diff options
author | Jesus Fernandez <jesus.fernandez@qt.io> | 2017-08-14 16:14:52 +0200 |
---|---|---|
committer | Jesus Fernandez <Jesus.Fernandez@qt.io> | 2017-09-08 07:37:42 +0000 |
commit | 4e681472f6e25153745151f2b41a8ebf4bc94f54 (patch) | |
tree | 26b6a15d40cb8e237bcc666d160d9a0ce0c68d54 | |
parent | 461a29be564271ef3a6ca1728f5e48ec2d25c08d (diff) |
Rewrite tst_OAuth1::getTokenv5.10.0-alpha1
Rewrite the test using a local HTTP server instead of external OAuth1
tests servers.
Change-Id: I1cc1ca04b9b2253e7eea0c60bf90ecae3c98663e
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
-rw-r--r-- | tests/auto/oauth1/BLACKLIST | 15 | ||||
-rw-r--r-- | tests/auto/oauth1/oauth1.pro | 2 | ||||
-rw-r--r-- | tests/auto/oauth1/tst_oauth1.cpp | 230 | ||||
-rw-r--r-- | tests/auto/shared/webserver.h | 1 |
4 files changed, 134 insertions, 114 deletions
diff --git a/tests/auto/oauth1/BLACKLIST b/tests/auto/oauth1/BLACKLIST index 46bb8a1..44de921 100644 --- a/tests/auto/oauth1/BLACKLIST +++ b/tests/auto/oauth1/BLACKLIST @@ -1,5 +1,16 @@ -[getToken] -* +# POST requests to localhost are broken on Windows (QTBUG-62844) +[getToken:temporary_post_plainText] +windows + +[getToken:temporary_post_hmacSha1] +windows + +[getToken:token_post_plainText] +windows + +[getToken:token_post_hmacSha1] +windows + [grant] * [authenticatedCalls] diff --git a/tests/auto/oauth1/oauth1.pro b/tests/auto/oauth1/oauth1.pro index c1da82d..8ca38d3 100644 --- a/tests/auto/oauth1/oauth1.pro +++ b/tests/auto/oauth1/oauth1.pro @@ -3,4 +3,6 @@ CONFIG += testcase TARGET = tst_oauth1 SOURCES += tst_oauth1.cpp +include(../shared/shared.pri) + QT = core core-private network networkauth networkauth-private testlib diff --git a/tests/auto/oauth1/tst_oauth1.cpp b/tests/auto/oauth1/tst_oauth1.cpp index 80bada0..a54f051 100644 --- a/tests/auto/oauth1/tst_oauth1.cpp +++ b/tests/auto/oauth1/tst_oauth1.cpp @@ -32,9 +32,12 @@ #include <QHostInfo> #include <QtNetworkAuth/qoauth1.h> +#include <QtNetworkAuth/qoauth1signature.h> #include <private/qoauth1_p.h> +#include "webserver.h" + Q_DECLARE_METATYPE(QNetworkAccessManager::Operation) Q_DECLARE_METATYPE(QAbstractOAuth::Error) @@ -118,6 +121,23 @@ public: } }; + QVariantMap parseAuthorizationString(const QString &string) + { + const QString prefix = QStringLiteral("OAuth "); + QVariantMap ret; + Q_ASSERT(string.startsWith(prefix)); + QRegularExpression rx("(?<key>.[^=]*)=\"(?<value>.[^\"]*)\",?"); + auto globalMatch = rx.globalMatch(string, prefix.size()); + while (globalMatch.hasNext()) { + const auto match = globalMatch.next(); + auto key = match.captured("key"); + QString value = match.captured("value"); + value = QString::fromUtf8(QByteArray::fromPercentEncoding(value.toUtf8())); + ret.insert(key, value); + } + return ret; + } + public Q_SLOTS: void finished(); void gotError(); @@ -302,118 +322,65 @@ void tst_OAuth1::getToken_data() QTest::addColumn<StringPair>("clientCredentials"); QTest::addColumn<StringPair>("token"); QTest::addColumn<StringPair>("expectedToken"); - QTest::addColumn<QUrl>("url"); - QTest::addColumn<QNetworkAccessManager::Operation>("requestType"); QTest::addColumn<QOAuth1::SignatureMethod>("signatureMethod"); - - // term.ie + QTest::addColumn<QNetworkAccessManager::Operation>("requestType"); const StringPair emptyCredentials; - if (hostReachable(QLatin1String("term.ie"))) { - QTest::newRow("term.ie_request_get") << qMakePair(QStringLiteral("key"), - QStringLiteral("secret")) - << emptyCredentials - << qMakePair(QStringLiteral("requestkey"), - QStringLiteral("requestsecret")) - << QUrl("http://term.ie/oauth/example/request_token.php") - << QNetworkAccessManager::GetOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - - QTest::newRow("term.ie_request_post") << qMakePair(QStringLiteral("key"), - QStringLiteral("secret")) - << emptyCredentials - << qMakePair(QStringLiteral("requestkey"), - QStringLiteral("requestsecret")) - << QUrl("http://term.ie/oauth/example/request_token.php") - << QNetworkAccessManager::PostOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - - QTest::newRow("term.ie_access_get") << qMakePair(QStringLiteral("key"), - QStringLiteral("secret")) - << qMakePair(QStringLiteral("requestkey"), - QStringLiteral("requestsecret")) - << qMakePair(QStringLiteral("accesskey"), - QStringLiteral("accesssecret")) - << QUrl("http://term.ie/oauth/example/access_token.php") - << QNetworkAccessManager::GetOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - - QTest::newRow("term.ie_access_post") << qMakePair(QStringLiteral("key"), - QStringLiteral("secret")) - << qMakePair(QStringLiteral("requestkey"), - QStringLiteral("requestsecret")) - << qMakePair(QStringLiteral("accesskey"), - QStringLiteral("accesssecret")) - << QUrl("http://term.ie/oauth/example/access_token.php") - << QNetworkAccessManager::PostOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - } - // oauthbin.com - if (hostReachable(QLatin1String("oauthbin.com"))) { - QTest::newRow("oauthbin.com_request_get_Hmac_Sha1") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << emptyCredentials - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << QUrl("http://oauthbin.com/v1/request-token") - << QNetworkAccessManager::GetOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - - QTest::newRow("oauthbin.com_request_get_PlainText") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << emptyCredentials - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << QUrl("http://oauthbin.com/v1/request-token") - << QNetworkAccessManager::GetOperation - << QOAuth1::SignatureMethod::PlainText; - - QTest::newRow("oauthbin.com_request_post_Hmac_Sha1") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << emptyCredentials - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << QUrl("http://oauthbin.com/v1/request-token") - << QNetworkAccessManager::PostOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - - QTest::newRow("oauthbin.com_request_post_PlainText") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << emptyCredentials - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << QUrl("http://oauthbin.com/v1/request-token") - << QNetworkAccessManager::PostOperation - << QOAuth1::SignatureMethod::PlainText; - - QTest::newRow("oauthbin.com_access_get_Hmac_Sha1") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) - << QUrl("http://oauthbin.com/v1/access-token") - << QNetworkAccessManager::GetOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - - QTest::newRow("oauthbin.com_access_get_PlainText") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) - << QUrl("http://oauthbin.com/v1/access-token") - << QNetworkAccessManager::GetOperation - << QOAuth1::SignatureMethod::PlainText; - - QTest::newRow("oauthbin.com_access_post_Hmac_Sha1") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) - << QUrl("http://oauthbin.com/v1/access-token") - << QNetworkAccessManager::PostOperation - << QOAuth1::SignatureMethod::Hmac_Sha1; - - QTest::newRow("oauthbin.com_access_post_PlainText") - << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) - << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) - << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) - << QUrl("http://oauthbin.com/v1/access-token") - << QNetworkAccessManager::PostOperation - << QOAuth1::SignatureMethod::PlainText; - } + QTest::newRow("temporary_get_plainText") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << emptyCredentials + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << QOAuth1::SignatureMethod::PlainText + << QNetworkAccessManager::GetOperation; + + QTest::newRow("temporary_get_hmacSha1") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << emptyCredentials + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << QOAuth1::SignatureMethod::Hmac_Sha1 + << QNetworkAccessManager::GetOperation; + + QTest::newRow("temporary_post_plainText") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << emptyCredentials + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << QOAuth1::SignatureMethod::PlainText + << QNetworkAccessManager::PostOperation; + + QTest::newRow("temporary_post_hmacSha1") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << emptyCredentials + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << QOAuth1::SignatureMethod::Hmac_Sha1 + << QNetworkAccessManager::PostOperation; + + QTest::newRow("token_get_plainText") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) + << QOAuth1::SignatureMethod::PlainText + << QNetworkAccessManager::GetOperation; + + QTest::newRow("token_get_hmacSha1") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) + << QOAuth1::SignatureMethod::Hmac_Sha1 + << QNetworkAccessManager::GetOperation; + + QTest::newRow("token_post_plainText") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) + << QOAuth1::SignatureMethod::PlainText + << QNetworkAccessManager::PostOperation; + + QTest::newRow("token_post_hmacSha1") + << qMakePair(QStringLiteral("key"), QStringLiteral("secret")) + << qMakePair(QStringLiteral("requestkey"), QStringLiteral("requestsecret")) + << qMakePair(QStringLiteral("accesskey"), QStringLiteral("accesssecret")) + << QOAuth1::SignatureMethod::Hmac_Sha1 + << QNetworkAccessManager::PostOperation; } void tst_OAuth1::getToken() @@ -421,19 +388,33 @@ void tst_OAuth1::getToken() QFETCH(StringPair, clientCredentials); QFETCH(StringPair, token); QFETCH(StringPair, expectedToken); - QFETCH(QUrl, url); - QFETCH(QNetworkAccessManager::Operation, requestType); QFETCH(QOAuth1::SignatureMethod, signatureMethod); + QFETCH(QNetworkAccessManager::Operation, requestType); StringPair tokenReceived; QNetworkAccessManager networkAccessManager; QNetworkReplyPtr reply; + QVariantMap oauthHeaders; + + WebServer webServer([&](const WebServer::HttpRequest &request, QTcpSocket *socket) { + oauthHeaders = parseAuthorizationString(request.headers["Authorization"]); + const QString format = "oauth_token=%1&oauth_token_secret=%2"; + const QByteArray text = format.arg(expectedToken.first, expectedToken.second).toUtf8(); + const QByteArray replyMessage { + "HTTP/1.0 200 OK\r\n" + "Content-Type: application/x-www-form-urlencoded; charset=\"utf-8\"\r\n" + "Content-Length: " + QByteArray::number(text.size()) + "\r\n\r\n" + + text + }; + socket->write(replyMessage); + }); struct OAuth1 : QOAuth1 { OAuth1(QNetworkAccessManager *manager) : QOAuth1(manager) {} using QOAuth1::requestTokenCredentials; } o1(&networkAccessManager); + const auto url = webServer.url(QStringLiteral("token")); o1.setSignatureMethod(signatureMethod); o1.setClientCredentials(clientCredentials.first, clientCredentials.second); @@ -449,7 +430,32 @@ void tst_OAuth1::getToken() tokenReceived.second = tokenSecret; }); QVERIFY(waitForFinish(reply) == Success); - QVERIFY(!tokenReceived.first.isEmpty() && !tokenReceived.second.isEmpty()); + QCOMPARE(tokenReceived, expectedToken); + QCOMPARE(oauthHeaders["oauth_callback"], "oob"); + QCOMPARE(oauthHeaders["oauth_consumer_key"], clientCredentials.first); + QCOMPARE(oauthHeaders["oauth_version"], "1.0"); + QString expectedSignature; + { + QVariantMap modifiedHeaders = oauthHeaders.unite(parameters); + modifiedHeaders.remove("oauth_signature"); + QOAuth1Signature signature(url, + clientCredentials.second, + token.second, + static_cast<QOAuth1Signature::HttpRequestMethod>(requestType), + modifiedHeaders); + switch (signatureMethod) { + case QOAuth1::SignatureMethod::PlainText: + expectedSignature = signature.plainText(); + break; + case QOAuth1::SignatureMethod::Hmac_Sha1: + expectedSignature = signature.hmacSha1().toBase64(); + break; + case QOAuth1::SignatureMethod::Rsa_Sha1: + expectedSignature = signature.rsaSha1(); + break; + } + } + QCOMPARE(oauthHeaders["oauth_signature"], expectedSignature); } void tst_OAuth1::grant_data() diff --git a/tests/auto/shared/webserver.h b/tests/auto/shared/webserver.h index 69ee39f..458c24a 100644 --- a/tests/auto/shared/webserver.h +++ b/tests/auto/shared/webserver.h @@ -31,6 +31,7 @@ #define WEBSERVER_H #include <functional> +#include <cctype> #include <QtNetwork/qtcpserver.h> class WebServer : public QTcpServer |