package org.apache.shindig.gadgets.oauth;

import com.google.common.collect.Lists;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Handler;
import java.util.logging.Level;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
import net.oauth.OAuth;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.ArrayUtils;
import org.apache.shindig.auth.BasicSecurityToken;
import org.apache.shindig.auth.SecurityToken;
import org.apache.shindig.common.crypto.BasicBlobCrypter;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.common.util.CharsetUtil;
import org.apache.shindig.common.util.FakeTimeSource;
import org.apache.shindig.gadgets.FakeGadgetSpecFactory;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.GadgetSpecFactory;
import org.apache.shindig.gadgets.http.HttpFetcher;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
import org.apache.shindig.gadgets.oauth.AccessorInfo;
import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret;
import org.apache.shindig.gadgets.oauth.OAuthArguments;
import org.apache.shindig.gadgets.oauth.testing.FakeOAuthServiceProvider;
import org.apache.shindig.gadgets.oauth.testing.MakeRequestClient;
import org.json.JSONObject;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/shindig/gadgets/oauth/OAuthRequestTest.class */
public class OAuthRequestTest {
    private OAuthFetcherConfig fetcherConfig;
    private FakeOAuthServiceProvider serviceProvider;
    private OAuthCallbackGenerator callbackGenerator;
    private BasicOAuthStore base;
    private Logger logger;
    protected final List<LogRecord> logRecords = Lists.newArrayList();
    private final FakeTimeSource clock = new FakeTimeSource();
    public static final String GADGET_URL = "http://www.example.com/gadget.xml";
    public static final String GADGET_URL_NO_KEY = "http://www.example.com/nokey.xml";
    public static final String GADGET_URL_HEADER = "http://www.example.com/header.xml";
    public static final String GADGET_URL_BODY = "http://www.example.com/body.xml";
    public static final String GADGET_URL_BAD_OAUTH_URL = "http://www.example.com/badoauthurl.xml";
    public static final String GADGET_URL_APPROVAL_PARAMS = "http://www.example.com/approvalparams.xml";
    public static final String GADGET_MAKE_REQUEST_URL = "http://127.0.0.1/gadgets/makeRequest?params=foo";

    @Before
    public void setUp() throws Exception {
        this.base = new BasicOAuthStore();
        this.base.setDefaultCallbackUrl(GadgetTokenStoreTest.DEFAULT_CALLBACK);
        this.serviceProvider = new FakeOAuthServiceProvider(this.clock);
        this.callbackGenerator = createNullCallbackGenerator();
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base), this.clock, this.callbackGenerator, false);
        this.logger = Logger.getLogger(OAuthResponseParams.class.getName());
        this.logger.addHandler(new Handler() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.1
            @Override // java.util.logging.Handler
            public void close() throws SecurityException {
            }

            @Override // java.util.logging.Handler
            public void flush() {
            }

            @Override // java.util.logging.Handler
            public void publish(LogRecord logRecord) {
                OAuthRequestTest.this.logRecords.add(logRecord);
            }
        });
    }

    private OAuthCallbackGenerator createNullCallbackGenerator() {
        return new OAuthCallbackGenerator() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.2
            public String generateCallback(OAuthFetcherConfig oAuthFetcherConfig, String str, HttpRequest httpRequest, OAuthResponseParams oAuthResponseParams) {
                return null;
            }
        };
    }

    private OAuthCallbackGenerator createRealCallbackGenerator() {
        return new OAuthCallbackGenerator() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.3
            public String generateCallback(OAuthFetcherConfig oAuthFetcherConfig, String str, HttpRequest httpRequest, OAuthResponseParams oAuthResponseParams) {
                Uri parse = Uri.parse(httpRequest.getSecurityToken().getActiveUrl());
                Assert.assertEquals(OAuthRequestTest.GADGET_MAKE_REQUEST_URL, parse.toString());
                Assert.assertEquals(GadgetTokenStoreTest.DEFAULT_CALLBACK, str);
                return new UriBuilder().setScheme("http").setAuthority(parse.getAuthority()).setPath("/realcallback").toString();
            }
        };
    }

    public GadgetOAuthTokenStore getOAuthStore(BasicOAuthStore basicOAuthStore) {
        return getOAuthStore(basicOAuthStore, new FakeGadgetSpecFactory());
    }

    private GadgetOAuthTokenStore getOAuthStore(BasicOAuthStore basicOAuthStore, GadgetSpecFactory gadgetSpecFactory) {
        if (basicOAuthStore == null) {
            basicOAuthStore = new BasicOAuthStore();
            basicOAuthStore.setDefaultCallbackUrl(GadgetTokenStoreTest.DEFAULT_CALLBACK);
        }
        addValidConsumer(basicOAuthStore);
        addInvalidConsumer(basicOAuthStore);
        addAuthHeaderConsumer(basicOAuthStore);
        addBodyConsumer(basicOAuthStore);
        addBadOAuthUrlConsumer(basicOAuthStore);
        addApprovalParamsConsumer(basicOAuthStore);
        addDefaultKey(basicOAuthStore);
        return new GadgetOAuthTokenStore(basicOAuthStore, gadgetSpecFactory);
    }

