chromium/src
0
Fork 0
Code Activity

[google_apis] Remove unused OAuthRequestSigner

Browse Source 
Bug: None
Change-Id: I363cd0f8844f88e2d29437db784670d68eda6827
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6058312
Reviewed-by: Mihai Sardarescu <msarda@chromium.org>
Auto-Submit: Alex Ilin <alexilin@chromium.org>
Commit-Queue: Alex Ilin <alexilin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1391067}
This commit is contained in:
Alex Ilin
2024-12-03 17:30:17 +00:00
committed by Chromium LUCI CQ
parent e104bac8b4
commit fc0f53f3fd
4 changed files with 0 additions and 895 deletions

3
google_apis/BUILD.gn

@ -163,8 +163,6 @@ component("google_apis") {
"gaia/oauth2_mint_token_flow.h",
"gaia/oauth_multilogin_result.cc",
"gaia/oauth_multilogin_result.h",
"gaia/oauth_request_signer.cc",
"gaia/oauth_request_signer.h",
"gaia/token_binding_response_encryption_error.h",
"google_api_keys.cc",
"google_api_keys.h",
@ -268,7 +266,6 @@ test("google_apis_unittests") {
"gaia/oauth2_mint_access_token_fetcher_adapter_unittest.cc",
"gaia/oauth2_mint_token_flow_unittest.cc",
"gaia/oauth_multilogin_result_unittest.cc",
"gaia/oauth_request_signer_unittest.cc",
"google_api_keys_unittest.cc",
"google_api_keys_unittest.h",
]

461
google_apis/gaia/oauth_request_signer.cc

@ -1,461 +0,0 @@
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifdef UNSAFE_BUFFERS_BUILD
// TODO(crbug.com/351564777): Remove this and convert code to safer constructs.
#pragma allow_unsafe_buffers
#endif
#include "google_apis/gaia/oauth_request_signer.h"
#include <stddef.h>
#include <cstdlib>
#include <cstring>
#include <ctime>
#include <map>
#include <string>
#include "base/base64.h"
#include "base/check.h"
#include "base/format_macros.h"
#include "base/notreached.h"
#include "base/rand_util.h"
#include "base/strings/string_util.h"
#include "base/strings/stringprintf.h"
#include "base/time/time.h"
#include "crypto/hmac.h"
#include "url/gurl.h"
namespace {
const int kHexBase = 16;
char kHexDigits[] = "0123456789ABCDEF";
const size_t kHmacDigestLength = 20;
const int kMaxNonceLength = 30;
const int kMinNonceLength = 15;
const char kOAuthConsumerKeyLabel[] = "oauth_consumer_key";
const char kOAuthNonceCharacters[] =
"abcdefghijklmnopqrstuvwyz"
"ABCDEFGHIJKLMNOPQRSTUVWYZ"
"0123456789_";
const char kOAuthNonceLabel[] = "oauth_nonce";
const char kOAuthSignatureLabel[] = "oauth_signature";
const char kOAuthSignatureMethodLabel[] = "oauth_signature_method";
const char kOAuthTimestampLabel[] = "oauth_timestamp";
const char kOAuthTokenLabel[] = "oauth_token";
const char kOAuthVersion[] = "1.0";
const char kOAuthVersionLabel[] = "oauth_version";
enum ParseQueryState {
START_STATE,
KEYWORD_STATE,
VALUE_STATE,
};
const std::string HttpMethodName(OAuthRequestSigner::HttpMethod method) {
switch (method) {
case OAuthRequestSigner::GET_METHOD:
return "GET";
case OAuthRequestSigner::POST_METHOD:
return "POST";
}
NOTREACHED();
}
const std::string SignatureMethodName(
OAuthRequestSigner::SignatureMethod method) {
switch (method) {
case OAuthRequestSigner::HMAC_SHA1_SIGNATURE:
return "HMAC-SHA1";
case OAuthRequestSigner::RSA_SHA1_SIGNATURE:
return "RSA-SHA1";
case OAuthRequestSigner::PLAINTEXT_SIGNATURE:
return "PLAINTEXT";
}
NOTREACHED();
}
std::string BuildBaseString(const GURL& request_base_url,
OAuthRequestSigner::HttpMethod http_method,
const std::string& base_parameters) {
return base::StringPrintf("%s&%s&%s",
