Hi,
Attached is a patch that allows to set the signature method like this:
require 'oauth/signature/plaintext'
consumer = OAuth::Consumer.new(
...
:signature_method => 'PLAINTEXT'
)
I hope it was intended to work like that. The option on the consumer
was previosly named :oauth_signature_method but I couldn't find
anything in the code that relied on it.
It also fixes the plaintext signature encoding, assuming that the
implementation at term.ie is correct.
Til
[
oauth_plaintext.patch ]
Index: test/test_consumer.rb
===================================================================
--- test/test_consumer.rb (revision 27)
+++ test/test_consumer.rb (working copy)
@@ -87,6 +87,41 @@
assert_equal "OAuth realm=\"\", oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"1oO2izFav1GP4kEH2EskwXkCRFg%3D\", oauth_version=\"1.0\"", request['authorization']
end
+ def test_that_setting_signature_method_on_consumer_effects_signing
+ require 'oauth/signature/plaintext'
+ request = Net::HTTP::Get.new(@request_uri.path)
+ consumer = @consumer.dup
+ consumer.options[:signature_method] = 'PLAINTEXT'
+ token = OAuth::ConsumerToken.new(consumer, 'token_411a7f', '3196ffd991c8ebdb')
+ token.sign!(request, {:nonce => @nonce, :timestamp => @timestamp})
+
+ assert_no_match /oauth_signature_method="HMAC-SHA1"/, request['authorization']
+ assert_match /oauth_signature_method="PLAINTEXT"/, request['authorization']
+ end
+
+ def test_that_setting_signature_method_on_consumer_effects_signature_base_strin g
+ require 'oauth/signature/plaintext'
+ request = Net::HTTP::Get.new(@request_uri.path)
+ consumer = @consumer.dup
+ consumer.options[:signature_method] = 'PLAINTEXT'
+
+ request = Net::HTTP::Get.new('/')
+ signature_base_string = consumer.signature_base_string(request)
+
+ assert_no_match /HMAC-SHA1/, signature_base_string
+ assert_equal "#{consumer.secret}%26", signature_base_string
+ end
+
+ def test_that_plaintext_signature_works
+ require 'oauth/signature/plaintext'
+ consumer = OAuth::Consumer.new("key", "secret",
+ :site => "http://term.ie", :signature_method => 'PLAINTEXT')
+ access_token = OAuth::AccessToken.new(consumer, 'accesskey', 'accesssecret')
+ response = access_token.get("/oauth/example/echo_api.php?echo=hello")
+
+ assert_equal 'echo=hello', response.body
+ end
+
def test_that_signing_auth_headers_on_post_requests_works
request = Net::HTTP::Post.new(@request_uri.path)
request.set_form_data( @request_parameters )
Index: lib/oauth/signature/plaintext.rb
===================================================================
--- lib/oauth/signature/plaintext.rb (revision 27)
+++ lib/oauth/signature/plaintext.rb (working copy)
@@ -15,5 +15,9 @@
def signature_base_string
secret
end
+
+ def secret
+ escape super
+ end
end
end
Index: lib/oauth/consumer.rb
===================================================================
--- lib/oauth/consumer.rb (revision 27)
+++ lib/oauth/consumer.rb (working copy)
@@ -6,7 +6,7 @@
@@default_options={
# Signature method used by server. Defaults to HMAC-SHA1
- :oauth_signature_method=>'HMAC-SHA1',
+ :signature_method => 'HMAC-SHA1',
# default paths on site. These are the same as the defaults set up by the generators
:request_token_path=>'/oauth/request_token',
@@ -121,12 +121,12 @@
# Sign the Request object. Use this if you have an externally generated http request object you want to sign.
def sign!(request,token=nil, request_options = {})
- request.oauth!(http,self,token,{:scheme=>scheme}.merge(request_options))
+ request.oauth!(http, self, token, options.merge(request_options))
end
# Return the signature_base_string
def signature_base_string(request,token=nil, request_options = {})
- request.signature_base_string(http,self,token,{:scheme=>scheme}.merge(reque st_options))
+ request.signature_base_string(http, self, token, options.merge(request_options))
end
def site
