/**
   * Tests a call to an OAuth endpoint: GET /oauth/test_request using the RSA-SHA1 signature method,
   * which is the most secure one. This is a regular 3-legged OAuth call i.e. with an authenticated
   * access token for a user.
   */
  public void testOAuthCallWithRsaSha1Signature() throws MalformedURLException {
    OAuthClientHelper och = new OAuthClientHelper();
    och.setHttpMethod(HttpMethod.GET);
    och.setRequestUrl(new URL("https://cheetah.dhcp.pgdev.sap.corp/oauth/test_request"));
    och.setConsumerKey("1VMzOctCAidMaahS9yJU");
    och.setConsumerPrivateKey(TEST_CONSUMER_PRIVATE_KEY);
    och.setToken("qlbjCFbiBewXcCSAgIB9");
    och.setSignatureMethod(SignatureMethod.RSA_SHA1);
    // under normal circumstances, we would not set the timestamp and nonce, and just let the
    // library
    // use the current time and a generated uuid. However, we're comparing with a known good request
    och.setTimestamp(1307745674L);
    och.setNonce("oCaDVVBkIw");

    String expectedAuthorizationHeader =
        "OAuth oauth_consumer_key=\"1VMzOctCAidMaahS9yJU\", oauth_nonce=\"oCaDVVBkIw\", oauth_signature_method=\"RSA-SHA1\", oauth_timestamp=\"1307745674\", oauth_version=\"1.0\", oauth_token=\"qlbjCFbiBewXcCSAgIB9\", oauth_signature=\"U2gpD7SZldInb6JorOkopdKBDlUG2xZikHf92MwKxFH%2FdXxr9J6LSsrg0G8HXPHXGgzm5%2BD7edjz2gl1yss4jtFBCb8AmMxp5VVyehzlZUm6A4rfpkrq9tH7Hdpc%2BLCnFC4c2vqAMzT%2BTf3r2Ki%2FrE9hwtu4Iireb1feN3V3ZQ7rZNRjdPc%2BJpDYSkoo9VTL2KSzUzZYDYJaSRLPoryburLRpam%2BMA3DCvFrCT6pKOXnS6II5H6Uyt%2FOR3GHPDWcb15zZijMKstxPaj8kvv6ziwVPcN1UVm8p12%2FKEQxlmohVwh1YR0lObT%2BKG790u47Em3Gk8Ot%2FDN4cg9ewJqb%2BA%3D%3D\"";
    assertEqualAuthorizationHeaders(expectedAuthorizationHeader, och.generateAuthorizationHeader());
  }
  /**
   * Tests a call to the two-legged OAuth endpoint: GET /oauth/test_consumer_request using the
   * RSA-SHA1 signature method.
   */
  public void testTwoLeggedOAuthCallWithRsaSha1Signature() throws MalformedURLException {
    OAuthClientHelper och = new OAuthClientHelper();
    och.setHttpMethod(HttpMethod.GET);
    och.setRequestUrl(new URL("https://cheetah.dhcp.pgdev.sap.corp/oauth/test_consumer_request"));
    och.setConsumerKey("1VMzOctCAidMaahS9yJU");
    och.setConsumerPrivateKey(TEST_CONSUMER_PRIVATE_KEY);
    och.setTokenForTwoLeggedOAuth();
    och.setSignatureMethod(SignatureMethod.RSA_SHA1);
    // under normal circumstances, we would not set the timestamp and nonce, and just let the
    // library
    // use the current time and a generated uuid. However, we're comparing with a known good request
    och.setTimestamp(1307748357L);
    och.setNonce("NtX9Gah3Bw");

    String expectedAuthorizationHeader =
        "OAuth oauth_consumer_key=\"1VMzOctCAidMaahS9yJU\", oauth_nonce=\"NtX9Gah3Bw\", oauth_signature_method=\"RSA-SHA1\", oauth_timestamp=\"1307748357\", oauth_version=\"1.0\", oauth_token=\"\", oauth_signature=\"h%2FKJEkVh3GdY%2BLN7G6gQazi625uwKGkxzyN3dcQh4LzyS2z%2FBLCcLiWL5u9Xkk%2FwxvIwvE6FcvWmYlPHxzNUPxjNfXkIo6CgfF2wAqDf09JLPuMlZPAKaj8n%2BFOTiswuOH%2BsxkCatN2ziUKsMqniYWHLxgT3Q9DI1Fve6tdGOuJO0H3Lg%2BzAIC8oWSWw4q6VPPauCbslJaZTA6d6v2yg2oMxBoLCnJ9x1F2C2B9Fqb3w0lkzDm5Vxz%2B%2BWgswLSXpIBQpfoqzZpE5qohBpq%2FT9KGMM8Ewj2hvzf0NSZtMRPvqpE5A4AFBxMnHlIHKnFLTxRqjAn2qgm1MY6wJhDDuoQ%3D%3D\"";
    assertEqualAuthorizationHeaders(expectedAuthorizationHeader, och.generateAuthorizationHeader());
  }