summaryrefslogtreecommitdiffstats
path: root/tests/auto/oauth1/tst_oauth1.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'tests/auto/oauth1/tst_oauth1.cpp')
-rw-r--r--tests/auto/oauth1/tst_oauth1.cpp269
1 files changed, 269 insertions, 0 deletions
diff --git a/tests/auto/oauth1/tst_oauth1.cpp b/tests/auto/oauth1/tst_oauth1.cpp
index dbc793c..eb13420 100644
--- a/tests/auto/oauth1/tst_oauth1.cpp
+++ b/tests/auto/oauth1/tst_oauth1.cpp
@@ -155,15 +155,29 @@ private Q_SLOTS:
void getToken_data();
void getToken();
+ void prepareRequestSignature_data();
+ void prepareRequestSignature();
+
void grant_data();
void grant();
void authenticatedCalls_data();
void authenticatedCalls();
+ void prepareRequestCalls_data();
+ void prepareRequestCalls();
+
void secondTemporaryToken();
};
+const auto oauthVersion = QStringLiteral("oauth_version");
+const auto oauthConsumerKey = QStringLiteral("oauth_consumer_key");
+const auto oauthNonce = QStringLiteral("oauth_nonce");
+const auto oauthSignatureMethod = QStringLiteral("oauth_signature_method");
+const auto oauthTimestamp = QStringLiteral("oauth_timestamp");
+const auto oauthToken = QStringLiteral("oauth_token");
+const auto oauthSignature = QStringLiteral("oauth_signature");
+
bool hostReachable(const QLatin1String &host)
{
// check host exists
@@ -476,6 +490,118 @@ void tst_OAuth1::getToken()
QCOMPARE(oauthHeaders["oauth_signature"], expectedSignature);
}
+void tst_OAuth1::prepareRequestSignature_data()
+{
+ QTest::addColumn<QString>("consumerKey");
+ QTest::addColumn<QString>("consumerSecret");
+ QTest::addColumn<QString>("accessKey");
+ QTest::addColumn<QString>("accessKeySecret");
+ QTest::addColumn<QNetworkRequest>("request");
+ QTest::addColumn<QByteArray>("operation");
+ QTest::addColumn<QByteArray>("body");
+ QTest::addColumn<QVariantMap>("extraParams");
+
+ QTest::newRow("get_simple")
+ << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QNetworkRequest(QUrl("http://term.ie/oauth/example/echo_api.php"))
+ << QByteArray("GET")
+ << QByteArray()
+ << QVariantMap();
+
+ QTest::newRow("get_params")
+ << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QNetworkRequest(QUrl("http://term.ie/oauth/example/echo_api.php?"
+ "first=first&second=second"))
+ << QByteArray("GET")
+ << QByteArray()
+ << QVariantMap();
+
+ QNetworkRequest postRequest(QUrl("http://term.ie/oauth/example/echo_api.php"));
+ postRequest.setHeader(QNetworkRequest::ContentTypeHeader,
+ QByteArray("application/x-www-form-urlencoded"));
+ QTest::newRow("post_params")
+ << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << postRequest
+ << QByteArray("POST")
+ << QByteArray("first=first&second=second")
+ << QVariantMap({
+ {"first", "first"},
+ {"second", "second"}
+ });
+
+ QTest::newRow("patch_param")
+ << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QNetworkRequest(QUrl("http://term.ie/oauth/example/echo_api.php?"
+ "first=first&second=second"))
+ << QByteArray("PATCH")
+ << QByteArray()
+ << QVariantMap();
+}
+
+void tst_OAuth1::prepareRequestSignature()
+{
+ QFETCH(QString, consumerKey);
+ QFETCH(QString, consumerSecret);
+ QFETCH(QString, accessKey);
+ QFETCH(QString, accessKeySecret);
+ QFETCH(QNetworkRequest, request);
+ QFETCH(QByteArray, operation);
+ QFETCH(QByteArray, body);
+ QFETCH(QVariantMap, extraParams);
+
+ QOAuth1 o1;
+ o1.setClientCredentials(consumerKey, consumerSecret);
+ o1.setTokenCredentials(accessKey, accessKeySecret);
+
+ o1.prepareRequest(&request, operation, body);
+
+ // extract oauth parameters from the headers
+ QVariantMap authArgs;
+ const auto authHeader = request.rawHeader("Authorization");
+ QCOMPARE(authHeader.mid(0, 6), "OAuth ");
+ const auto values = authHeader.mid(6).split(',');
+ for (const auto &pair : values) {
+ const auto argPair = pair.split('=');
+ QCOMPARE(argPair.size(), 2);
+ QCOMPARE(argPair[1].front(), '\"');
+ QCOMPARE(argPair[1].back(), '\"');
+ authArgs.insert(argPair[0], argPair[1].mid(1, argPair[1].size() - 2));
+ }
+
+ //compare known parameters
+ QCOMPARE(authArgs.value(oauthConsumerKey).toByteArray(), consumerKey);
+ QCOMPARE(authArgs.value(oauthToken).toByteArray(), accessKey);
+ QCOMPARE(authArgs.value(oauthSignatureMethod).toByteArray(), QByteArray("HMAC-SHA1"));
+ QCOMPARE(authArgs.value(oauthVersion).toByteArray(), QByteArray("1.0"));
+ QVERIFY(authArgs.contains(oauthNonce));
+ QVERIFY(authArgs.contains(oauthTimestamp));
+ QVERIFY(authArgs.contains(oauthSignature));
+
+ // verify the signature
+ const auto sigString = QUrl::fromPercentEncoding(authArgs.take(oauthSignature)
+ .toByteArray()).toUtf8();
+ QOAuth1Signature signature(request.url(),
+ consumerSecret,
+ accessKeySecret,
+ QOAuth1Signature::HttpRequestMethod::Custom,
+ authArgs.unite(extraParams));
