Roll src/third_party/WebKit 3aea697:d9c6159 (svn 201973:201974)
[chromium-blink-merge.git] / google_apis / gaia / oauth_request_signer_unittest.cc
blob30358e0aa542c71eac002175e39fb0c4e0644284
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "google_apis/gaia/oauth_request_signer.h"
7 #include "testing/gtest/include/gtest/gtest.h"
8 #include "url/gurl.h"
10 // This value is used to seed the PRNG at the beginning of a sequence of
11 // operations to produce a repeatable sequence.
12 #define RANDOM_SEED (0x69E3C47D)
14 TEST(OAuthRequestSignerTest, Encode) {
15 ASSERT_EQ(OAuthRequestSigner::Encode("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
16 "abcdefghijklmnopqrstuvwxyz"
17 "0123456789"
18 "-._~"),
19 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
20 "abcdefghijklmnopqrstuvwxyz"
21 "0123456789"
22 "-._~");
23 ASSERT_EQ(OAuthRequestSigner::Encode(
24 "https://accounts.google.com/OAuthLogin"),
25 "https%3A%2F%2Faccounts.google.com%2FOAuthLogin");
26 ASSERT_EQ(OAuthRequestSigner::Encode("%"), "%25");
27 ASSERT_EQ(OAuthRequestSigner::Encode("%25"), "%2525");
28 ASSERT_EQ(OAuthRequestSigner::Encode(
29 "Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed "
30 "do eiusmod tempor incididunt ut labore et dolore magna "
31 "aliqua. Ut enim ad minim veniam, quis nostrud exercitation "
32 "ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis "
33 "aute irure dolor in reprehenderit in voluptate velit esse "
34 "cillum dolore eu fugiat nulla pariatur. Excepteur sint "
35 "occaecat cupidatat non proident, sunt in culpa qui officia "
36 "deserunt mollit anim id est laborum."),
37 "Lorem%20ipsum%20dolor%20sit%20amet%2C%20consectetur%20"
38 "adipisicing%20elit%2C%20sed%20do%20eiusmod%20tempor%20"
39 "incididunt%20ut%20labore%20et%20dolore%20magna%20aliqua.%20Ut%20"
40 "enim%20ad%20minim%20veniam%2C%20quis%20nostrud%20exercitation%20"
41 "ullamco%20laboris%20nisi%20ut%20aliquip%20ex%20ea%20commodo%20"
42 "consequat.%20Duis%20aute%20irure%20dolor%20in%20reprehenderit%20"
43 "in%20voluptate%20velit%20esse%20cillum%20dolore%20eu%20fugiat%20"
44 "nulla%20pariatur.%20Excepteur%20sint%20occaecat%20cupidatat%20"
45 "non%20proident%2C%20sunt%20in%20culpa%20qui%20officia%20"
46 "deserunt%20mollit%20anim%20id%20est%20laborum.");
47 ASSERT_EQ(OAuthRequestSigner::Encode("!5}&QF~0R-Ecy[?2Cig>6g=;hH!\\Ju4K%UK;"),
48 "%215%7D%26QF~0R-Ecy%5B%3F2Cig%3E6g%3D%3BhH%21%5CJu4K%25UK%3B");
49 ASSERT_EQ(OAuthRequestSigner::Encode("1UgHf(r)SkMRS`fRZ/8PsTcXT0:\\<9I=6{|:"),
50 "1UgHf%28r%29SkMRS%60fRZ%2F8PsTcXT0%3A%5C%3C9I%3D6%7B%7C%3A");
51 ASSERT_EQ(OAuthRequestSigner::Encode("|<XIy1?o`r\"RuGSX#!:MeP&RLZQM@:\\';2X"),
52 "%7C%3CXIy1%3Fo%60r%22RuGSX%23%21%3AMeP%26RLZQM%40%3A%5C%27%3B2X");
53 ASSERT_EQ(OAuthRequestSigner::Encode("#a@A>ZtcQ/yb.~^Q_]daRT?ffK>@A:afWuZL"),
54 "%23a%40A%3EZtcQ%2Fyb.~%5EQ_%5DdaRT%3FffK%3E%40A%3AafWuZL");
57 TEST(OAuthRequestSignerTest, DecodeEncoded) {
58 srand(RANDOM_SEED);
59 static const int kIterations = 500;
60 static const int kLengthLimit = 500;
61 for (int iteration = 0; iteration < kIterations; ++iteration) {
62 std::string text;
63 int length = rand() % kLengthLimit;
64 for (int position = 0; position < length; ++position) {
65 text += static_cast<char>(rand() % 256);
67 std::string encoded = OAuthRequestSigner::Encode(text);
