1
package oauth.signpost.basic;
3
import static org.junit.Assert.assertEquals;
4
import static org.junit.Assert.assertNotNull;
5
import static org.junit.Assert.assertTrue;
6
import static org.mockito.Matchers.anyObject;
7
import static org.mockito.Mockito.verify;
8
import static org.mockito.Mockito.when;
10
import java.io.ByteArrayInputStream;
11
import java.io.ByteArrayOutputStream;
12
import java.io.InputStream;
13
import java.io.ObjectInputStream;
14
import java.io.ObjectOutputStream;
15
import java.net.HttpURLConnection;
18
import oauth.signpost.OAuth;
19
import oauth.signpost.OAuthConsumer;
20
import oauth.signpost.SignpostTestBase;
21
import oauth.signpost.exception.OAuthExpectationFailedException;
22
import oauth.signpost.http.HttpRequest;
23
import oauth.signpost.signature.SignatureMethod;
25
import org.junit.Before;
26
import org.junit.Test;
27
import org.junit.runner.RunWith;
28
import org.mockito.Mock;
29
import org.mockito.MockitoAnnotations;
30
import org.mockito.runners.MockitoJUnit44Runner;
32
@RunWith(MockitoJUnit44Runner.class)
33
public class OAuthProviderTest extends SignpostTestBase {
35
DefaultOAuthProvider provider;
38
OAuthConsumer consumerMock;
41
HttpURLConnection connectionMock;
44
public void prepare() throws Exception {
46
MockitoAnnotations.initMocks(this);
49
when(consumerMock.getConsumerKey()).thenReturn(CONSUMER_KEY);
50
when(consumerMock.getConsumerSecret()).thenReturn(CONSUMER_SECRET);
51
when(consumerMock.getToken()).thenReturn(TOKEN);
52
when(consumerMock.getTokenSecret()).thenReturn(TOKEN_SECRET);
54
// init connection mock
55
String responseBody = OAuth.OAUTH_TOKEN + "=" + TOKEN + "&"
56
+ OAuth.OAUTH_TOKEN_SECRET + "=" + TOKEN_SECRET;
57
InputStream is = new ByteArrayInputStream(responseBody.getBytes());
58
when(connectionMock.getResponseCode()).thenReturn(200);
59
when(connectionMock.getInputStream()).thenReturn(is);
61
provider = new DefaultOAuthProvider(consumerMock,
62
REQUEST_TOKEN_ENDPOINT_URL, ACCESS_TOKEN_ENDPOINT_URL,
63
AUTHORIZE_WEBSITE_URL);
64
provider.setHttpUrlConnection(connectionMock);
67
@Test(expected = OAuthExpectationFailedException.class)
68
public void shouldThrowExpectationFailedIfConsumerKeyNotSet()
70
provider = new DefaultOAuthProvider(new DefaultOAuthConsumer(null,
71
CONSUMER_SECRET, SignatureMethod.HMAC_SHA1),
72
REQUEST_TOKEN_ENDPOINT_URL, ACCESS_TOKEN_ENDPOINT_URL,
73
AUTHORIZE_WEBSITE_URL);
74
provider.retrieveRequestToken(REQUEST_TOKEN_ENDPOINT_URL);
77
@Test(expected = OAuthExpectationFailedException.class)
78
public void shouldThrowExpectationFailedIfConsumerSecretNotSet()
80
provider = new DefaultOAuthProvider(new DefaultOAuthConsumer(
81
CONSUMER_KEY, null, SignatureMethod.HMAC_SHA1),
82
REQUEST_TOKEN_ENDPOINT_URL, ACCESS_TOKEN_ENDPOINT_URL,
83
AUTHORIZE_WEBSITE_URL);
84
provider.retrieveRequestToken(REQUEST_TOKEN_ENDPOINT_URL);
88
public void shouldRetrieveRequestTokenAndUpdateConsumer() throws Exception {
90
String callbackUrl = "http://www.example.com";
91
String result = provider.retrieveRequestToken(callbackUrl);
93
verify(consumerMock).sign((HttpRequest) anyObject());
94
verify(consumerMock).setTokenWithSecret(TOKEN, TOKEN_SECRET);
95
verify(connectionMock).disconnect();
97
assertEquals(AUTHORIZE_WEBSITE_URL + "?" + OAuth.OAUTH_TOKEN + "="
98
+ TOKEN + "&" + OAuth.OAUTH_CALLBACK + "="
99
+ "http%3A%2F%2Fwww.example.com", result);
103
public void shouldRespectCustomQueryParametersInAuthWebsiteUrl()
105
provider = new DefaultOAuthProvider(consumerMock,
106
REQUEST_TOKEN_ENDPOINT_URL, ACCESS_TOKEN_ENDPOINT_URL,
107
"http://provider.com/authorize?q=1");
108
provider.setHttpUrlConnection(connectionMock);
110
String callbackUrl = "http://www.example.com";
111
// the URL ctor checks for URL validity
112
URL url = new URL(provider.retrieveRequestToken(callbackUrl));
113