+ signature.setCustomMethodString(operation);
+ const auto signatureData = signature.hmacSha1();
+ QCOMPARE(signatureData.toBase64(), sigString);
+}
+
void tst_OAuth1::grant_data()
{
QTest::addColumn<QString>("consumerKey");
@@ -713,6 +839,149 @@ void tst_OAuth1::authenticatedCalls()
reply.clear();
}
+void tst_OAuth1::prepareRequestCalls_data()
+{
+ QTest::addColumn<QString>("consumerKey");
+ QTest::addColumn<QString>("consumerSecret");
+ QTest::addColumn<QString>("accessKey");
+ QTest::addColumn<QString>("accessKeySecret");
+ QTest::addColumn<QUrl>("url");
+ QTest::addColumn<QVariantMap>("parameters");
+ QTest::addColumn<QByteArray>("operation");
+
+ const QVariantMap parameters { { QStringLiteral("first"), QStringLiteral("first") },
+ { QStringLiteral("second"), QStringLiteral("second") },
+ { QStringLiteral("third"), QStringLiteral("third") },
+ { QStringLiteral("c2&a3"), QStringLiteral("2=%$&@q") }
+ };
+
+ if (hostReachable(QLatin1String("term.ie"))) {
+ QTest::newRow("term.ie_get") << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QUrl("http://term.ie/oauth/example/echo_api.php")
+ << parameters
+ << QByteArray("GET");
+ QTest::newRow("term.ie_post") << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QUrl("http://term.ie/oauth/example/echo_api.php")
+ << parameters
+ << QByteArray("POST");
+ QTest::newRow("term.ie_percent_encoded_query")
+ << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QUrl("http://term.ie/oauth/example/echo_api.php?key=%40value+1%2B2=3")
+ << parameters
+ << QByteArray("GET");
+ }
+ if (hostReachable(QLatin1String("oauthbin.com"))) {
+ QTest::newRow("oauthbin.com_get") << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QUrl("http://oauthbin.com/v1/echo")
+ << parameters
+ << QByteArray("GET");
+ QTest::newRow("oauthbin.com_post") << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QUrl("http://oauthbin.com/v1/echo")
+ << parameters
+ << QByteArray("POST");
+ QTest::newRow("oauthbin.com_percent_encoded_query")
+ << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QUrl("http://oauthbin.com/v1/echo?key=%40value+1%2B2=3")
+ << parameters
+ << QByteArray("GET");
+ QTest::newRow("oauthbin.com_patch") << "key"
+ << "secret"
+ << "accesskey"
+ << "accesssecret"
+ << QUrl("http://oauthbin.com/v1/echo")
+ << parameters
+ << QByteArray("PATCH");
+ }
+}
+
+void tst_OAuth1::prepareRequestCalls()
+{
+ QFETCH(QString, consumerKey);
+ QFETCH(QString, consumerSecret);
+ QFETCH(QString, accessKey);
+ QFETCH(QString, accessKeySecret);
+ QFETCH(QUrl, url);
+ QFETCH(QVariantMap, parameters);
+ QFETCH(QByteArray, operation);
+
+ QNetworkAccessManager networkAccessManager;
+ QNetworkReplyPtr reply;
+ QString receivedData;
+ QString parametersString;
+ {
+ if (url.hasQuery()) {
+ parametersString = url.query(QUrl::FullyDecoded);
+ if (!parameters.empty())
+ parametersString.append(QLatin1Char('&'));
+ }
+ bool first = true;
+ for (auto it = parameters.begin(), end = parameters.end(); it != end; ++it) {
+ if (first)
+ first = false;
+ else
+ parametersString += QLatin1Char('&');
+ parametersString += it.key() + QLatin1Char('=') + it.value().toString();
+ }
+ }
+
+ QOAuth1 o1(&networkAccessManager);
+ o1.setClientCredentials(consumerKey, consumerSecret);
+ o1.setTokenCredentials(accessKey, accessKeySecret);
+
+ if (operation != "POST") {
+ QUrlQuery query(url.query());
+ for (auto it = parameters.begin(), end = parameters.end(); it != end; ++it)
+ query.addQueryItem(it.key(), it.value().toString());
+ url.setQuery(query);
+ }
+ QNetworkRequest request(url);
+ QByteArray body;
+ if (operation == "POST") {
+ QUrlQuery query(url.query());
+ for (auto it = parameters.begin(), end = parameters.end(); it != end; ++it)
+ query.addQueryItem(it.key(), it.value().toString());
+ body = query.toString().toUtf8();
+ request.setHeader(QNetworkRequest::ContentTypeHeader,
+ QByteArray("application/x-www-form-urlencoded"));
+ }
+
+ o1.prepareRequest(&request, operation, body);
+ if (body.isEmpty())
+ reply.reset(o1.networkAccessManager()->sendCustomRequest(request, operation));
+ else
+ reply.reset(o1.networkAccessManager()->sendCustomRequest(request, operation, body));
+ QVERIFY(!reply.isNull());
+ QVERIFY(!reply->isFinished());
+
+ connect(&networkAccessManager, &QNetworkAccessManager::finished,
+ [&](QNetworkReply *reply) {
+ QByteArray data = reply->readAll();
+ QUrlQuery query(QString::fromUtf8(data));
+ receivedData = query.toString(QUrl::FullyDecoded);
+ });
+ QVERIFY(waitForFinish(reply) == Success);
+ QCOMPARE(receivedData, parametersString);
+ reply.clear();
+}
+
void tst_OAuth1::secondTemporaryToken()
{
QNetworkAccessManager networkAccessManager;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-11 04:36:32 +0000