HttpMethodName(http_method).c_str(),
OAuthRequestSigner::Encode(
request_base_url.spec()).c_str(),
OAuthRequestSigner::Encode(
base_parameters).c_str());
}
std::string BuildBaseStringParameters(
const OAuthRequestSigner::Parameters& parameters) {
std::string result;
OAuthRequestSigner::Parameters::const_iterator cursor;
OAuthRequestSigner::Parameters::const_iterator limit;
bool first = true;
for (cursor = parameters.begin(), limit = parameters.end();
cursor != limit;
++cursor) {
if (first)
first = false;
else
result += '&';
result += OAuthRequestSigner::Encode(cursor->first);
result += '=';
result += OAuthRequestSigner::Encode(cursor->second);
}
return result;
}
std::string GenerateNonce() {
char result[kMaxNonceLength + 1];
int length = base::RandUint64() % (kMaxNonceLength - kMinNonceLength + 1) +
kMinNonceLength;
result[length] = '\0';
for (int index = 0; index < length; ++index)
result[index] = kOAuthNonceCharacters[
base::RandUint64() % (sizeof(kOAuthNonceCharacters) - 1)];
return result;
}
std::string GenerateTimestamp() {
return base::StringPrintf(
"%" PRId64,
(base::Time::NowFromSystemTime() - base::Time::UnixEpoch()).InSeconds());
}
// Creates a string-to-string, keyword-value map from a parameter/query string
// that uses ampersand (&) to seperate paris and equals (=) to seperate
// keyword from value.
bool ParseQuery(const std::string& query,
OAuthRequestSigner::Parameters* parameters_result) {
std::string::const_iterator cursor;
std::string keyword;
std::string::const_iterator limit;
OAuthRequestSigner::Parameters parameters;
ParseQueryState state;
std::string value;
state = START_STATE;
for (cursor = query.begin(), limit = query.end();
cursor != limit;
++cursor) {
char character = *cursor;
switch (state) {
case KEYWORD_STATE:
switch (character) {
case '&':
parameters[keyword] = value;
keyword = "";
value = "";
state = START_STATE;
break;
case '=':
state = VALUE_STATE;
break;
default:
keyword += character;
}
break;
case START_STATE:
switch (character) {
case '&': // Intentionally falling through
case '=':
return false;
default:
keyword += character;
state = KEYWORD_STATE;
}
break;
case VALUE_STATE:
switch (character) {
case '=':
return false;
case '&':
parameters[keyword] = value;
keyword = "";
value = "";
state = START_STATE;
break;
default:
value += character;
}
break;
}
}
switch (state) {
case START_STATE:
break;
case KEYWORD_STATE: // Intentionally falling through
case VALUE_STATE:
parameters[keyword] = value;
break;
default:
NOTREACHED();
}
*parameters_result = parameters;
return true;
}
// Creates the value for the oauth_signature parameter when the
// oauth_signature_method is HMAC-SHA1.
bool SignHmacSha1(const std::string& text,
const std::string& key,
std::string* signature_return) {
crypto::HMAC hmac(crypto::HMAC::SHA1);
DCHECK(hmac.DigestLength() == kHmacDigestLength);
unsigned char digest[kHmacDigestLength];
bool result = hmac.Init(key) &&
hmac.Sign(text, digest, kHmacDigestLength);
if (result) {
*signature_return = base::Base64Encode(digest);
}
return result;
}
// Creates the value for the oauth_signature parameter when the
// oauth_signature_method is PLAINTEXT.
//
// Not yet implemented, and might never be.
bool SignPlaintext(const std::string& text,
const std::string& key,
std::string* result) {
NOTIMPLEMENTED();
return false;
}
// Creates the value for the oauth_signature parameter when the
// oauth_signature_method is RSA-SHA1.
