123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484 |
- // Copyright 2010 Gary Burd
- //
- // Licensed under the Apache License, Version 2.0 (the "License"): you may
- // not use this file except in compliance with the License. You may obtain
- // a copy of the License at
- //
- // http://www.apache.org/licenses/LICENSE-2.0
- //
- // Unless required by applicable law or agreed to in writing, software
- // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- // License for the specific language governing permissions and limitations
- // under the License.
- package oauth
- import (
- "bytes"
- "crypto/x509"
- "encoding/pem"
- "io"
- "io/ioutil"
- "net/http"
- "net/http/cookiejar"
- "net/http/httptest"
- "net/url"
- "strings"
- "testing"
- "golang.org/x/net/context"
- )
- func parseURL(urlStr string) *url.URL {
- u, err := url.Parse(urlStr)
- if err != nil {
- panic(err)
- }
- return u
- }
- var oauthTests = []struct {
- method string
- url *url.URL
- form url.Values
- nonce string
- timestamp string
- clientCredentials Credentials
- credentials Credentials
- signatureMethod SignatureMethod
- base string
- header string
- }{
- {
- // Simple example from Twitter OAuth tool
- method: "GET",
- url: parseURL("https://api.twitter.com/1/"),
- form: url.Values{"page": {"10"}},
- nonce: "8067e8abc6bdca2006818132445c8f4c",
- timestamp: "1355795903",
- clientCredentials: Credentials{"kMViZR2MHk2mM7hUNVw9A", "56Fgl58yOfqXOhHXX0ybvOmSnPQFvR2miYmm30A"},
- credentials: Credentials{"10212-JJ3Zc1A49qSMgdcAO2GMOpW9l7A348ESmhjmOBOU", "yF75mvq4LZMHj9O0DXwoC3ZxUnN1ptvieThYuOAYM"},
- base: `GET&https%3A%2F%2Fapi.twitter.com%2F1%2F&oauth_consumer_key%3DkMViZR2MHk2mM7hUNVw9A%26oauth_nonce%3D8067e8abc6bdca2006818132445c8f4c%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1355795903%26oauth_token%3D10212-JJ3Zc1A49qSMgdcAO2GMOpW9l7A348ESmhjmOBOU%26oauth_version%3D1.0%26page%3D10`,
- header: `OAuth oauth_consumer_key="kMViZR2MHk2mM7hUNVw9A", oauth_nonce="8067e8abc6bdca2006818132445c8f4c", oauth_signature="o5cx1ggJrY9ognZuVVeUwglKV8U%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1355795903", oauth_token="10212-JJ3Zc1A49qSMgdcAO2GMOpW9l7A348ESmhjmOBOU", oauth_version="1.0"`,
- },
- {
- // Test case and port insensitivity.
- method: "GeT",
- url: parseURL("https://apI.twItter.com:443/1/"),
- form: url.Values{"page": {"10"}},
- nonce: "8067e8abc6bdca2006818132445c8f4c",
- timestamp: "1355795903",
- clientCredentials: Credentials{"kMViZR2MHk2mM7hUNVw9A", "56Fgl58yOfqXOhHXX0ybvOmSnPQFvR2miYmm30A"},
- credentials: Credentials{"10212-JJ3Zc1A49qSMgdcAO2GMOpW9l7A348ESmhjmOBOU", "yF75mvq4LZMHj9O0DXwoC3ZxUnN1ptvieThYuOAYM"},
- base: `GET&https%3A%2F%2Fapi.twitter.com%2F1%2F&oauth_consumer_key%3DkMViZR2MHk2mM7hUNVw9A%26oauth_nonce%3D8067e8abc6bdca2006818132445c8f4c%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1355795903%26oauth_token%3D10212-JJ3Zc1A49qSMgdcAO2GMOpW9l7A348ESmhjmOBOU%26oauth_version%3D1.0%26page%3D10`,
- header: `OAuth oauth_consumer_key="kMViZR2MHk2mM7hUNVw9A", oauth_nonce="8067e8abc6bdca2006818132445c8f4c", oauth_signature="o5cx1ggJrY9ognZuVVeUwglKV8U%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1355795903", oauth_token="10212-JJ3Zc1A49qSMgdcAO2GMOpW9l7A348ESmhjmOBOU", oauth_version="1.0"`,
- },
- {
- // Example generated using the Netflix OAuth tool.
