1 # Copyright 2010 Google Inc.
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
18 require "google/api_client/auth/oauth_1"
19 require "addressable/uri"
21 describe Google::APIClient::OAuth1, "configured for use with Buzz" do
23 @oauth = Google::APIClient::OAuth1.new(:service => :buzz)
26 it "should have the correct authorization_uri" do
27 @oauth.authorization_endpoint_uri.should ==
28 "https://www.google.com/buzz/api/auth/OAuthAuthorizeToken"
31 it "should have the correct scope" do
32 @oauth.scopes.should include("https://www.googleapis.com/auth/buzz")
35 it "should be able to get a request token" do
36 @oauth.request_token.token.should =~ /^[a-zA-Z0-9\/\-\_\+]+$/
37 @oauth.request_token.secret.should =~ /^[a-zA-Z0-9\/\-\_\+]+$/
40 it "should issue only a single request token" do
41 @oauth.request_token.token.should == @oauth.request_token.token
42 @oauth.request_token.secret.should == @oauth.request_token.secret
45 it "should build the correct authorization URI" do
46 icon_uri = "http://www.google.com/images/icons/feature/padlock-g128.png"
47 uri = @oauth.authorization_uri(
48 :domain => @oauth.consumer_key,
50 :scope => @oauth.scopes.join(" ")
53 /^https:\/\/www.google.com\/buzz\/api\/auth\/OAuthAuthorizeToken/
54 Addressable::URI.unencode(uri).should =~
55 Regexp.new(Regexp.escape(@oauth.request_token.token))
56 Addressable::URI.unencode(uri).should =~
57 Regexp.new(Regexp.escape(icon_uri))
58 for scope in @oauth.scopes
59 Addressable::URI.unencode(uri).should =~
60 Regexp.new(Regexp.escape(scope))
64 # Not much we can do to test any further into the OAuth flow