//
// Not yet implemented, and might never be.
bool SignRsaSha1(const std::string& text,
const std::string& key,
std::string* result) {
NOTIMPLEMENTED();
return false;
}
// Adds parameters that are required by OAuth added as needed to |parameters|.
void PrepareParameters(OAuthRequestSigner::Parameters* parameters,
OAuthRequestSigner::SignatureMethod signature_method,
OAuthRequestSigner::HttpMethod http_method,
const std::string& consumer_key,
const std::string& token_key) {
if (parameters->find(kOAuthNonceLabel) == parameters->end())
(*parameters)[kOAuthNonceLabel] = GenerateNonce();
if (parameters->find(kOAuthTimestampLabel) == parameters->end())
(*parameters)[kOAuthTimestampLabel] = GenerateTimestamp();
(*parameters)[kOAuthConsumerKeyLabel] = consumer_key;
(*parameters)[kOAuthSignatureMethodLabel] =
SignatureMethodName(signature_method);
(*parameters)[kOAuthTokenLabel] = token_key;
(*parameters)[kOAuthVersionLabel] = kOAuthVersion;
}
// Implements shared signing logic, generating the signature and storing it in
// |parameters|. Returns true if the signature has been generated succesfully.
bool SignParameters(const GURL& request_base_url,
OAuthRequestSigner::SignatureMethod signature_method,
OAuthRequestSigner::HttpMethod http_method,
const std::string& consumer_key,
const std::string& consumer_secret,
const std::string& token_key,
const std::string& token_secret,
OAuthRequestSigner::Parameters* parameters) {
DCHECK(request_base_url.is_valid());
PrepareParameters(parameters, signature_method, http_method,
consumer_key, token_key);
std::string base_parameters = BuildBaseStringParameters(*parameters);
std::string base = BuildBaseString(request_base_url, http_method,
base_parameters);
std::string key = consumer_secret + '&' + token_secret;
bool is_signed = false;
std::string signature;
switch (signature_method) {
case OAuthRequestSigner::HMAC_SHA1_SIGNATURE:
is_signed = SignHmacSha1(base, key, &signature);
break;
case OAuthRequestSigner::RSA_SHA1_SIGNATURE:
is_signed = SignRsaSha1(base, key, &signature);
break;
case OAuthRequestSigner::PLAINTEXT_SIGNATURE:
is_signed = SignPlaintext(base, key, &signature);
break;
default:
NOTREACHED();
}
if (is_signed)
(*parameters)[kOAuthSignatureLabel] = signature;
return is_signed;
}
} // namespace
// static
bool OAuthRequestSigner::Decode(const std::string& text,
std::string* decoded_text) {
std::string accumulator;
std::string::const_iterator cursor;
std::string::const_iterator limit;
for (limit = text.end(), cursor = text.begin(); cursor != limit; ++cursor) {
char character = *cursor;
if (character == '%') {
++cursor;
if (cursor == limit)
return false;
char* first = strchr(kHexDigits, *cursor);
if (!first)
return false;
int high = first - kHexDigits;
DCHECK(high >= 0 && high < kHexBase);
++cursor;
if (cursor == limit)
return false;
char* second = strchr(kHexDigits, *cursor);
if (!second)
return false;
int low = second - kHexDigits;
DCHECK(low >= 0 || low < kHexBase);
char decoded = static_cast<char>(high * kHexBase + low);
DCHECK(!(base::IsAsciiAlpha(decoded) || base::IsAsciiDigit(decoded)));
DCHECK(!(decoded && strchr("-._~", decoded)));
accumulator += decoded;
} else {
accumulator += character;
}
}
*decoded_text = accumulator;
return true;
}
// static
std::string OAuthRequestSigner::Encode(const std::string& text) {
std::string result;
std::string::const_iterator cursor;
std::string::const_iterator limit;
for (limit = text.end(), cursor = text.begin(); cursor != limit; ++cursor) {
char character = *cursor;
if (base::IsAsciiAlpha(character) || base::IsAsciiDigit(character)) {
result += character;
} else {
switch (character) {
case '-':
case '.':
case '_':
case '~':
result += character;
break;
default:
unsigned char byte = static_cast<unsigned char>(character);
result = result + '%' + kHexDigits[byte / kHexBase] +