- method: "GET",
- url: parseURL("http://api-public.netflix.com/catalog/titles"),
- form: url.Values{"term": {"Dark Knight"}, "count": {"2"}},
- nonce: "1234",
- timestamp: "1355850443",
- clientCredentials: Credentials{"apiKey001", "sharedSecret002"},
- credentials: Credentials{"accessToken003", "accessSecret004"},
- base: `GET&http%3A%2F%2Fapi-public.netflix.com%2Fcatalog%2Ftitles&count%3D2%26oauth_consumer_key%3DapiKey001%26oauth_nonce%3D1234%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1355850443%26oauth_token%3DaccessToken003%26oauth_version%3D1.0%26term%3DDark%2520Knight`,
- header: `OAuth oauth_consumer_key="apiKey001", oauth_nonce="1234", oauth_signature="0JAoaqt6oz6TJx8N%2B06XmhPjcOs%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1355850443", oauth_token="accessToken003", oauth_version="1.0"`,
- },
- {
- // Special characters in form values.
- method: "GET",
- url: parseURL("http://PHOTOS.example.net:8001/Photos"),
- form: url.Values{"photo size": {"300%"}, "title": {"Back of $100 Dollars Bill"}},
- nonce: "kllo~9940~pd9333jh",
- timestamp: "1191242096",
- clientCredentials: Credentials{"dpf43f3++p+#2l4k3l03", "secret01"},
- credentials: Credentials{"nnch734d(0)0sl2jdk", "secret02"},
- base: "GET&http%3A%2F%2Fphotos.example.net%3A8001%2FPhotos&oauth_consumer_key%3Ddpf43f3%252B%252Bp%252B%25232l4k3l03%26oauth_nonce%3Dkllo~9940~pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d%25280%25290sl2jdk%26oauth_version%3D1.0%26photo%2520size%3D300%2525%26title%3DBack%2520of%2520%2524100%2520Dollars%2520Bill",
- header: `OAuth oauth_consumer_key="dpf43f3%2B%2Bp%2B%232l4k3l03", oauth_nonce="kllo~9940~pd9333jh", oauth_signature="n1UAoQy2PoIYizZUiWvkdCxM3P0%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1191242096", oauth_token="nnch734d%280%290sl2jdk", oauth_version="1.0"`,
- },
- {
- // Special characters in path, multiple values for same key in form.
- method: "GET",
- url: parseURL("http://EXAMPLE.COM:80/Space%20Craft"),
- form: url.Values{"name": {"value", "value"}},
- nonce: "Ix4U1Ei3RFL",
- timestamp: "1327384901",
- clientCredentials: Credentials{"abcd", "efgh"},
- credentials: Credentials{"ijkl", "mnop"},
- base: "GET&http%3A%2F%2Fexample.com%2FSpace%2520Craft&name%3Dvalue%26name%3Dvalue%26oauth_consumer_key%3Dabcd%26oauth_nonce%3DIx4U1Ei3RFL%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1327384901%26oauth_token%3Dijkl%26oauth_version%3D1.0",
- header: `OAuth oauth_consumer_key="abcd", oauth_nonce="Ix4U1Ei3RFL", oauth_signature="TZZ5u7qQorLnmKs%2Biqunb8gqkh4%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1327384901", oauth_token="ijkl", oauth_version="1.0"`,
- },
- {
- // Query string in URL.
- method: "GET",
- url: parseURL("http://EXAMPLE.COM:80/Space%20Craft?name=value"),
- form: url.Values{"name": {"value"}},
- nonce: "Ix4U1Ei3RFL",
- timestamp: "1327384901",
- clientCredentials: Credentials{"abcd", "efgh"},
- credentials: Credentials{"ijkl", "mnop"},
- base: "GET&http%3A%2F%2Fexample.com%2FSpace%2520Craft&name%3Dvalue%26name%3Dvalue%26oauth_consumer_key%3Dabcd%26oauth_nonce%3DIx4U1Ei3RFL%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1327384901%26oauth_token%3Dijkl%26oauth_version%3D1.0",
- header: `OAuth oauth_consumer_key="abcd", oauth_nonce="Ix4U1Ei3RFL", oauth_signature="TZZ5u7qQorLnmKs%2Biqunb8gqkh4%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1327384901", oauth_token="ijkl", oauth_version="1.0"`,
- },
- {
- // "/" in form value.