68 std::string decoded;
69 ASSERT_TRUE(OAuthRequestSigner::Decode(encoded, &decoded));
70 ASSERT_EQ(decoded, text);
74 TEST(OAuthRequestSignerTest, SignGet1) {
75 GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken");
76 OAuthRequestSigner::Parameters parameters;
77 parameters["scope"] = "https://accounts.google.com/OAuthLogin";
78 parameters["oauth_nonce"] = "2oiE_aHdk5qRTz0L9C8Lq0g";
79 parameters["xaouth_display_name"] = "Chromium";
80 parameters["oauth_timestamp"] = "1308152953";
81 std::string signed_text;
82 ASSERT_TRUE(OAuthRequestSigner::SignURL(
83 request_url,
84 parameters,
85 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
86 OAuthRequestSigner::GET_METHOD,
87 "johndoe", // oauth_consumer_key
88 "53cR3t", // consumer secret
89 "4/VGY0MsQadcmO8VnCv9gnhoEooq1v", // oauth_token
90 "c5e0531ff55dfbb4054e", // token secret
91 &signed_text));
92 ASSERT_EQ("https://www.google.com/accounts/o8/GetOAuthToken"
93 "?oauth_consumer_key=johndoe"
94 "&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
95 "&oauth_signature=PFqDTaiyey1UObcvOyI4Ng2HXW0%3D"
96 "&oauth_signature_method=HMAC-SHA1"
97 "&oauth_timestamp=1308152953"
98 "&oauth_token=4%2FVGY0MsQadcmO8VnCv9gnhoEooq1v"
99 "&oauth_version=1.0"
100 "&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
101 "&xaouth_display_name=Chromium",
102 signed_text);
105 TEST(OAuthRequestSignerTest, SignGet2) {
106 GURL request_url("https://accounts.google.com/OAuthGetAccessToken");
107 OAuthRequestSigner::Parameters parameters;
108 parameters["oauth_timestamp"] = "1308147831";
109 parameters["oauth_nonce"] = "4d4hZW9DygWQujP2tz06UN";
110 std::string signed_text;
111 ASSERT_TRUE(OAuthRequestSigner::SignURL(
112 request_url,
113 parameters,
114 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
115 OAuthRequestSigner::GET_METHOD,
116 "anonymous", // oauth_consumer_key
117 "anonymous", // consumer secret
118 "4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
119 std::string(), // token secret
120 &signed_text));
121 ASSERT_EQ(signed_text,
122 "https://accounts.google.com/OAuthGetAccessToken"
123 "?oauth_consumer_key=anonymous"
124 "&oauth_nonce=4d4hZW9DygWQujP2tz06UN"
125 "&oauth_signature=YiJv%2BEOWsvCDCi13%2FhQBFrr0J7c%3D"
126 "&oauth_signature_method=HMAC-SHA1"
127 "&oauth_timestamp=1308147831"
128 "&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
129 "&oauth_version=1.0");
132 TEST(OAuthRequestSignerTest, ParseAndSignGet1) {
133 GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken"
134 "?scope=https://accounts.google.com/OAuthLogin"
135 "&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
136 "&xaouth_display_name=Chromium"
137 "&oauth_timestamp=1308152953");
138 std::string signed_text;
139 ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
140 request_url,
141 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
142 OAuthRequestSigner::GET_METHOD,
143 "anonymous", // oauth_consumer_key
144 "anonymous", // consumer secret
145 "4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
146 std::string(), // token secret
147 &signed_text));
148 ASSERT_EQ("https://www.google.com/accounts/o8/GetOAuthToken"
149 "?oauth_consumer_key=anonymous"
150 "&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
151 "&oauth_signature=PH7KP6cP%2BzZ1SJ6WGqBgXwQP9Mc%3D"
152 "&oauth_signature_method=HMAC-SHA1"