kHexDigits[byte % kHexBase];
}
}
}
return result;
}
// static
bool OAuthRequestSigner::ParseAndSign(const GURL& request_url_with_parameters,
SignatureMethod signature_method,
HttpMethod http_method,
const std::string& consumer_key,
const std::string& consumer_secret,
const std::string& token_key,
const std::string& token_secret,
std::string* result) {
DCHECK(request_url_with_parameters.is_valid());
Parameters parameters;
if (request_url_with_parameters.has_query()) {
const std::string& query = request_url_with_parameters.query();
if (!query.empty()) {
if (!ParseQuery(query, &parameters))
return false;
}
}
std::string spec = request_url_with_parameters.spec();
std::string url_without_parameters = spec;
std::string::size_type question = spec.find("?");
if (question != std::string::npos)
url_without_parameters = spec.substr(0,question);
return SignURL(GURL(url_without_parameters), parameters, signature_method,
http_method, consumer_key, consumer_secret, token_key,
token_secret, result);
}
// static
bool OAuthRequestSigner::SignURL(
const GURL& request_base_url,
const Parameters& request_parameters,
SignatureMethod signature_method,
HttpMethod http_method,
const std::string& consumer_key,
const std::string& consumer_secret,
const std::string& token_key,
const std::string& token_secret,
std::string* signed_text_return) {
DCHECK(request_base_url.is_valid());
Parameters parameters(request_parameters);
bool is_signed = SignParameters(request_base_url, signature_method,
http_method, consumer_key, consumer_secret,
token_key, token_secret, &parameters);
if (is_signed) {
std::string signed_text;
switch (http_method) {
case GET_METHOD:
signed_text = request_base_url.spec() + '?';
[[fallthrough]];
case POST_METHOD:
signed_text += BuildBaseStringParameters(parameters);
break;
default:
NOTREACHED();
}
*signed_text_return = signed_text;
}
return is_signed;
}
// static
bool OAuthRequestSigner::SignAuthHeader(
const GURL& request_base_url,
const Parameters& request_parameters,
SignatureMethod signature_method,
HttpMethod http_method,
const std::string& consumer_key,
const std::string& consumer_secret,
const std::string& token_key,
const std::string& token_secret,
std::string* signed_text_return) {
DCHECK(request_base_url.is_valid());
Parameters parameters(request_parameters);
bool is_signed = SignParameters(request_base_url, signature_method,
http_method, consumer_key, consumer_secret,
token_key, token_secret, &parameters);
if (is_signed) {
std::string signed_text = "OAuth ";
bool first = true;
for (Parameters::const_iterator param = parameters.begin();
param != parameters.end();
++param) {
if (first)
first = false;
else
signed_text += ", ";
signed_text +=
base::StringPrintf(
"%s=\"%s\"",
OAuthRequestSigner::Encode(param->first).c_str(),
OAuthRequestSigner::Encode(param->second).c_str());
}
*signed_text_return = signed_text;
}
return is_signed;
}

101
google_apis/gaia/oauth_request_signer.h

@ -1,101 +0,0 @@
// Copyright 2011 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef GOOGLE_APIS_GAIA_OAUTH_REQUEST_SIGNER_H_
#define GOOGLE_APIS_GAIA_OAUTH_REQUEST_SIGNER_H_
#include <map>
#include <string>
#include "base/component_export.h"
class GURL;
// Implements the OAuth request signing process as described here:
// http://oauth.net/core/1.0/#signing_process
//
// NOTE: Currently the only supported SignatureMethod is HMAC_SHA1_SIGNATURE
class COMPONENT_EXPORT(GOOGLE_APIS) OAuthRequestSigner {
public:
enum SignatureMethod {
HMAC_SHA1_SIGNATURE,
RSA_SHA1_SIGNATURE,
PLAINTEXT_SIGNATURE
};
enum HttpMethod {
GET_METHOD,
POST_METHOD
};
typedef std::map<std::string,std::string> Parameters;
OAuthRequestSigner() = delete;
OAuthRequestSigner(const OAuthRequestSigner&) = delete;
OAuthRequestSigner& operator=(const OAuthRequestSigner&) = delete;
// Percent encoding and decoding for OAuth.