- method: "POST",
- url: parseURL("https://stream.twitter.com/1.1/statuses/filter.json"),
- form: url.Values{"track": {"example.com/abcd"}},
- nonce: "bf2cb6d611e59f99103238fc9a3bb8d8",
- timestamp: "1362434376",
- clientCredentials: Credentials{"consumer_key", "consumer_secret"},
- credentials: Credentials{"token", "secret"},
- base: "POST&https%3A%2F%2Fstream.twitter.com%2F1.1%2Fstatuses%2Ffilter.json&oauth_consumer_key%3Dconsumer_key%26oauth_nonce%3Dbf2cb6d611e59f99103238fc9a3bb8d8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1362434376%26oauth_token%3Dtoken%26oauth_version%3D1.0%26track%3Dexample.com%252Fabcd",
- header: `OAuth oauth_consumer_key="consumer_key", oauth_nonce="bf2cb6d611e59f99103238fc9a3bb8d8", oauth_signature="LcxylEOnNdgoKSJi7jX07mxcvfM%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1362434376", oauth_token="token", oauth_version="1.0"`,
- },
- {
- // "/" in query string
- method: "POST",
- url: parseURL("https://stream.twitter.com/1.1/statuses/filter.json?track=example.com/query"),
- form: url.Values{},
- nonce: "884275759fbab914654b50ae643c563a",
- timestamp: "1362435218",
- clientCredentials: Credentials{"consumer_key", "consumer_secret"},
- credentials: Credentials{"token", "secret"},
- base: "POST&https%3A%2F%2Fstream.twitter.com%2F1.1%2Fstatuses%2Ffilter.json&oauth_consumer_key%3Dconsumer_key%26oauth_nonce%3D884275759fbab914654b50ae643c563a%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1362435218%26oauth_token%3Dtoken%26oauth_version%3D1.0%26track%3Dexample.com%252Fquery",
- header: `OAuth oauth_consumer_key="consumer_key", oauth_nonce="884275759fbab914654b50ae643c563a", oauth_signature="OAldqvRrKDXRGZ9BqSi2CqeVH0g%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1362435218", oauth_token="token", oauth_version="1.0"`,
- },
- {
- // QuickBooks query string
- method: "GET",
- url: parseURL("https://qb.sbfinance.intuit.com/v3/company/1273852765/query"),
- form: url.Values{"query": {"select * from account"}},
- nonce: "12345678",
- timestamp: "1409876517",
- clientCredentials: Credentials{"consumer_key", "consumer_secret"},
- credentials: Credentials{"token", "secret"},
- base: "GET&https%3A%2F%2Fqb.sbfinance.intuit.com%2Fv3%2Fcompany%2F1273852765%2Fquery&oauth_consumer_key%3Dconsumer_key%26oauth_nonce%3D12345678%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1409876517%26oauth_token%3Dtoken%26oauth_version%3D1.0%26query%3Dselect%2520%252A%2520from%2520account",
- header: `OAuth oauth_consumer_key="consumer_key", oauth_nonce="12345678", oauth_signature="7crYee%2BJLvg7dksQiHbarUHN3rY%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1409876517", oauth_token="token", oauth_version="1.0"`,
- },
- {
- // Plain text signature method
- signatureMethod: PLAINTEXT,
- method: "GET",
- url: parseURL("http://example.com/"),
- clientCredentials: Credentials{"key", "secret"},
- credentials: Credentials{"accesskey", "accesssecret"},
- header: `OAuth oauth_consumer_key="key", oauth_signature="secret%26accesssecret", oauth_signature_method="PLAINTEXT", oauth_token="accesskey", oauth_version="1.0"`,
- },
- {
- // RSA-SHA1 signature method
- signatureMethod: RSASHA1,
- method: "GET",
- url: parseURL("http://term.ie/oauth/example/echo_api.php"),
- form: url.Values{"method": {"foo%20bar"}, "bar": {"baz"}},
- nonce: "a7da4d14579d61886be9d596d1a6a720",
- timestamp: "1420240290",
- clientCredentials: Credentials{Token: "key"},