153 "&oauth_timestamp=1308152953"
154 "&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
155 "&oauth_version=1.0"
156 "&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
157 "&xaouth_display_name=Chromium",
158 signed_text);
161 TEST(OAuthRequestSignerTest, ParseAndSignGet2) {
162 GURL request_url("https://accounts.google.com/OAuthGetAccessToken"
163 "?oauth_timestamp=1308147831"
164 "&oauth_nonce=4d4hZW9DygWQujP2tz06UN");
165 std::string signed_text;
166 ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
167 request_url,
168 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
169 OAuthRequestSigner::GET_METHOD,
170 "anonymous", // oauth_consumer_key
171 "anonymous", // consumer secret
172 "4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
173 std::string(), // token secret
174 &signed_text));
175 ASSERT_EQ(signed_text,
176 "https://accounts.google.com/OAuthGetAccessToken"
177 "?oauth_consumer_key=anonymous"
178 "&oauth_nonce=4d4hZW9DygWQujP2tz06UN"
179 "&oauth_signature=YiJv%2BEOWsvCDCi13%2FhQBFrr0J7c%3D"
180 "&oauth_signature_method=HMAC-SHA1"
181 "&oauth_timestamp=1308147831"
182 "&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
183 "&oauth_version=1.0");
186 TEST(OAuthRequestSignerTest, SignPost1) {
187 GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken");
188 OAuthRequestSigner::Parameters parameters;
189 parameters["scope"] = "https://accounts.google.com/OAuthLogin";
190 parameters["oauth_nonce"] = "2oiE_aHdk5qRTz0L9C8Lq0g";
191 parameters["xaouth_display_name"] = "Chromium";
192 parameters["oauth_timestamp"] = "1308152953";
193 std::string signed_text;
194 ASSERT_TRUE(OAuthRequestSigner::SignURL(
195 request_url,
196 parameters,
197 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
198 OAuthRequestSigner::POST_METHOD,
199 "anonymous", // oauth_consumer_key
200 "anonymous", // consumer secret
201 "4/X8x0r7bHif_VNCLjUMutxGkzo13d", // oauth_token
202 "b7120598d47594bd3522", // token secret
203 &signed_text));
204 ASSERT_EQ("oauth_consumer_key=anonymous"
205 "&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
206 "&oauth_signature=vVlfv6dnV2%2Fx7TozS0Gf83zS2%2BQ%3D"
207 "&oauth_signature_method=HMAC-SHA1"
208 "&oauth_timestamp=1308152953"
209 "&oauth_token=4%2FX8x0r7bHif_VNCLjUMutxGkzo13d"
210 "&oauth_version=1.0"
211 "&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
212 "&xaouth_display_name=Chromium",
213 signed_text);
216 TEST(OAuthRequestSignerTest, SignPost2) {
217 GURL request_url("https://accounts.google.com/OAuthGetAccessToken");
218 OAuthRequestSigner::Parameters parameters;
219 parameters["oauth_timestamp"] = "1234567890";
220 parameters["oauth_nonce"] = "17171717171717171";
221 std::string signed_text;
222 ASSERT_TRUE(OAuthRequestSigner::SignURL(
223 request_url,
224 parameters,
225 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
226 OAuthRequestSigner::POST_METHOD,
227 "anonymous", // oauth_consumer_key
228 "anonymous", // consumer secret
229 "4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
230 std::string(), // token secret
231 &signed_text));
232 ASSERT_EQ(signed_text,
233 "oauth_consumer_key=anonymous"
234 "&oauth_nonce=17171717171717171"
235 "&oauth_signature=tPX2XqKQICWzopZ80CFGX%2F53DLo%3D"
236 "&oauth_signature_method=HMAC-SHA1"
237 "&oauth_timestamp=1234567890"