//
// The form of percent encoding used for OAuth request signing is very
// specific and strict. See http://oauth.net/core/1.0/#encoding_parameters.
// This definition is considered the current standard as of January 2005.
// While as of July 2011 many systems to do not comply, any valid OAuth
// implementation must comply.
//
// Any character which is in the "unreserved set" MUST NOT be encoded.
// All other characters MUST be encoded.
//
// The unreserved set is comprised of the alphanumeric characters and these
// others:
// - minus (-)
// - period (.)
// - underscore (_)
// - tilde (~)
static bool Decode(const std::string& text, std::string* decoded_text);
static std::string Encode(const std::string& text);
// Signs a request specified as URL string, complete with parameters.
//
// If HttpMethod is GET_METHOD, the signed result is the full URL, otherwise
// it is the request parameters, including the oauth_signature field.
static bool ParseAndSign(const GURL& request_url_with_parameters,
SignatureMethod signature_method,
HttpMethod http_method,
const std::string& consumer_key,
const std::string& consumer_secret,
const std::string& token_key,
const std::string& token_secret,
std::string* signed_result);
// Signs a request specified as the combination of a base URL string, with
// parameters included in a separate map data structure. NOTE: The base URL
// string must not contain a question mark (?) character. If it does,
// you can use ParseAndSign() instead.
//
// If HttpMethod is GET_METHOD, the signed result is the full URL, otherwise
// it is the request parameters, including the oauth_signature field.
static bool SignURL(const GURL& request_base_url,
const Parameters& parameters,
SignatureMethod signature_method,
HttpMethod http_method,
const std::string& consumer_key,
const std::string& consumer_secret,
const std::string& token_key,
const std::string& token_secret,
std::string* signed_result);
// Similar to SignURL(), but the returned string is not a URL, but the payload
// to for an HTTP Authorization header.
static bool SignAuthHeader(const GURL& request_base_url,
const Parameters& parameters,
SignatureMethod signature_method,
HttpMethod http_method,
const std::string& consumer_key,
const std::string& consumer_secret,
const std::string& token_key,
const std::string& token_secret,
std::string* signed_result);
};
#endif // GOOGLE_APIS_GAIA_OAUTH_REQUEST_SIGNER_H_

330
google_apis/gaia/oauth_request_signer_unittest.cc

@ -1,330 +0,0 @@
// Copyright 2011 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "google_apis/gaia/oauth_request_signer.h"
#include "build/build_config.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
// This value is used to seed the PRNG at the beginning of a sequence of
// operations to produce a repeatable sequence.