- credentials: Credentials{Token: "accesskey"},
- base: `GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Fecho_api.php&bar%3Dbaz%26method%3Dfoo%252520bar%26oauth_consumer_key%3Dkey%26oauth_nonce%3Da7da4d14579d61886be9d596d1a6a720%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1420240290%26oauth_token%3Daccesskey%26oauth_version%3D1.0`,
- header: `OAuth oauth_consumer_key="key", oauth_nonce="a7da4d14579d61886be9d596d1a6a720", oauth_signature="jPun728OkfFo7BjZiaQ5UBVChwk6tf0uKNFDmNKVb%2Bd6aWYEzsDVkqqjcgTrCRNabK8ubAnhyprafk0mk3zEJe%2BxGb9GKauqwUJ6ZZoGJNYYZg3BZUQvdxSKFs1M4MUMv3fxntmD%2BoyE8jPbrVM2zD1G1AAPm79sX%2B8XE25tBE8%3D", oauth_signature_method="RSA-SHA1", oauth_timestamp="1420240290", oauth_token="accesskey", oauth_version="1.0"`,
- },
- }
- func TestBaseString(t *testing.T) {
- for _, ot := range oauthTests {
- if ot.signatureMethod == PLAINTEXT {
- // PLAINTEXT signature does not use the base string.
- continue
- }
- oauthParams := map[string]string{
- "oauth_consumer_key": ot.clientCredentials.Token,
- "oauth_nonce": ot.nonce,
- "oauth_signature_method": ot.signatureMethod.String(),
- "oauth_timestamp": ot.timestamp,
- "oauth_token": ot.credentials.Token,
- "oauth_version": "1.0",
- }
- var buf bytes.Buffer
- writeBaseString(&buf, ot.method, ot.url, ot.form, oauthParams)
- base := buf.String()
- if base != ot.base {
- t.Errorf("base string for %s %s\n = %q,\n want %q", ot.method, ot.url, base, ot.base)
- }
- }
- }
- var pemPrivateKey = `-----BEGIN RSA PRIVATE KEY-----
- MIICXAIBAAKBgQC0YjCwIfYoprq/FQO6lb3asXrxLlJFuCvtinTF5p0GxvQGu5O3
- gYytUvtC2JlYzypSRjVxwxrsuRcP3e641SdASwfrmzyvIgP08N4S0IFzEURkV1wp
- /IpH7kH41EtbmUmrXSwfNZsnQRE5SYSOhh+LcK2wyQkdgcMv11l4KoBkcwIDAQAB
- AoGAWFlbZXlM2r5G6z48tE+RTKLvB1/btgAtq8vLw/5e3KnnbcDD6fZO07m4DRaP
- jRryrJdsp8qazmUdcY0O1oK4FQfpprknDjP+R1XHhbhkQ4WEwjmxPstZMUZaDWF5
- 8d3otc23mCzwh3YcUWFu09KnMpzZsK59OfyjtkS44EDWpbECQQDXgN0ODboKsuEA
- VAhAtPUqspU9ivRa6yLai9kCnPb9GcztrsJZQm4NHcKVbmD2F2L4pDRx4Pmglhfl
- V7G/a6T7AkEA1kfU0+DkXc6I/jXHJ6pDLA5s7dBHzWgDsBzplSdkVQbKT3MbeYje
- ByOxzXhulOWLBQW/vxmW4HwU95KTRlj06QJASPoBYY3yb0cN/J94P/lHgJMDCNky
- UEuJ/PoYndLrrN/8zow8kh91xwlJ6HJ9cTiQMmTgwaOOxPuu0eI1df4M2wJBAJJS
- WrKUT1z/O+zbLDOZwGTFNPzvzRgmft4z4A1J6OlmyZ+XKpvDKloVtcRpCJoEZPn5
- AwaroquID4k/PfI7rIECQHeWa6+kPADv9IrK/92mujujS0MSEiynDw5NjTnHAH0v
- 8TrXzs+LCWDN/gbOCKPfnWRkgwgOeC8NN3h0zUIIUtA=
- -----END RSA PRIVATE KEY-----
- `
- func TestAuthorizationHeader(t *testing.T) {
- originalTestHook := testHook
- defer func() {
- testHook = originalTestHook
- }()
- block, _ := pem.Decode([]byte(pemPrivateKey))
- privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
- if err != nil {
- t.Fatal(err)
- }
- for _, ot := range oauthTests {
- testHook = func(p map[string]string) {
- if _, ok := p["oauth_nonce"]; ok {
- p["oauth_nonce"] = ot.nonce
- }
- if _, ok := p["oauth_timestamp"]; ok {
- p["oauth_timestamp"] = ot.timestamp
- }
- }
- c := Client{Credentials: ot.clientCredentials, SignatureMethod: ot.signatureMethod, PrivateKey: privateKey}
- header, err := c.authorizationHeader(&request{credentials: &ot.credentials, method: ot.method, u: ot.url, form: ot.form})
- if err != nil {
- t.Errorf("authorizationHeader(&cred, %q, %q, %v) returned error %v", ot.method, ot.url.String(), ot.form, err)
- continue
- }
- if header != ot.header {
- t.Errorf("authorizationHeader(&cred, %q, %q, %v) =\n %s\nwant: %s", ot.method, ot.url.String(), ot.form, header, ot.header)
