Package net.oauth.signature

Source Code of net.oauth.signature.GoogleCodeCompatibilityTests

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
/**
* Copyright 2008 Web Cohesion
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*   http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/

package net.oauth.signature;

import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;

import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;

import net.oauth.OAuthMessage;
import net.oauth.server.OAuthServlet;

import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import org.springframework.security.oauth.common.OAuthCodec;
import org.springframework.security.oauth.common.signature.HMAC_SHA1SignatureMethod;
import org.springframework.security.oauth.provider.filter.CoreOAuthProviderSupport;

/**
* @author Ryan Heaton
* @author Dave Syer
*/
@RunWith(MockitoJUnitRunner.class)
public class GoogleCodeCompatibilityTests {
  @Mock
  private HttpServletRequest request;

  /**
   * tests compatibilty with the google code HMAC_SHA1 signature.
   */
  @Test
  public void testHMAC_SHA1_1() throws Exception {
    HMAC_SHA1 theirMethod = new HMAC_SHA1();
    String baseString = "GET&http%3A%2F%2Flocalhost%3A8080%2Fgrailscrowd%2Foauth%2Frequest_token&oauth_consumer_key%3Dtonrconsumerkey%26oauth_nonce%3D1227967049787975000%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1227967049%26oauth_version%3D1.0";
    theirMethod.setConsumerSecret("xxxxxx");
    theirMethod.setTokenSecret("");
    SecretKeySpec spec = new SecretKeySpec("xxxxxx&".getBytes("UTF-8"), HMAC_SHA1SignatureMethod.MAC_NAME);
    HMAC_SHA1SignatureMethod ourMethod = new HMAC_SHA1SignatureMethod(spec);
    String theirSignature = theirMethod.getSignature(baseString);
    String ourSignature = ourMethod.sign(baseString);
    assertEquals(theirSignature, ourSignature);
  }

  /**
   * tests compatibility of calculating the signature base string.
   */
  @Test
  public void testCalculateSignatureBaseString() throws Exception {
    final String baseUrl = "http://www.springframework.org/schema/security/";
    CoreOAuthProviderSupport support = new CoreOAuthProviderSupport() {
      @Override
      protected String getBaseUrl(HttpServletRequest request) {
        return baseUrl;
      }
    };

    Map<String, String[]> parameterMap = new HashMap<String, String[]>();
    parameterMap.put("a", new String[] { "value-a" });
    parameterMap.put("b", new String[] { "value-b" });
    parameterMap.put("c", new String[] { "value-c" });
    parameterMap.put("param[1]", new String[] { "aaa", "bbb" });

    when(request.getParameterNames()).thenReturn(Collections.enumeration(parameterMap.keySet()));
    for (Map.Entry<String, String[]> param : parameterMap.entrySet()) {
      when(request.getParameterValues(param.getKey())).thenReturn(param.getValue());
    }

    String header = "OAuth realm=\"http://sp.example.com/\","
        + "                oauth_consumer_key=\"0685bd9184jfhq22\","
        + "                oauth_token=\"ad180jjd733klru7\","
        + "                oauth_signature_method=\"HMAC-SHA1\","
        + "                oauth_signature=\"wOJIO9A2W5mFwDgiDvZbTSMK%2FPY%3D\","
        + "                oauth_timestamp=\"137131200\"," + "                oauth_callback=\""
        + OAuthCodec.oauthEncode("http://myhost.com/callback") + "\","
        + "                oauth_nonce=\"4572616e48616d6d65724c61686176\","
        + "                oauth_version=\"1.0\"";
    when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
    when(request.getMethod()).thenReturn("GET");
    String ours = support.getSignatureBaseString(request);

    when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
    when(request.getParameterMap()).thenReturn(parameterMap);
    when(request.getHeaderNames()).thenReturn(null);
    OAuthMessage message = OAuthServlet.getMessage(request, baseUrl);

    String theirs = OAuthSignatureMethod.getBaseString(message);
    assertEquals(theirs, ours);
  }

}
TOP

Related Classes of net.oauth.signature.GoogleCodeCompatibilityTests

  • net.oauth.OAuthMessage
  • org.springframework.security.oauth.common.signature.HMAC_SHA1SignatureMethod
  • org.springframework.security.oauth.provider.filter.CoreOAuthProviderSupport
  • javax.crypto.spec.SecretKeySpec
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.