Updated OAuth to actually perform authorization stuff.

git-svn-id: https://google-api-ruby-client.googlecode.com/svn/trunk@8 c1d61fac-ed7f-fcc1-18f7-ff78120a04ef
This commit is contained in:
bobaman@google.com 2010-08-12 01:07:35 +00:00
parent 10f9db8ac6
commit e4b6f8528e
5 changed files with 147 additions and 16 deletions

View File

@ -26,6 +26,9 @@ module Google #:nodoc:
'https://www.google.com/accounts/OAuthAuthorizeToken',
:access_token_uri =>
'https://www.google.com/accounts/OAuthGetAccessToken',
:scopes => [],
:callback => OAuth::OUT_OF_BAND,
:displayname => nil,
:consumer_key => "anonymous",
:consumer_secret => "anonymous"
}.merge(options)
@ -54,7 +57,50 @@ module Google #:nodoc:
}
)
end
def request_token
oauth_parameters = {
:oauth_callback => @options[:callback]
}
app_parameters = {
:scope => @options[:scopes].join(" ")
}
if @options[:displayname]
app_parameters[:xoauth_displayname] = @options[:displayname]
end
return @request_token ||= @oauth_consumer.get_request_token(
oauth_parameters,
app_parameters
)
end
def request_token=(new_request_token)
if new_request_token.kind_of?(OAuth::RequestToken)
@request_token = new_request_token
else
raise TypeError,
"Expected OAuth::RequestToken, got #{new_request_token.class}."
end
end
def access_token
return @access_token ||=
@oauth_consumer.get_access_token(self.request_token)
end
def access_token=(new_access_token)
if new_access_token.kind_of?(OAuth::AccessToken)
@access_token = new_access_token
else
raise TypeError,
"Expected OAuth::AccessToken, got #{new_access_token.class}."
end
end
def scopes
return @options[:scopes]
end
def consumer_key
return @oauth_consumer.key
end
@ -62,15 +108,19 @@ module Google #:nodoc:
def consumer_secret
return @oauth_consumer.secret
end
def request_token_uri
return @oauth_consumer.request_token_url
end
def authorization_uri
def authorization_endpoint_uri
return @oauth_consumer.authorize_url
end
def authorization_uri(parameters={})
return self.request_token.authorize_url(parameters)
end
def access_token_uri
return @oauth_consumer.access_token_url
end

View File

@ -12,33 +12,48 @@
# See the License for the specific language governing permissions and
# limitations under the License.
require "spec_helper"
require "oauth"
require "google/api_client/auth/oauth_1"
describe Google::APIClient::OAuth1, "in the default configuration" do
before do
@oauth = Google::APIClient::OAuth1.new
end
it "should have the correct request_token_uri" do
@oauth.request_token_uri.should ==
"https://www.google.com/accounts/OAuthGetRequestToken"
end
it "should have the correct authorization_uri" do
@oauth.authorization_uri.should ==
@oauth.authorization_endpoint_uri.should ==
"https://www.google.com/accounts/OAuthAuthorizeToken"
end
it "should have the correct access_token_uri" do
@oauth.access_token_uri.should ==
"https://www.google.com/accounts/OAuthGetAccessToken"
end
it "should have the correct consumer_key" do
@oauth.consumer_key.should == "anonymous"
end
it "should have the correct consumer_secret" do
@oauth.consumer_secret.should == "anonymous"
end
it "should allow the request_token to be set manually" do
@oauth.request_token = OAuth::RequestToken.new(@oauth, "key", "secret")
@oauth.request_token.token.should == "key"
@oauth.request_token.secret.should == "secret"
end
it "should not allow the request_token to be set to bogus value" do
(lambda do
@oauth.request_token = 42
end).should raise_error(TypeError)
end
end

View File

@ -0,0 +1,60 @@
# Copyright 2010 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
require "spec_helper"
require "oauth"
require "google/api_client/auth/oauth_1"
require "addressable/uri"
describe Google::APIClient::OAuth1, "configured for use with Buzz" do
before do
@oauth = Google::APIClient::OAuth1.new(
:authorization_uri =>
"https://www.google.com/buzz/api/auth/OAuthAuthorizeToken",
:scopes => ["https://www.googleapis.com/auth/buzz"]
)
end
it "should be able to get a request token" do
@oauth.request_token.token.should =~ /^[a-zA-Z0-9\/\-\_\+]+$/
@oauth.request_token.secret.should =~ /^[a-zA-Z0-9\/\-\_\+]+$/
end
it "should issue only a single request token" do
@oauth.request_token.token.should == @oauth.request_token.token
@oauth.request_token.secret.should == @oauth.request_token.secret
end
it "should build the correct authorization URI" do
icon_uri = "http://www.google.com/images/icons/feature/padlock-g128.png"
uri = @oauth.authorization_uri(
:domain => @oauth.consumer_key,
:iconUrl => icon_uri,
:scope => @oauth.scopes.join(" ")
)
uri.should =~
/^https:\/\/www.google.com\/buzz\/api\/auth\/OAuthAuthorizeToken/
Addressable::URI.unencode(uri).should =~
Regexp.new(Regexp.escape(@oauth.request_token.token))
Addressable::URI.unencode(uri).should =~
Regexp.new(Regexp.escape(icon_uri))
for scope in @oauth.scopes
Addressable::URI.unencode(uri).should =~
Regexp.new(Regexp.escape(scope))
end
end
# Not much we can do to test any further into the OAuth flow
end

View File

@ -3,5 +3,3 @@ lib_dir = File.expand_path(File.join(spec_dir, "../lib"))
$:.unshift(lib_dir)
$:.uniq!
require "api_client"

View File

@ -3,7 +3,7 @@ require 'spec/rake/verify_rcov'
namespace :spec do
Spec::Rake::SpecTask.new(:rcov) do |t|
t.spec_files = FileList['spec/**/*_spec.rb']
t.spec_opts = ['--color', '--format', 'specdoc']
t.spec_opts = ['--require', 'rubygems', '--color', '--format', 'specdoc']
if RCOV_ENABLED
t.rcov = true
else
@ -16,9 +16,17 @@ namespace :spec do
]
end
Spec::Rake::SpecTask.new(:normal) do |t|
Spec::Rake::SpecTask.new(:all) do |t|
t.spec_files = FileList['spec/**/*_spec.rb']
t.spec_opts = ['--color', '--format', 'specdoc']
t.spec_opts = ['--require', 'rubygems', '--color', '--format', 'specdoc']
t.rcov = false
end
Spec::Rake::SpecTask.new(:fast) do |t|
t.spec_files = FileList['spec/**/*_spec.rb'].exclude(
'spec/**/*_slow_spec.rb'
)
t.spec_opts = ['--require', 'rubygems', '--color', '--format', 'specdoc']
t.rcov = false
end
@ -56,8 +64,8 @@ if RCOV_ENABLED
desc "Alias to spec:verify"
task "spec" => "spec:verify"
else
desc "Alias to spec:normal"
task "spec" => "spec:normal"
desc "Alias to spec:all"
task "spec" => "spec:all"
end
task "clobber" => ["spec:clobber_rcov"]