238 "&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
239 "&oauth_version=1.0");
242 TEST(OAuthRequestSignerTest, ParseAndSignPost1) {
243 GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken"
244 "?scope=https://accounts.google.com/OAuthLogin"
245 "&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
246 "&xaouth_display_name=Chromium"
247 "&oauth_timestamp=1308152953");
248 std::string signed_text;
249 ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
250 request_url,
251 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
252 OAuthRequestSigner::POST_METHOD,
253 "anonymous", // oauth_consumer_key
254 "anonymous", // consumer secret
255 "4/X8x0r7bHif_VNCLjUMutxGkzo13d", // oauth_token
256 "b7120598d47594bd3522", // token secret
257 &signed_text));
258 ASSERT_EQ("oauth_consumer_key=anonymous"
259 "&oauth_nonce=2oiE_aHdk5qRTz0L9C8Lq0g"
260 "&oauth_signature=vVlfv6dnV2%2Fx7TozS0Gf83zS2%2BQ%3D"
261 "&oauth_signature_method=HMAC-SHA1"
262 "&oauth_timestamp=1308152953"
263 "&oauth_token=4%2FX8x0r7bHif_VNCLjUMutxGkzo13d"
264 "&oauth_version=1.0"
265 "&scope=https%3A%2F%2Faccounts.google.com%2FOAuthLogin"
266 "&xaouth_display_name=Chromium",
267 signed_text);
270 TEST(OAuthRequestSignerTest, ParseAndSignPost2) {
271 GURL request_url("https://accounts.google.com/OAuthGetAccessToken"
272 "?oauth_timestamp=1234567890"
273 "&oauth_nonce=17171717171717171");
274 std::string signed_text;
275 ASSERT_TRUE(OAuthRequestSigner::ParseAndSign(
276 request_url,
277 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
278 OAuthRequestSigner::POST_METHOD,
279 "anonymous", // oauth_consumer_key
280 "anonymous", // consumer secret
281 "4/CcC-hgdj1TNnWaX8NTQ76YDXCBEK", // oauth_token
282 std::string(), // token secret
283 &signed_text));
284 ASSERT_EQ(signed_text,
285 "oauth_consumer_key=anonymous"
286 "&oauth_nonce=17171717171717171"
287 "&oauth_signature=tPX2XqKQICWzopZ80CFGX%2F53DLo%3D"
288 "&oauth_signature_method=HMAC-SHA1"
289 "&oauth_timestamp=1234567890"
290 "&oauth_token=4%2FCcC-hgdj1TNnWaX8NTQ76YDXCBEK"
291 "&oauth_version=1.0");
294 TEST(OAuthRequestSignerTest, SignAuthHeader) {
295 GURL request_url("https://www.google.com/accounts/o8/GetOAuthToken");
296 OAuthRequestSigner::Parameters parameters;
297 parameters["scope"] = "https://accounts.google.com/OAuthLogin";
298 parameters["oauth_nonce"] = "2oiE_aHdk5qRTz0L9C8Lq0g";
299 parameters["xaouth_display_name"] = "Chromium";
300 parameters["oauth_timestamp"] = "1308152953";
301 std::string signed_text;
302 ASSERT_TRUE(OAuthRequestSigner::SignAuthHeader(
303 request_url,
304 parameters,
305 OAuthRequestSigner::HMAC_SHA1_SIGNATURE,
306 OAuthRequestSigner::GET_METHOD,
307 "johndoe", // oauth_consumer_key
308 "53cR3t", // consumer secret
309 "4/VGY0MsQadcmO8VnCv9gnhoEooq1v", // oauth_token
310 "c5e0531ff55dfbb4054e", // token secret
311 &signed_text));
312 ASSERT_EQ("OAuth "
313 "oauth_consumer_key=\"johndoe\", "
314 "oauth_nonce=\"2oiE_aHdk5qRTz0L9C8Lq0g\", "
315 "oauth_signature=\"PFqDTaiyey1UObcvOyI4Ng2HXW0%3D\", "
316 "oauth_signature_method=\"HMAC-SHA1\", "
317 "oauth_timestamp=\"1308152953\", "
318 "oauth_token=\"4%2FVGY0MsQadcmO8VnCv9gnhoEooq1v\", "
319 "oauth_version=\"1.0\", "
320 "scope=\"https%3A%2F%2Faccounts.google.com%2FOAuthLogin\", "
321 "xaouth_display_name=\"Chromium\"",
322 signed_text);