- }
- }
- }
- func TestNonce(t *testing.T) {
- // This test is flaky, but failures should be very rare.
- n := nonce()
- if len(n) < 8 {
- t.Fatalf("nonce is %s, exected something longer", n)
- }
- }
- func TestRequestToken(t *testing.T) {
- var method string
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- expectedMethod := method
- if method == "" {
- expectedMethod = http.MethodPost
- }
- if r.Method != expectedMethod {
- t.Errorf("got method %s, want %s", r.Method, expectedMethod)
- }
- expectedContenType := ""
- if r.Method != http.MethodGet {
- expectedContenType = "application/x-www-form-urlencoded"
- }
- if contentType := r.Header.Get("Content-Type"); contentType != expectedContenType {
- t.Errorf("got content type %q, want %q", contentType, expectedContenType)
- }
- if auth := r.Header.Get("Authorization"); !strings.Contains(auth, `oauth_verifier="verifier"`) {
- t.Errorf("verifier missing from auth header %q", auth)
- }
- v := url.Values{}
- v.Set("oauth_token", "token")
- v.Set("oauth_token_secret", "secret")
- io.WriteString(w, v.Encode())
- }))
- defer ts.Close()
- for _, method = range []string{"", "GET", "POST"} {
- c := Client{TokenRequestURI: ts.URL, TokenCredentailsMethod: method}
- cred, _, err := c.RequestToken(http.DefaultClient, &Credentials{}, "verifier")
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- if cred.Token != "token" {
- t.Errorf("token for %s want %s", cred.Token, "token")
- }
- if cred.Secret != "secret" {
- t.Errorf("secret for %s want %s", cred.Secret, "secret")
- }
- }
- }
- func TestRenewRequestCredentials(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- a := r.Header.Get("Authorization")
- if !strings.Contains(a, `oauth_token="token"`) {
- t.Errorf("Authorization header %q should contains %q", a, `oauth_token="token"`)
- }
- if !strings.Contains(a, `oauth_session_handle="session-handle"`) {
- t.Errorf("Authorization header %q should contains %q", a, `oauth_session_handle="session-handle"`)
- }
- v := url.Values{}
- v.Set("oauth_token", "response-token")
- v.Set("oauth_token_secret", "response-token-secret")
- v.Set("oauth_session_handle", "response-session-handle")
- io.WriteString(w, v.Encode())
- }))
- defer ts.Close()
- c := Client{RenewCredentialRequestURI: ts.URL}
- cred, rv, err := c.RenewRequestCredentials(http.DefaultClient, &Credentials{Token: "token"}, "session-handle")
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- if cred.Token != "response-token" {
- t.Errorf("token for %s want %s", cred.Token, "response-token")
- }
- if cred.Secret != "response-token-secret" {
- t.Errorf("secret for %s want %s", cred.Secret, "response-token-secret")
- }
- if rv.Get("oauth_session_handle") != "response-session-handle" {
- t.Errorf("session handle for %s want %s", rv.Get("oauth_session_handle"), "response-session-handle")
- }
- }
- func TestGet(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- if r.Method != http.MethodGet {
- t.Errorf("got method %s, want %s", r.Method, http.MethodGet)
- }
- if err := r.ParseForm(); err != nil {
- t.Errorf("returned error %v", err)
- }
- if form := r.Form.Get("form"); form != "foo" {
- t.Errorf("form %s, want %s", form, "foo")
- }
- cookie, err := r.Cookie("client-cookie")
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- if cookie.Value != "foobar" {
- t.Errorf("client-cookie %s, want %s", cookie.Value, "foobar")