#define RANDOM_SEED (0x69E3C47D)
TEST(OAuthRequestSignerTest, Encode) {
ASSERT_EQ(OAuthRequestSigner::Encode("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz"
"0123456789"
"-._~"),
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz"
"0123456789"
"-._~");
ASSERT_EQ(OAuthRequestSigner::Encode(
"https://accounts.google.com/OAuthLogin"),
"https%3A%2F%2Faccounts.google.com%2FOAuthLogin");
ASSERT_EQ(OAuthRequestSigner::Encode("%"), "%25");
ASSERT_EQ(OAuthRequestSigner::Encode("%25"), "%2525");
ASSERT_EQ(OAuthRequestSigner::Encode(
"Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed "
"do eiusmod tempor incididunt ut labore et dolore magna "
"aliqua. Ut enim ad minim veniam, quis nostrud exercitation "
"ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis "
"aute irure dolor in reprehenderit in voluptate velit esse "
"cillum dolore eu fugiat nulla pariatur. Excepteur sint "
"occaecat cupidatat non proident, sunt in culpa qui officia "
"deserunt mollit anim id est laborum."),
"Lorem%20ipsum%20dolor%20sit%20amet%2C%20consectetur%20"
"adipisicing%20elit%2C%20sed%20do%20eiusmod%20tempor%20"
"incididunt%20ut%20labore%20et%20dolore%20magna%20aliqua.%20Ut%20"
"enim%20ad%20minim%20veniam%2C%20quis%20nostrud%20exercitation%20"
"ullamco%20laboris%20nisi%20ut%20aliquip%20ex%20ea%20commodo%20"
"consequat.%20Duis%20aute%20irure%20dolor%20in%20reprehenderit%20"
"in%20voluptate%20velit%20esse%20cillum%20dolore%20eu%20fugiat%20"
"nulla%20pariatur.%20Excepteur%20sint%20occaecat%20cupidatat%20"
"non%20proident%2C%20sunt%20in%20culpa%20qui%20officia%20"
"deserunt%20mollit%20anim%20id%20est%20laborum.");
ASSERT_EQ(OAuthRequestSigner::Encode("!5}&QF~0R-Ecy[?2Cig>6g=;hH!\\Ju4K%UK;"),
"%215%7D%26QF~0R-Ecy%5B%3F2Cig%3E6g%3D%3BhH%21%5CJu4K%25UK%3B");
ASSERT_EQ(OAuthRequestSigner::Encode("1UgHf(r)SkMRS`fRZ/8PsTcXT0:\\<9I=6{|:"),
"1UgHf%28r%29SkMRS%60fRZ%2F8PsTcXT0%3A%5C%3C9I%3D6%7B%7C%3A");
ASSERT_EQ(OAuthRequestSigner::Encode("|<XIy1?o`r\"RuGSX#!:MeP&RLZQM@:\\';2X"),
"%7C%3CXIy1%3Fo%60r%22RuGSX%23%21%3AMeP%26RLZQM%40%3A%5C%27%3B2X");
ASSERT_EQ(OAuthRequestSigner::Encode("#a@A>ZtcQ/yb.~^Q_]daRT?ffK>@A:afWuZL"),
"%23a%40A%3EZtcQ%2Fyb.~%5EQ_%5DdaRT%3FffK%3E%40A%3AafWuZL");
}
// http://crbug.com/685352
#if BUILDFLAG(IS_WIN)
#define MAYBE_DecodeEncoded DISABLED_DecodeEncoded
#else
#define MAYBE_DecodeEncoded DecodeEncoded
#endif
TEST(OAuthRequestSignerTest, MAYBE_DecodeEncoded) {
srand(RANDOM_SEED);
static const int kIterations = 500;
static const int kLengthLimit = 500;
for (int iteration = 0; iteration < kIterations; ++iteration) {
std::string text;
int length = rand() % kLengthLimit;
for (int position = 0; position < length; ++position) {
text += static_cast<char>(rand() % 256);
}
std::string encoded = OAuthRequestSigner::Encode(text);
std::string decoded;
ASSERT_TRUE(OAuthRequestSigner::Decode(encoded, &decoded));
ASSERT_EQ(decoded, text);
}
}
TEST(OAuthRequestSignerTest, SignGet1) {
GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken");
OAuthRequestSigner::Parameters parameters;
parameters["scope"] = "https://accounts.google.com/OAuthLogin";
parameters["oauth_nonce"] = "2oiE_aHdk5qRTz0L9C8Lq0g";
parameters["xaouth_display_name"] = "Chromium";
parameters["oauth_timestamp"] = "1308152953";
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::SignURL(
request_url,
parameters,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::GET_METHOD,
"johndoe", // oauth_consumer_key
"53cR3t", // consumer secret
"4/VGY0MsQadcmO8VnCv9gnhoEooq1v", // oauth_token
"c5e0531ff55dfbb4054e", // token secret
&signed_text));
ASSERT_EQ("https://www.google.com/accounts/o8/GetOAuthToken"
"?oauth_consumer_key=johndoe"
"&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
"&oauth_signature=PFqDTaiyey1UObcvOyI4Ng2HXW0%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1308152953"
"&oauth_token=4%2FVGY0MsQadcmO8VnCv9gnhoEooq1v"
