net.oauth.signature.GoogleCodeCompatibilityTests.java Source code

Java tutorial

Introduction

Here is the source code for net.oauth.signature.GoogleCodeCompatibilityTests.java

Source

/**
 * Copyright 2008 Web Cohesion
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 **/

package net.oauth.signature;

import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;

import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;

import net.oauth.OAuthMessage;
import net.oauth.server.OAuthServlet;

import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import org.springframework.security.oauth.common.OAuthCodec;
import org.springframework.security.oauth.common.signature.HMAC_SHA1SignatureMethod;
import org.springframework.security.oauth.provider.filter.CoreOAuthProviderSupport;

/**
 * @author Ryan Heaton
 * @author Dave Syer
 */
@RunWith(MockitoJUnitRunner.class)
public class GoogleCodeCompatibilityTests {
    @Mock
    private HttpServletRequest request;

    /**
     * tests compatibilty with the google code HMAC_SHA1 signature.
     */
    @Test
    public void testHMAC_SHA1_1() throws Exception {
        HMAC_SHA1 theirMethod = new HMAC_SHA1();
        String baseString = "GET&http%3A%2F%2Flocalhost%3A8080%2Fgrailscrowd%2Foauth%2Frequest_token&oauth_consumer_key%3Dtonrconsumerkey%26oauth_nonce%3D1227967049787975000%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1227967049%26oauth_version%3D1.0";
        theirMethod.setConsumerSecret("xxxxxx");
        theirMethod.setTokenSecret("");
        SecretKeySpec spec = new SecretKeySpec("xxxxxx&".getBytes("UTF-8"), HMAC_SHA1SignatureMethod.MAC_NAME);
        HMAC_SHA1SignatureMethod ourMethod = new HMAC_SHA1SignatureMethod(spec);
        String theirSignature = theirMethod.getSignature(baseString);
        String ourSignature = ourMethod.sign(baseString);
        assertEquals(theirSignature, ourSignature);
    }

    /**
     * tests compatibility of calculating the signature base string.
     */
    @Test
    public void testCalculateSignatureBaseString() throws Exception {
        final String baseUrl = "http://www.springframework.org/schema/security/";
        CoreOAuthProviderSupport support = new CoreOAuthProviderSupport() {
            @Override
            protected String getBaseUrl(HttpServletRequest request) {
                return baseUrl;
            }
        };

        Map<String, String[]> parameterMap = new HashMap<String, String[]>();
        parameterMap.put("a", new String[] { "value-a" });
        parameterMap.put("b", new String[] { "value-b" });
        parameterMap.put("c", new String[] { "value-c" });
        parameterMap.put("param[1]", new String[] { "aaa", "bbb" });

        when(request.getParameterNames()).thenReturn(Collections.enumeration(parameterMap.keySet()));
        for (Map.Entry<String, String[]> param : parameterMap.entrySet()) {
            when(request.getParameterValues(param.getKey())).thenReturn(param.getValue());
        }

        String header = "OAuth realm=\"http://sp.example.com/\","
                + "                oauth_consumer_key=\"0685bd9184jfhq22\","
                + "                oauth_token=\"ad180jjd733klru7\","
                + "                oauth_signature_method=\"HMAC-SHA1\","
                + "                oauth_signature=\"wOJIO9A2W5mFwDgiDvZbTSMK%2FPY%3D\","
                + "                oauth_timestamp=\"137131200\"," + "                oauth_callback=\""
                + OAuthCodec.oauthEncode("http://myhost.com/callback") + "\","
                + "                oauth_nonce=\"4572616e48616d6d65724c61686176\","
                + "                oauth_version=\"1.0\"";
        when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
        when(request.getMethod()).thenReturn("GET");
        String ours = support.getSignatureBaseString(request);

        when(request.getHeaders("Authorization")).thenReturn(Collections.enumeration(Arrays.asList(header)));
        when(request.getParameterMap()).thenReturn(parameterMap);
        when(request.getHeaderNames()).thenReturn(null);
        OAuthMessage message = OAuthServlet.getMessage(request, baseUrl);

        String theirs = OAuthSignatureMethod.getBaseString(message);
        assertEquals(theirs, ours);
    }

}