- }
- io.WriteString(w, "bar")
- }))
- defer ts.Close()
- u, err := url.Parse(ts.URL)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- jar, err := cookiejar.New(nil)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- jar.SetCookies(u, []*http.Cookie{&http.Cookie{Name: "client-cookie", Value: "foobar"}})
- v := url.Values{}
- v.Set("form", "foo")
- c := Client{}
- resp, err := c.Get(&http.Client{Jar: jar}, &Credentials{}, u.String(), v)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- defer resp.Body.Close()
- b, err := ioutil.ReadAll(resp.Body)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- if string(b) != "bar" {
- t.Errorf("body %s, want %s", string(b), "bar")
- }
- }
- func TestGet_ClientNil(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- if r.Method != http.MethodGet {
- t.Errorf("got method %s, want %s", r.Method, http.MethodGet)
- }
- io.WriteString(w, "bar")
- }))
- defer ts.Close()
- c := Client{}
- resp, err := c.Get(nil, &Credentials{}, ts.URL, nil)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- defer resp.Body.Close()
- b, err := ioutil.ReadAll(resp.Body)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- if string(b) != "bar" {
- t.Errorf("body %s, want %s", string(b), "bar")
- }
- }
- func TestGetContext(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- if r.Method != http.MethodGet {
- t.Errorf("got method %s, want %s", r.Method, http.MethodGet)
- }
- cookie, err := r.Cookie("client-cookie")
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- if cookie.Value != "foobar" {
- t.Errorf("client-cookie %s, want %s", cookie.Value, "foobar")
- }
- io.WriteString(w, "bar")
- }))
- defer ts.Close()
- u, err := url.Parse(ts.URL)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- jar, err := cookiejar.New(nil)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- jar.SetCookies(u, []*http.Cookie{&http.Cookie{Name: "client-cookie", Value: "foobar"}})
- ctx := context.WithValue(context.Background(), HTTPClient, &http.Client{Jar: jar})
- c := Client{}
- resp, err := c.GetContext(ctx, &Credentials{}, u.String(), nil)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- defer resp.Body.Close()
- b, err := ioutil.ReadAll(resp.Body)
- if err != nil {
- t.Errorf("returned error %v", err)
- }
- if string(b) != "bar" {
- t.Errorf("body %s, want %s", string(b), "bar")
- }
- }
- func TestRequestCredentialsError(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("WWW-Authenticate", "oauth_problem=token_rejected")
- w.WriteHeader(http.StatusUnauthorized)
- io.WriteString(w, "oauth_problem=token_rejected")
- }))
- defer ts.Close()
- c := Client{TokenRequestURI: ts.URL}
- _, _, err := c.RequestToken(http.DefaultClient, &Credentials{}, "verifier")
- if err == nil {
- t.Error("error should not be nil")
- }
- if rce, ok := err.(RequestCredentialsError); ok {
- if rce.StatusCode != http.StatusUnauthorized {
- t.Errorf("status code %d, want %d", rce.StatusCode, http.StatusUnauthorized)
- }
- wa := rce.Header.Get("WWW-Authenticate")
- if wa != "oauth_problem=token_rejected" {
- t.Errorf("WWW-Authenticate header %s, want %s", wa, "oauth_problem=token_rejected")
- }
- if string(rce.Body) != "oauth_problem=token_rejected" {
- t.Errorf("body %s,want %s", rce.Body, "oauth_problem=token_rejected")
- }
- } else {
- t.Error("error should be assertable RequestCredentialsError")
- }
- }
|