assertTrue(url.getQuery().startsWith("q=1&oauth_token="));
116
@Test(expected = OAuthExpectationFailedException.class)
117
public void shouldThrowWhenGettingAccessTokenAndRequestTokenNotSet()
119
when(consumerMock.getToken()).thenReturn(null);
120
provider.retrieveAccessToken(null);
123
@Test(expected = OAuthExpectationFailedException.class)
124
public void shouldThrowWhenGettingAccessTokenAndRequestTokenSecretNotSet()
126
when(consumerMock.getTokenSecret()).thenReturn(null);
127
provider.retrieveAccessToken(null);
131
public void shouldRetrieveAccessTokenAndUpdateConsumer() throws Exception {
133
provider.retrieveAccessToken(null);
135
verify(consumerMock).sign((HttpRequest) anyObject());
136
verify(consumerMock).setTokenWithSecret(TOKEN, TOKEN_SECRET);
137
verify(connectionMock).disconnect();
141
public void shouldMakeSpecialResponseParametersAvailableToConsumer()
144
assertTrue(provider.getResponseParameters().isEmpty());
146
String responseBody = OAuth.OAUTH_TOKEN + "=" + TOKEN + "&"
147
+ OAuth.OAUTH_TOKEN_SECRET + "=" + TOKEN_SECRET + "&a=1";
148
InputStream is = new ByteArrayInputStream(responseBody.getBytes());
149
when(connectionMock.getInputStream()).thenReturn(is);
151
provider.retrieveRequestToken(null);
153
assertEquals(1, provider.getResponseParameters().size());
154
assertTrue(provider.getResponseParameters().containsKey("a"));
155
assertEquals("1", provider.getResponseParameters().get("a"));
157
responseBody = OAuth.OAUTH_TOKEN + "=" + TOKEN + "&"
158
+ OAuth.OAUTH_TOKEN_SECRET + "=" + TOKEN_SECRET + "&b=2&c=3";
159
is = new ByteArrayInputStream(responseBody.getBytes());
160
when(connectionMock.getInputStream()).thenReturn(is);
162
provider.setHttpUrlConnection(connectionMock);
163
provider.retrieveAccessToken(null);
165
assertEquals(2, provider.getResponseParameters().size());
166
assertTrue(provider.getResponseParameters().containsKey("b"));
167
assertTrue(provider.getResponseParameters().containsKey("c"));
168
assertEquals("2", provider.getResponseParameters().get("b"));
169
assertEquals("3", provider.getResponseParameters().get("c"));
173
public void shouldBeSerializable() throws Exception {
174
// prepare a provider that has response params set
175
DefaultOAuthProvider provider = new DefaultOAuthProvider(consumerMock,
176
REQUEST_TOKEN_ENDPOINT_URL, ACCESS_TOKEN_ENDPOINT_URL,
177
AUTHORIZE_WEBSITE_URL);
178
String responseBody = OAuth.OAUTH_TOKEN + "=" + TOKEN + "&"
179
+ OAuth.OAUTH_TOKEN_SECRET + "=" + TOKEN_SECRET + "&a=1";
180
InputStream is = new ByteArrayInputStream(responseBody.getBytes());
181
when(connectionMock.getInputStream()).thenReturn(is);
182
provider.setHttpUrlConnection(connectionMock);
183
provider.retrieveRequestToken(null);
185
// the mock consumer isn't serializable, thus set a normal one
186
OAuthConsumer consumer = new DefaultOAuthConsumer(CONSUMER_KEY,
187
CONSUMER_SECRET, SignatureMethod.HMAC_SHA1);
188
consumer.setTokenWithSecret(TOKEN, TOKEN_SECRET);
189
provider.setConsumer(consumer);
190
provider.setOAuth10a(true);
192
ByteArrayOutputStream baos = new ByteArrayOutputStream();
193
ObjectOutputStream ostream = new ObjectOutputStream(baos);
194
ostream.writeObject(provider);
196
ObjectInputStream istream = new ObjectInputStream(
197
new ByteArrayInputStream(baos.toByteArray()));
198
provider = (DefaultOAuthProvider) istream.readObject();
200
assertEquals(REQUEST_TOKEN_ENDPOINT_URL,
201
provider.getRequestTokenEndpointUrl());
202
assertEquals(ACCESS_TOKEN_ENDPOINT_URL,
203
provider.getAccessTokenEndpointUrl());
204
assertEquals(AUTHORIZE_WEBSITE_URL,
205
provider.getAuthorizationWebsiteUrl());
206
assertEquals(true, provider.isOAuth10a());
207
assertNotNull(provider.getConsumer());
208
assertNotNull(provider.getResponseParameters());
209
assertEquals("1", provider.getResponseParameters().get("a"));