OAuthAuthenticationTest.java

/**
 * Copyright (C) 2008 Abiquo Holdings S.L.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.abiquo.apiclient;

import static com.abiquo.apiclient.auth.OAuthAuthentication.oauth;
import static org.testng.Assert.assertNotNull;
import static org.testng.Assert.assertTrue;

import java.util.List;
import java.util.Map;

import org.testng.annotations.Test;

import com.abiquo.model.transport.SingleResourceTransportDto;
import com.google.common.base.Splitter;
import com.google.common.collect.ImmutableList;
import com.google.common.net.HttpHeaders;
import com.squareup.okhttp.mockwebserver.MockResponse;
import com.squareup.okhttp.mockwebserver.RecordedRequest;

@Test
public class OAuthAuthenticationTest extends BaseMockTest
{
    private static final String OAUTH_PREFIX = "OAuth ";

    private static final List<String> OAUTH_PARAMS = ImmutableList.of("oauth_consumer_key",
        "oauth_token", "oauth_signature_method", "oauth_signature", "oauth_timestamp",
        "oauth_nonce", "oauth_version");

    public void testOAuthAuthentication() throws Exception
    {
        server.enqueue(new MockResponse());
        server.start();

        ApiClient api = ApiClient.builder() //
            .endpoint(baseUrl()) //
            .authentication( //
                oauth("consumer-key", //
                    "consumer-secret", //
                    "access-token", //
                    "access-token-secret")) //
            .build();

        api.getClient().get("/", "application/json", SingleResourceTransportDto.class);

        RecordedRequest request = server.takeRequest();

        String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
        assertNotNull(authHeader);
        assertTrue(authHeader.startsWith(OAUTH_PREFIX));

        // Verify the OAuth authentication parameters, but don't verify the values.
        // We trust the underlying OAuth library
        Map<String, String> headerParams =
            Splitter.on(',').omitEmptyStrings().trimResults().withKeyValueSeparator('=')
                .split(authHeader.substring(OAUTH_PREFIX.length()));
        assertTrue(headerParams.keySet().containsAll(OAUTH_PARAMS));
    }

}