"&oauth_version=1.0"
"&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
"&xaouth_display_name=Chromium",
signed_text);
}
TEST(OAuthRequestSignerTest, SignGet2) {
GURL request_url("https://accounts.google.com/OAuthGetAccessToken");
OAuthRequestSigner::Parameters parameters;
parameters["oauth_timestamp"] = "1308147831";
parameters["oauth_nonce"] = "4d4hZW9DygWQujP2tz06UN";
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::SignURL(
request_url,
parameters,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::GET_METHOD,
"anonymous", // oauth_consumer_key
"anonymous", // consumer secret
"4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
std::string(), // token secret
&signed_text));
ASSERT_EQ(signed_text,
"https://accounts.google.com/OAuthGetAccessToken"
"?oauth_consumer_key=anonymous"
"&oauth_nonce=4d4hZW9DygWQujP2tz06UN"
"&oauth_signature=YiJv%2BEOWsvCDCi13%2FhQBFrr0J7c%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1308147831"
"&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
"&oauth_version=1.0");
}
TEST(OAuthRequestSignerTest, ParseAndSignGet1) {
GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken"
"?scope=https://accounts.google.com/OAuthLogin"
"&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
"&xaouth_display_name=Chromium"
"&oauth_timestamp=1308152953");
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
request_url,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::GET_METHOD,
"anonymous", // oauth_consumer_key
"anonymous", // consumer secret
"4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
std::string(), // token secret
&signed_text));
ASSERT_EQ("https://www.google.com/accounts/o8/GetOAuthToken"
"?oauth_consumer_key=anonymous"
"&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
"&oauth_signature=PH7KP6cP%2BzZ1SJ6WGqBgXwQP9Mc%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1308152953"
"&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
"&oauth_version=1.0"
"&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
"&xaouth_display_name=Chromium",
signed_text);
}
TEST(OAuthRequestSignerTest, ParseAndSignGet2) {
GURL request_url("https://accounts.google.com/OAuthGetAccessToken"
"?oauth_timestamp=1308147831"
"&oauth_nonce=4d4hZW9DygWQujP2tz06UN");
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
request_url,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::GET_METHOD,
"anonymous", // oauth_consumer_key
"anonymous", // consumer secret
"4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
std::string(), // token secret
&signed_text));
ASSERT_EQ(signed_text,
"https://accounts.google.com/OAuthGetAccessToken"
"?oauth_consumer_key=anonymous"
"&oauth_nonce=4d4hZW9DygWQujP2tz06UN"
"&oauth_signature=YiJv%2BEOWsvCDCi13%2FhQBFrr0J7c%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1308147831"
"&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
"&oauth_version=1.0");
}
TEST(OAuthRequestSignerTest, SignPost1) {
GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken");
OAuthRequestSigner::Parameters parameters;
parameters["scope"] = "https://accounts.google.com/OAuthLogin";
parameters["oauth_nonce"] = "2oiE_aHdk5qRTz0L9C8Lq0g";
parameters["xaouth_display_name"] = "Chromium";
parameters["oauth_timestamp"] = "1308152953";
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::SignURL(
request_url,
parameters,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::POST_METHOD,
"anonymous", // oauth_consumer_key
"anonymous", // consumer secret
"4/X8x0r7bHif_VNCLjUMutxGkzo13d", // oauth_token
"b7120598d47594bd3522", // token secret
&signed_text));
ASSERT_EQ("oauth_consumer_key=anonymous"
"&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
"&oauth_signature=vVlfv6dnV2%2Fx7TozS0Gf83zS2%2BQ%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1308152953"
"&oauth_token=4%2FX8x0r7bHif_VNCLjUMutxGkzo13d"
