You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by be...@apache.org on 2008/10/11 02:07:14 UTC

svn commit: r703611 - in /incubator/shindig/trunk/features/core.io: io.js iotest.js

Author: beaton
Date: Fri Oct 10 17:07:14 2008
New Revision: 703611

URL: http://svn.apache.org/viewvc?rev=703611&view=rev
Log:
Include OAUTH options on signed fetch requests.


Modified:
    incubator/shindig/trunk/features/core.io/io.js
    incubator/shindig/trunk/features/core.io/iotest.js

Modified: incubator/shindig/trunk/features/core.io/io.js
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/features/core.io/io.js?rev=703611&r1=703610&r2=703611&view=diff
==============================================================================
--- incubator/shindig/trunk/features/core.io/io.js (original)
+++ incubator/shindig/trunk/features/core.io/io.js Fri Oct 10 17:07:14 2008
@@ -344,7 +344,7 @@
       };
 
       // OAuth goodies
-      if (params.AUTHORIZATION === "OAUTH") {
+      if (auth === "oauth" || auth === "signed") {
         paramData.oauthState = oauthState || "";
         // Just copy the OAuth parameters into the req to the server
         for (opt in params) if (params.hasOwnProperty(opt)) {

Modified: incubator/shindig/trunk/features/core.io/iotest.js
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/features/core.io/iotest.js?rev=703611&r1=703610&r2=703611&view=diff
==============================================================================
--- incubator/shindig/trunk/features/core.io/iotest.js (original)
+++ incubator/shindig/trunk/features/core.io/iotest.js Fri Oct 10 17:07:14 2008
@@ -341,6 +341,7 @@
 };
 
 IoTest.prototype.testSignedGet = function() {
+  gadgets.io.clearOAuthState();
   var req = new fakeXhr.Expectation("POST", "http://example.com/json");
   this.setStandardArgs(req, true);
   req.setBodyArg("url", "http://target.example.com/somepage");
@@ -348,6 +349,7 @@
   req.setBodyArg("signViewer", "true");
   req.setBodyArg("authz", "signed");
   req.setBodyArg("st", "authtoken");
+  req.setBodyArg("oauthState", "");
   req.setBodyArg("refresh", null);
   req.setHeader("Content-Type", "application/x-www-form-urlencoded");
 
@@ -369,6 +371,7 @@
 };
 
 IoTest.prototype.testSignedPost = function() {
+  gadgets.io.clearOAuthState();
   var req = new fakeXhr.Expectation("POST", "http://example.com/json");
   this.setStandardArgs(req, true);
   req.setBodyArg("url", "http://target.example.com/somepage");
@@ -376,6 +379,7 @@
   req.setBodyArg("signViewer", "true");
   req.setBodyArg("authz", "signed");
   req.setBodyArg("st", "authtoken");
+  req.setBodyArg("oauthState", "");
   req.setBodyArg("refresh", null);
   req.setBodyArg("httpMethod", "POST");
   req.setBodyArg("headers", "Content-Type=application%2fx-www-form-urlencoded");
@@ -400,6 +404,7 @@
 };
 
 IoTest.prototype.testSignedGet_noViewerBoolean = function() {
+  gadgets.io.clearOAuthState();
   var req = new fakeXhr.Expectation("POST", "http://example.com/json");
   this.setStandardArgs(req, true);
   req.setBodyArg("url", "http://target.example.com/somepage");
@@ -407,6 +412,7 @@
   req.setBodyArg("signViewer", "false");
   req.setBodyArg("authz", "signed");
   req.setBodyArg("st", "authtoken");
+  req.setBodyArg("oauthState", "");
   req.setBodyArg("refresh", null);
   req.setHeader("Content-Type", "application/x-www-form-urlencoded");
 
@@ -429,6 +435,7 @@
 };
 
 IoTest.prototype.testSignedGet_noViewerString = function() {
+  gadgets.io.clearOAuthState();
   var req = new fakeXhr.Expectation("POST", "http://example.com/json");
   this.setStandardArgs(req, true);
   req.setBodyArg("url", "http://target.example.com/somepage");
@@ -436,6 +443,7 @@
   req.setBodyArg("signViewer", "false");
   req.setBodyArg("authz", "signed");
   req.setBodyArg("st", "authtoken");
+  req.setBodyArg("oauthState", "");
   req.setBodyArg("refresh", null);
   req.setHeader("Content-Type", "application/x-www-form-urlencoded");
 
@@ -458,6 +466,7 @@
 };
 
 IoTest.prototype.testSignedGet_withNoOwnerAndViewerString = function() {
+  gadgets.io.clearOAuthState();
   var req = new fakeXhr.Expectation("POST", "http://example.com/json");
   this.setStandardArgs(req, true);
   req.setBodyArg("url", "http://target.example.com/somepage");
@@ -465,6 +474,7 @@
   req.setBodyArg("signViewer", "true");
   req.setBodyArg("authz", "signed");
   req.setBodyArg("st", "authtoken");
+  req.setBodyArg("oauthState", "");
   req.setBodyArg("refresh", null);
   req.setHeader("Content-Type", "application/x-www-form-urlencoded");
 
@@ -545,6 +555,41 @@
   this.assertEquals("personal data", resp.text);
 };
 
+IoTest.prototype.testSignedEquivalentToOAuth = function() {
+  gadgets.io.clearOAuthState();
+  var req = new fakeXhr.Expectation("POST", "http://example.com/json");
+  this.setStandardArgs(req, true);
+  req.setBodyArg("url", "http://target.example.com/somepage");
+  req.setBodyArg("authz", "signed");
+  req.setBodyArg("st", "authtoken");
+  req.setBodyArg("refresh", null);
+  req.setBodyArg("oauthState", "");
+  req.setBodyArg("OAUTH_USE_TOKEN", "always");
+  req.setHeader("Content-Type", "application/x-www-form-urlencoded");
+
+  var resp = this.makeFakeResponse(gadgets.json.stringify(
+      { 'http://target.example.com/somepage' : { 
+          'oauthApprovalUrl' : 'http://sp.example.com/authz?oauth_token=foo',
+          'oauthState' : 'newState' 
+         }
+      }));
+
+  this.fakeXhrs.expect(req, resp);
+
+  var resp = null;
+  var params = {};
+  params["AUTHORIZATION"] = "SIGNED";
+  params["OAUTH_USE_TOKEN"] = "always";
+  gadgets.io.makeRequest(
+      "http://target.example.com/somepage",
+      function(data) {
+        resp = data;
+      },
+      params);
+  this.assertEquals("http://sp.example.com/authz?oauth_token=foo",
+      resp.oauthApprovalUrl);
+};
+
 IoTest.prototype.testOAuth_error = function() {
   gadgets.io.clearOAuthState();
   var req = new fakeXhr.Expectation("POST", "http://example.com/json");