[Jifty-commit] r4970 - in jifty/trunk: . lib/Jifty/Plugin/OAuth t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth

Jifty commits jifty-commit at lists.jifty.org
Fri Feb 1 10:15:02 EST 2008


Author: sartak
Date: Fri Feb  1 10:14:54 2008
New Revision: 4970

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
   jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
   jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t

Log:
 r51313 at onn:  sartak | 2008-02-01 10:12:39 -0500
 OAuth: Support for Authorization header


Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Dispatcher.pm	Fri Feb  1 10:14:54 2008
@@ -8,6 +8,7 @@
 use Net::OAuth::AccessTokenRequest;
 use Net::OAuth::ProtectedResourceRequest;
 use Crypt::OpenSSL::RSA;
+use URI::Escape 'uri_unescape';
 
 on     POST '/oauth/request_token' => \&request_token;
 before GET  '/oauth/authorize'     => \&authorize;
@@ -344,11 +345,16 @@
 
 sub get_parameters {
     my %p;
+    my %params = Jifty->handler->apache->params();
 
-    # XXX: Check Authorization header
-    # XXX: Check WWW-Authenticate header
+    # Check Authorization header
+    my $authz = Jifty->handler->apache->header_in("Authorization");
+    if ($authz && $authz =~ s/^\s*OAuth\s*//i) {
+        while ($authz =~ m{\s*([%a-zA-Z0-9._~-]+)="([%a-zA-Z0-9._~-]*)"\s*}g) {
+            $params{uri_unescape($1)} = uri_unescape($2);
+        }
+    }
 
-    my %params = Jifty->handler->apache->params();
     for (@_) {
         $p{$_} = delete $params{"oauth_$_"}
             if !defined $p{$_};

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/lib/TestApp/Plugin/OAuth/Test.pm	Fri Feb  1 10:14:54 2008
@@ -49,6 +49,7 @@
         testname               => "",
         method                 => 'POST',
         token_secret           => '',
+        params_in              => 'method',
         @_,
     );
 
@@ -62,6 +63,7 @@
     my $code            = delete $params{code};
     my $testname        = delete $params{testname} || "Response was $code";
     my $method          = delete $params{method};
+    my $params_in       = delete $params{params_in};
     my $token_secret    = delete $params{token_secret};
     my $consumer_secret = delete $params{consumer_secret}
         or die "consumer_secret not passed to response_is!";
@@ -75,16 +77,23 @@
 
     my $r;
 
+    if ($params_in eq 'authz') {
+        $cmech->default_header("Authorization" => authz(%params));
+    }
+
     if ($method eq 'POST') {
-        $r = $cmech->post($url, [%params]);
+        $r = $cmech->post($url, $params_in eq 'method' ? [%params] : ());
     }
     else {
         my $query = join '&',
                     map { "$_=" . Jifty->web->escape_uri($params{$_}||'') }
                     keys %params;
-        $r = $cmech->get("$url?$query");
+        my $params = $params_in eq 'method' ? "?$query" : '';
+        $r = $cmech->get("$url$params");
     }
 
+    $cmech->default_headers->remove_header("Authorization");
+
     local $Test::Builder::Level = $Test::Builder::Level + 1;
     main::is($r->code, $code, $testname);
 
@@ -102,6 +111,16 @@
     return $cmech->content;
 }
 
+# creates an Authorization header
+sub authz {
+    my %params = @_;
+
+    return "OAuth "
+         . join ', ',
+             map { $_ . q{="} . Jifty->web->escape_uri($params{$_}) . q{"} }
+                keys %params;
+}
+
 sub sign {
     my ($method, $token_secret, $consumer_secret, %params) = @_;
 

Modified: jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t
==============================================================================
--- jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t	(original)
+++ jifty/trunk/t/TestApp-Plugin-OAuth/t/02-request-token.t	Fri Feb  1 10:14:54 2008
@@ -5,7 +5,7 @@
 use Test::More;
 BEGIN {
     if (eval { require Net::OAuth::Request; require Crypt::OpenSSL::RSA; 1 }) {
-        plan tests => 58;
+        plan tests => 61;
     }
     else {
         plan skip_all => "Net::OAuth isn't installed";
@@ -69,6 +69,16 @@
     oauth_signature_method => 'RSA-SHA1',
 );
 # }}}
+# get a request token using authorization header {{{
+response_is(
+    code                   => 200,
+    testname               => "200 - Authorization header",
+    consumer_secret        => 'bar',
+    params_in              => 'authz',
+    oauth_consumer_key     => 'foo',
+    oauth_signature_method => 'HMAC-SHA1',
+);
+# }}}
 # same timestamp, different nonce {{{
 --$timestamp;
 response_is(


More information about the Jifty-commit mailing list