public function testCreateRequestFromConsumerAndToken()
{
$cons = new \OAuth\Consumer('key', 'kd94hf93k423kf44');
$token = new \OAuth\Token('token', 'pfkkdhi9sl3r4s00');
$request = \OAuth\Request::fromConsumerAndToken($cons, $token, 'POST', 'http://example.com');
$this->assertEquals('POST', $request->getNormalizedHttpMethod());
$this->assertEquals('http://example.com', $request->getNormalizedHttpUrl());
$this->assertEquals('1.0', $request->getParameter('oauth_version'));
$this->assertEquals($cons->getKey(), $request->getParameter('oauth_consumer_key'));
$this->assertEquals($token->getKey(), $request->getParameter('oauth_token'));
$this->assertEquals(time(), $request->getParameter('oauth_timestamp'));
$this->assertRegExp('/[0-9a-f]{32}/', $request->getParameter('oauth_nonce'));
// We don't know what the nonce will be, except it'll be md5 and hence 32 hexa digits
$request = \OAuth\Request::fromConsumerAndToken($cons, $token, 'POST', 'http://example.com', array('oauth_nonce' => 'foo'));
$this->assertEquals('foo', $request->getParameter('oauth_nonce'));
$request = \OAuth\Request::fromConsumerAndToken($cons, NULL, 'POST', 'http://example.com', array('oauth_nonce' => 'foo'));
$this->assertNull($request->getParameter('oauth_token'));
// Test that parameters given in the $http_url instead of in the $parameters-parameter
// will still be picked up
$request = \OAuth\Request::fromConsumerAndToken($cons, $token, 'POST', 'http://example.com/?foo=bar');
$this->assertEquals('http://example.com/', $request->getNormalizedHttpUrl());
$this->assertEquals('bar', $request->getParameter('foo'));
}
public function testRejectAccessTokenSignedAccessTokenRequest()
{
// We request a new Access Token, but the request is signed with an access token, so fail!
$request = \OAuth\Request::fromConsumerAndToken($this->consumer, $this->access_token, 'POST', 'http://example.com');
$request->signRequest($this->plaintext, $this->consumer, $this->access_token);
$this->setExpectedException('\\OAuth\\Exception');
$token = $this->server->fetchAccessToken($request);
}
} else {
if ($action == "authorize") {
$callback_url = "{$base_url}/client.php?key={$key}&secret={$secret}&token={$token}&token_secret={$token_secret}&endpoint=" . urlencode($endpoint);
$auth_url = $endpoint . "?oauth_token={$token}&oauth_callback=" . urlencode($callback_url);
if ($dump_request) {
header('Content-type: text/plain');
print "auth_url: " . $auth_url;
exit;
}
header("Location: {$auth_url}");
} else {
if ($action == "access_token") {
$parsed = parse_url($endpoint);
$params = array();
parse_str($parsed['query'], $params);
$acc_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $test_token, "GET", $endpoint, $params);
$acc_req->signRequest($sig_method, $test_consumer, $test_token);
if ($dump_request) {
header('Content-type: text/plain');
print "request url: " . $acc_req->to_url() . "\n";
print_r($acc_req);
exit;
}
header("Location: {$acc_req}");
}
}
}
?>
<html>
<head>
<title>OAuth Test Client</title>
<?php
require_once "common.inc.php";
$test_consumer = new \OAuth\Consumer("key", "secret", NULL);
$req_token = new \OAuth\Consumer("requestkey", "requestsecret", 1);
$acc_token = new \OAuth\Consumer("accesskey", "accesssecret", 1);
$sig_method = $hmac_method;
$user_sig_method = @$_GET['sig_method'];
if ($user_sig_method) {
$sig_method = $sig_methods[$user_sig_method];
}
$req_req = \OAuth\Request::fromConsumerAndToken($test_consumer, NULL, "GET", $base_url . "/request_token.php");
$req_req->signRequest($sig_method, $test_consumer, NULL);
$acc_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $req_token, "GET", $base_url . "/access_token.php");
$acc_req->signRequest($sig_method, $test_consumer, $req_token);
$echo_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $acc_token, "GET", $base_url . "/echo_api.php", array("method" => "foo%20bar", "bar" => "baz"));
$echo_req->signRequest($sig_method, $test_consumer, $acc_token);
?>
<html>
<head>
<title>OAuth Test Server</title>
</head>
<body>
<div><a href="index.php">server</a> | <a href="client.php">client</a></div>
<h1>OAuth Test Server</h1>
<h2>Instructions for Use</h2>
<p>This is a test server with a predefined static set of keys and tokens, you can make your requests using them to test your code (and mine ;)).</p>
<h3>Your Consumer Key / Secret</h3>
<ul>
<li>consumer key: <code><strong>key</strong></code></li>
<li>consumer secret: <code><strong>secret</strong></code></li>