"&oauth_version=1.0"
"&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
"&xaouth_display_name=Chromium",
signed_text);
}
TEST(OAuthRequestSignerTest, SignPost2) {
GURL request_url("https://accounts.google.com/OAuthGetAccessToken");
OAuthRequestSigner::Parameters parameters;
parameters["oauth_timestamp"] = "1234567890";
parameters["oauth_nonce"] = "17171717171717171";
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::SignURL(
request_url,
parameters,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::POST_METHOD,
"anonymous", // oauth_consumer_key
"anonymous", // consumer secret
"4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
std::string(), // token secret
&signed_text));
ASSERT_EQ(signed_text,
"oauth_consumer_key=anonymous"
"&oauth_nonce=17171717171717171"
"&oauth_signature=tPX2XqKQICWzopZ80CFGX%2F53DLo%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1234567890"
"&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
"&oauth_version=1.0");
}
TEST(OAuthRequestSignerTest, ParseAndSignPost1) {
GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken"
"?scope=https://accounts.google.com/OAuthLogin"
"&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
"&xaouth_display_name=Chromium"
"&oauth_timestamp=1308152953");
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
request_url,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::POST_METHOD,
"anonymous", // oauth_consumer_key
"anonymous", // consumer secret
"4/X8x0r7bHif_VNCLjUMutxGkzo13d", // oauth_token
"b7120598d47594bd3522", // token secret
&signed_text));
ASSERT_EQ("oauth_consumer_key=anonymous"
"&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
"&oauth_signature=vVlfv6dnV2%2Fx7TozS0Gf83zS2%2BQ%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1308152953"
"&oauth_token=4%2FX8x0r7bHif_VNCLjUMutxGkzo13d"
"&oauth_version=1.0"
"&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
"&xaouth_display_name=Chromium",
signed_text);
}
TEST(OAuthRequestSignerTest, ParseAndSignPost2) {
GURL request_url("https://accounts.google.com/OAuthGetAccessToken"
"?oauth_timestamp=1234567890"
"&oauth_nonce=17171717171717171");
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
request_url,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::POST_METHOD,
"anonymous", // oauth_consumer_key
"anonymous", // consumer secret
"4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
std::string(), // token secret
&signed_text));
ASSERT_EQ(signed_text,
"oauth_consumer_key=anonymous"
"&oauth_nonce=17171717171717171"
"&oauth_signature=tPX2XqKQICWzopZ80CFGX%2F53DLo%3D"
"&oauth_signature_method=HMAC-SHA1"
"&oauth_timestamp=1234567890"
"&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
"&oauth_version=1.0");
}
TEST(OAuthRequestSignerTest, SignAuthHeader) {
GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken");
OAuthRequestSigner::Parameters parameters;
parameters["scope"] = "https://accounts.google.com/OAuthLogin";
parameters["oauth_nonce"] = "2oiE_aHdk5qRTz0L9C8Lq0g";
parameters["xaouth_display_name"] = "Chromium";
parameters["oauth_timestamp"] = "1308152953";
std::string signed_text;
ASSERT_TRUE(OAuthRequestSigner::SignAuthHeader(
request_url,
parameters,
OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
OAuthRequestSigner::GET_METHOD,
"johndoe", // oauth_consumer_key
"53cR3t", // consumer secret
"4/VGY0MsQadcmO8VnCv9gnhoEooq1v", // oauth_token
"c5e0531ff55dfbb4054e", // token secret
&signed_text));
ASSERT_EQ("OAuth "
"oauth_consumer_key=\"johndoe\", "
"oauth_nonce=\"2oiE_aHdk5qRTz0L9C8Lq0g\", "
"oauth_signature=\"PFqDTaiyey1UObcvOyI4Ng2HXW0%3D\", "
"oauth_signature_method=\"HMAC-SHA1\", "
"oauth_timestamp=\"1308152953\", "
"oauth_token=\"4%2FVGY0MsQadcmO8VnCv9gnhoEooq1v\", "
"oauth_version=\"1.0\", "
"scope=\"https%3A%2F%2Faccounts.google.com%2FOAuthLogin\", "
"xaouth_display_name=\"Chromium\"",
signed_text);
}