/**
* Tests a call to an OAuth endpoint: GET /oauth/test_request using the RSA-SHA1 signature method,
* which is the most secure one. This is a regular 3-legged OAuth call i.e. with an authenticated
* access token for a user.
*/
public void testOAuthCallWithRsaSha1Signature() throws MalformedURLException {
OAuthClientHelper och = new OAuthClientHelper();
och.setHttpMethod(HttpMethod.GET);
och.setRequestUrl(new URL("https://cheetah.dhcp.pgdev.sap.corp/oauth/test_request"));
och.setConsumerKey("1VMzOctCAidMaahS9yJU");
och.setConsumerPrivateKey(TEST_CONSUMER_PRIVATE_KEY);
och.setToken("qlbjCFbiBewXcCSAgIB9");
och.setSignatureMethod(SignatureMethod.RSA_SHA1);
// under normal circumstances, we would not set the timestamp and nonce, and just let the
// library
// use the current time and a generated uuid. However, we're comparing with a known good request
och.setTimestamp(1307745674L);
och.setNonce("oCaDVVBkIw");
String expectedAuthorizationHeader =
"OAuth oauth_consumer_key=\"1VMzOctCAidMaahS9yJU\", oauth_nonce=\"oCaDVVBkIw\", oauth_signature_method=\"RSA-SHA1\", oauth_timestamp=\"1307745674\", oauth_version=\"1.0\", oauth_token=\"qlbjCFbiBewXcCSAgIB9\", oauth_signature=\"U2gpD7SZldInb6JorOkopdKBDlUG2xZikHf92MwKxFH%2FdXxr9J6LSsrg0G8HXPHXGgzm5%2BD7edjz2gl1yss4jtFBCb8AmMxp5VVyehzlZUm6A4rfpkrq9tH7Hdpc%2BLCnFC4c2vqAMzT%2BTf3r2Ki%2FrE9hwtu4Iireb1feN3V3ZQ7rZNRjdPc%2BJpDYSkoo9VTL2KSzUzZYDYJaSRLPoryburLRpam%2BMA3DCvFrCT6pKOXnS6II5H6Uyt%2FOR3GHPDWcb15zZijMKstxPaj8kvv6ziwVPcN1UVm8p12%2FKEQxlmohVwh1YR0lObT%2BKG790u47Em3Gk8Ot%2FDN4cg9ewJqb%2BA%3D%3D\"";
assertEqualAuthorizationHeaders(expectedAuthorizationHeader, och.generateAuthorizationHeader());
}
/**
* Tests a call to the two-legged OAuth endpoint: GET /oauth/test_consumer_request using the
* RSA-SHA1 signature method.
*/
public void testTwoLeggedOAuthCallWithRsaSha1Signature() throws MalformedURLException {
OAuthClientHelper och = new OAuthClientHelper();
och.setHttpMethod(HttpMethod.GET);
och.setRequestUrl(new URL("https://cheetah.dhcp.pgdev.sap.corp/oauth/test_consumer_request"));
och.setConsumerKey("1VMzOctCAidMaahS9yJU");
och.setConsumerPrivateKey(TEST_CONSUMER_PRIVATE_KEY);
och.setTokenForTwoLeggedOAuth();
och.setSignatureMethod(SignatureMethod.RSA_SHA1);
// under normal circumstances, we would not set the timestamp and nonce, and just let the
// library
// use the current time and a generated uuid. However, we're comparing with a known good request
och.setTimestamp(1307748357L);
och.setNonce("NtX9Gah3Bw");
String expectedAuthorizationHeader =
"OAuth oauth_consumer_key=\"1VMzOctCAidMaahS9yJU\", oauth_nonce=\"NtX9Gah3Bw\", oauth_signature_method=\"RSA-SHA1\", oauth_timestamp=\"1307748357\", oauth_version=\"1.0\", oauth_token=\"\", oauth_signature=\"h%2FKJEkVh3GdY%2BLN7G6gQazi625uwKGkxzyN3dcQh4LzyS2z%2FBLCcLiWL5u9Xkk%2FwxvIwvE6FcvWmYlPHxzNUPxjNfXkIo6CgfF2wAqDf09JLPuMlZPAKaj8n%2BFOTiswuOH%2BsxkCatN2ziUKsMqniYWHLxgT3Q9DI1Fve6tdGOuJO0H3Lg%2BzAIC8oWSWw4q6VPPauCbslJaZTA6d6v2yg2oMxBoLCnJ9x1F2C2B9Fqb3w0lkzDm5Vxz%2B%2BWgswLSXpIBQpfoqzZpE5qohBpq%2FT9KGMM8Ewj2hvzf0NSZtMRPvqpE5A4AFBxMnHlIHKnFLTxRqjAn2qgm1MY6wJhDDuoQ%3D%3D\"";
assertEqualAuthorizationHeaders(expectedAuthorizationHeader, och.generateAuthorizationHeader());
}
