You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by be...@apache.org on 2008/10/11 02:07:14 UTC
svn commit: r703611 - in /incubator/shindig/trunk/features/core.io: io.js
iotest.js
Author: beaton
Date: Fri Oct 10 17:07:14 2008
New Revision: 703611
URL: http://svn.apache.org/viewvc?rev=703611&view=rev
Log:
Include OAUTH options on signed fetch requests.
Modified:
incubator/shindig/trunk/features/core.io/io.js
incubator/shindig/trunk/features/core.io/iotest.js
Modified: incubator/shindig/trunk/features/core.io/io.js
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/features/core.io/io.js?rev=703611&r1=703610&r2=703611&view=diff
==============================================================================
--- incubator/shindig/trunk/features/core.io/io.js (original)
+++ incubator/shindig/trunk/features/core.io/io.js Fri Oct 10 17:07:14 2008
@@ -344,7 +344,7 @@
};
// OAuth goodies
- if (params.AUTHORIZATION === "OAUTH") {
+ if (auth === "oauth" || auth === "signed") {
paramData.oauthState = oauthState || "";
// Just copy the OAuth parameters into the req to the server
for (opt in params) if (params.hasOwnProperty(opt)) {
Modified: incubator/shindig/trunk/features/core.io/iotest.js
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/features/core.io/iotest.js?rev=703611&r1=703610&r2=703611&view=diff
==============================================================================
--- incubator/shindig/trunk/features/core.io/iotest.js (original)
+++ incubator/shindig/trunk/features/core.io/iotest.js Fri Oct 10 17:07:14 2008
@@ -341,6 +341,7 @@
};
IoTest.prototype.testSignedGet = function() {
+ gadgets.io.clearOAuthState();
var req = new fakeXhr.Expectation("POST", "http://example.com/json");
this.setStandardArgs(req, true);
req.setBodyArg("url", "http://target.example.com/somepage");
@@ -348,6 +349,7 @@
req.setBodyArg("signViewer", "true");
req.setBodyArg("authz", "signed");
req.setBodyArg("st", "authtoken");
+ req.setBodyArg("oauthState", "");
req.setBodyArg("refresh", null);
req.setHeader("Content-Type", "application/x-www-form-urlencoded");
@@ -369,6 +371,7 @@
};
IoTest.prototype.testSignedPost = function() {
+ gadgets.io.clearOAuthState();
var req = new fakeXhr.Expectation("POST", "http://example.com/json");
this.setStandardArgs(req, true);
req.setBodyArg("url", "http://target.example.com/somepage");
@@ -376,6 +379,7 @@
req.setBodyArg("signViewer", "true");
req.setBodyArg("authz", "signed");
req.setBodyArg("st", "authtoken");
+ req.setBodyArg("oauthState", "");
req.setBodyArg("refresh", null);
req.setBodyArg("httpMethod", "POST");
req.setBodyArg("headers", "Content-Type=application%2fx-www-form-urlencoded");
@@ -400,6 +404,7 @@
};
IoTest.prototype.testSignedGet_noViewerBoolean = function() {
+ gadgets.io.clearOAuthState();
var req = new fakeXhr.Expectation("POST", "http://example.com/json");
this.setStandardArgs(req, true);
req.setBodyArg("url", "http://target.example.com/somepage");
@@ -407,6 +412,7 @@
req.setBodyArg("signViewer", "false");
req.setBodyArg("authz", "signed");
req.setBodyArg("st", "authtoken");
+ req.setBodyArg("oauthState", "");
req.setBodyArg("refresh", null);
req.setHeader("Content-Type", "application/x-www-form-urlencoded");
@@ -429,6 +435,7 @@
};
IoTest.prototype.testSignedGet_noViewerString = function() {
+ gadgets.io.clearOAuthState();
var req = new fakeXhr.Expectation("POST", "http://example.com/json");
this.setStandardArgs(req, true);
req.setBodyArg("url", "http://target.example.com/somepage");
@@ -436,6 +443,7 @@
req.setBodyArg("signViewer", "false");
req.setBodyArg("authz", "signed");
req.setBodyArg("st", "authtoken");
+ req.setBodyArg("oauthState", "");
req.setBodyArg("refresh", null);
req.setHeader("Content-Type", "application/x-www-form-urlencoded");
@@ -458,6 +466,7 @@
};
IoTest.prototype.testSignedGet_withNoOwnerAndViewerString = function() {
+ gadgets.io.clearOAuthState();
var req = new fakeXhr.Expectation("POST", "http://example.com/json");
this.setStandardArgs(req, true);
req.setBodyArg("url", "http://target.example.com/somepage");
@@ -465,6 +474,7 @@
req.setBodyArg("signViewer", "true");
req.setBodyArg("authz", "signed");
req.setBodyArg("st", "authtoken");
+ req.setBodyArg("oauthState", "");
req.setBodyArg("refresh", null);
req.setHeader("Content-Type", "application/x-www-form-urlencoded");
@@ -545,6 +555,41 @@
this.assertEquals("personal data", resp.text);
};
+IoTest.prototype.testSignedEquivalentToOAuth = function() {
+ gadgets.io.clearOAuthState();
+ var req = new fakeXhr.Expectation("POST", "http://example.com/json");
+ this.setStandardArgs(req, true);
+ req.setBodyArg("url", "http://target.example.com/somepage");
+ req.setBodyArg("authz", "signed");
+ req.setBodyArg("st", "authtoken");
+ req.setBodyArg("refresh", null);
+ req.setBodyArg("oauthState", "");
+ req.setBodyArg("OAUTH_USE_TOKEN", "always");
+ req.setHeader("Content-Type", "application/x-www-form-urlencoded");
+
+ var resp = this.makeFakeResponse(gadgets.json.stringify(
+ { 'http://target.example.com/somepage' : {
+ 'oauthApprovalUrl' : 'http://sp.example.com/authz?oauth_token=foo',
+ 'oauthState' : 'newState'
+ }
+ }));
+
+ this.fakeXhrs.expect(req, resp);
+
+ var resp = null;
+ var params = {};
+ params["AUTHORIZATION"] = "SIGNED";
+ params["OAUTH_USE_TOKEN"] = "always";
+ gadgets.io.makeRequest(
+ "http://target.example.com/somepage",
+ function(data) {
+ resp = data;
+ },
+ params);
+ this.assertEquals("http://sp.example.com/authz?oauth_token=foo",
+ resp.oauthApprovalUrl);
+};
+
IoTest.prototype.testOAuth_error = function() {
gadgets.io.clearOAuthState();
var req = new fakeXhr.Expectation("POST", "http://example.com/json");