $Test::Builder::Level = $Test::Builder::Level + 1;
+
+ response_is(
+ url => $URL . '/oauth/request_token',
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ @_,
+ );
+}
+
+sub get_authorized_token {
+ local $Test::Builder::Level = $Test::Builder::Level + 1;
+ get_request_token(@_);
+ allow_ok();
+}
+# }}}
+# setup {{{
+# create two consumers {{{
+my $consumer = Jifty::Plugin::OAuth::Model::Consumer->new(current_user => Jifty::CurrentUser->superuser);
+my ($ok, $msg) = $consumer->create(
+ consumer_key => 'foo',
+ secret => 'bar',
+ name => 'FooBar Industries',
+ url => 'http://foo.bar.example.com',
+ rsa_key => $pubkey,
+);
+ok($ok, $msg);
+
+my $rsaless = Jifty::Plugin::OAuth::Model::Consumer->new(current_user => Jifty::CurrentUser->superuser);
+($ok, $msg) = $rsaless->create(
+ consumer_key => 'foo2',
+ secret => 'bar2',
+ name => 'Backwater.org',
+ url => 'http://backwater.org',
+);
+ok($ok, $msg);
+# }}}
+# create user and log in {{{
+my $u = TestApp::Plugin::OAuth::Model::User->new(current_user => TestApp::Plugin::OAuth::CurrentUser->superuser);
+$u->create( name => 'You Zer', email => 'youzer at example.com', password => 'secret', email_confirmed => 1);
+ok($u->id, "New user has valid id set");
+
+$mech->get_ok($URL . '/login');
+$mech->fill_in_action_ok($mech->moniker_for('TestApp::Plugin::OAuth::Action::Login'), email => 'youzer at example.com', password => 'secret');
+$mech->submit;
+$mech->content_contains('Logout');
+# }}}
+# }}}
+# basic working access token {{{
+get_authorized_token();
+my $request_token = $token_obj->token;
+response_is(
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+);
+isnt($token_obj->token, $request_token, "different token for request and access");
+# }}}
+# try to get an access token from denied request token {{{
+get_request_token();
+deny_ok();
+response_is(
+ code => 401,
+ testname => "401 - denied token",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# try to get an access token as a different consumer {{{
+get_authorized_token();
+$request_token = $token_obj;
+response_is(
+ code => 401,
+ testname => "401 - denied token",
+ consumer_secret => 'bar2',
+ oauth_consumer_key => 'foo2',
+ oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# get that same access token as the original consumer {{{
+$token_obj = $request_token;
+response_is(
+ code => 200,
+ testname => "200 - got token",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+);
+# }}}
+# same timestamp, different nonce {{{
+get_authorized_token();
+--$timestamp;
+response_is(
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ oauth_nonce => 'kjfh',
+);
+# }}}
+# different timestamp, same nonce {{{
+get_authorized_token();
+response_is(
+ code => 200,
+ testname => "200 - plaintext signature",
+ consumer_secret => 'bar',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'PLAINTEXT',
+ oauth_nonce => 'kjfh',
+);
+# }}}
+
More information about the Jifty-commit
mailing list