[Jifty-commit] r4970 - in jifty/trunk: . lib/Jifty/Plugin/OAuth t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth
Jifty commits
jifty-commit at lists.jifty.org
Fri Feb 1 10:15:02 EST 2008
Author: sartak
Date: Fri Feb 1 10:14:54 2008
New Revision: 4970
Modified:
jifty/trunk/ (props changed)
jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t
Log:
r51313 at onn: sartak | 2008-02-01 10:12:39 -0500
OAuth: Support for Authorization header
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm Fri Feb 1 10:14:54 2008
@@ -8,6 +8,7 @@
use Net::OAuth::AccessTokenRequest;
use Net::OAuth::ProtectedResourceRequest;
use Crypt::OpenSSL::RSA;
+use URI::Escape 'uri_unescape';
on POST '/oauth/request_token' => \&request_token;
before GET '/oauth/authorize' => \&authorize;
@@ -344,11 +345,16 @@
sub get_parameters {
my %p;
+ my %params = Jifty->handler->apache->params();
- # XXX: Check Authorization header
- # XXX: Check WWW-Authenticate header
+ # Check Authorization header
+ my $authz = Jifty->handler->apache->header_in("Authorization");
+ if ($authz && $authz =~ s/^\s*OAuth\s*//i) {
+ while ($authz =~ m{\s*([%a-zA-Z0-9._~-]+)="([%a-zA-Z0-9._~-]*)"\s*}g) {
+ $params{uri_unescape($1)} = uri_unescape($2);
+ }
+ }
- my %params = Jifty->handler->apache->params();
for (@_) {
$p{$_} = delete $params{"oauth_$_"}
if !defined $p{$_};
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm Fri Feb 1 10:14:54 2008
@@ -49,6 +49,7 @@
testname => "",
method => 'POST',
token_secret => '',
+ params_in => 'method',
@_,
);
@@ -62,6 +63,7 @@
my $code = delete $params{code};
my $testname = delete $params{testname} || "Response was $code";
my $method = delete $params{method};
+ my $params_in = delete $params{params_in};
my $token_secret = delete $params{token_secret};
my $consumer_secret = delete $params{consumer_secret}
or die "consumer_secret not passed to response_is!";
@@ -75,16 +77,23 @@
my $r;
+ if ($params_in eq 'authz') {
+ $cmech->default_header("Authorization" => authz(%params));
+ }
+
if ($method eq 'POST') {
- $r = $cmech->post($url, [%params]);
+ $r = $cmech->post($url, $params_in eq 'method' ? [%params] : ());
}
else {
my $query = join '&',
map { "$_=" . Jifty->web->escape_uri($params{$_}||'') }
keys %params;
- $r = $cmech->get("$url?$query");
+ my $params = $params_in eq 'method' ? "?$query" : '';
+ $r = $cmech->get("$url$params");
}
+ $cmech->default_headers->remove_header("Authorization");
+
local $Test::Builder::Level = $Test::Builder::Level + 1;
main::is($r->code, $code, $testname);
@@ -102,6 +111,16 @@
return $cmech->content;
}
+# creates an Authorization header
+sub authz {
+ my %params = @_;
+
+ return "OAuth "
+ . join ', ',
+ map { $_ . q{="} . Jifty->web->escape_uri($params{$_}) . q{"} }
+ keys %params;
+}
+
sub sign {
my ($method, $token_secret, $consumer_secret, %params) = @_;
Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t (original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t Fri Feb 1 10:14:54 2008
@@ -5,7 +5,7 @@
use Test::More;
BEGIN {
if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
- plan tests => 58;
+ plan tests => 61;
}
else {
plan skip_all => "Net::OAuth isn't installed";
@@ -69,6 +69,16 @@
oauth_signature_method => 'RSA-SHA1',
);
# }}}
+# get a request token using authorization header {{{
+response_is(
+ code => 200,
+ testname => "200 - Authorization header",
+ consumer_secret => 'bar',
+ params_in => 'authz',
+ oauth_consumer_key => 'foo',
+ oauth_signature_method => 'HMAC-SHA1',
+);
+# }}}
# same timestamp, different nonce {{{
--$timestamp;
response_is(
More information about the Jifty-commit
mailing list