    private static void addValidConsumer(BasicOAuthStore basicOAuthStore) {
        addConsumer(basicOAuthStore, GADGET_URL, FakeGadgetSpecFactory.SERVICE_NAME, FakeOAuthServiceProvider.CONSUMER_KEY, FakeOAuthServiceProvider.CONSUMER_SECRET);
    }

    private static void addInvalidConsumer(BasicOAuthStore basicOAuthStore) {
        addConsumer(basicOAuthStore, GADGET_URL_NO_KEY, FakeGadgetSpecFactory.SERVICE_NAME_NO_KEY, "garbage_key", "garbage_secret");
    }

    private static void addAuthHeaderConsumer(BasicOAuthStore basicOAuthStore) {
        addConsumer(basicOAuthStore, GADGET_URL_HEADER, FakeGadgetSpecFactory.SERVICE_NAME, FakeOAuthServiceProvider.CONSUMER_KEY, FakeOAuthServiceProvider.CONSUMER_SECRET);
    }

    private static void addBodyConsumer(BasicOAuthStore basicOAuthStore) {
        addConsumer(basicOAuthStore, GADGET_URL_BODY, FakeGadgetSpecFactory.SERVICE_NAME, FakeOAuthServiceProvider.CONSUMER_KEY, FakeOAuthServiceProvider.CONSUMER_SECRET);
    }

    private static void addBadOAuthUrlConsumer(BasicOAuthStore basicOAuthStore) {
        addConsumer(basicOAuthStore, GADGET_URL_BAD_OAUTH_URL, FakeGadgetSpecFactory.SERVICE_NAME, FakeOAuthServiceProvider.CONSUMER_KEY, FakeOAuthServiceProvider.CONSUMER_SECRET);
    }

    private static void addApprovalParamsConsumer(BasicOAuthStore basicOAuthStore) {
        addConsumer(basicOAuthStore, GADGET_URL_APPROVAL_PARAMS, FakeGadgetSpecFactory.SERVICE_NAME, FakeOAuthServiceProvider.CONSUMER_KEY, FakeOAuthServiceProvider.CONSUMER_SECRET);
    }

    private static void addConsumer(BasicOAuthStore basicOAuthStore, String str, String str2, String str3, String str4) {
        BasicOAuthStoreConsumerIndex basicOAuthStoreConsumerIndex = new BasicOAuthStoreConsumerIndex();
        basicOAuthStoreConsumerIndex.setGadgetUri(str);
        basicOAuthStoreConsumerIndex.setServiceName(str2);
        basicOAuthStore.setConsumerKeyAndSecret(basicOAuthStoreConsumerIndex, new BasicOAuthStoreConsumerKeyAndSecret(str3, str4, BasicOAuthStoreConsumerKeyAndSecret.KeyType.HMAC_SYMMETRIC, (String) null, (String) null));
    }

    private static void addDefaultKey(BasicOAuthStore basicOAuthStore) {
        basicOAuthStore.setDefaultKey(new BasicOAuthStoreConsumerKeyAndSecret("signedfetch", FakeOAuthServiceProvider.PRIVATE_KEY_TEXT, BasicOAuthStoreConsumerKeyAndSecret.KeyType.RSA_PRIVATE, "foo", (String) null));
    }

    public static SecurityToken getNormalSecurityToken(String str, String str2) throws Exception {
        return getSecurityToken(str, str2, GADGET_URL);
    }

    public static SecurityToken getNokeySecurityToken(String str, String str2) throws Exception {
        return getSecurityToken(str, str2, GADGET_URL_NO_KEY);
    }

    public static SecurityToken getHeaderSecurityToken(String str, String str2) throws Exception {
        return getSecurityToken(str, str2, GADGET_URL_HEADER);
    }

    public static SecurityToken getBodySecurityToken(String str, String str2) throws Exception {
        return getSecurityToken(str, str2, GADGET_URL_BODY);
    }

    public static SecurityToken getSecurityToken(String str, String str2, String str3) throws Exception {
        return new BasicSecurityToken(str, str2, "app", "container.com", str3, "0", "default", GADGET_MAKE_REQUEST_URL, (Long) null);
    }

    @After
    public void tearDown() throws Exception {
    }

    private MakeRequestClient makeNonSocialClient(String str, String str2, String str3) throws Exception {
        MakeRequestClient makeRequestClient = new MakeRequestClient(getSecurityToken(str, str2, str3), this.fetcherConfig, this.serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME);
        makeRequestClient.getBaseArgs().setSignOwner(true);
        makeRequestClient.getBaseArgs().setSignViewer(true);
        return makeRequestClient;
    }

    private MakeRequestClient makeStrictNonSocialClient(String str, String str2, String str3) throws Exception {
        return new MakeRequestClient(getSecurityToken(str, str2, str3), this.fetcherConfig, this.serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME);
    }

    private MakeRequestClient makeSocialOAuthClient(String str, String str2, String str3) throws Exception {
        MakeRequestClient makeRequestClient = new MakeRequestClient(getSecurityToken(str, str2, str3), this.fetcherConfig, this.serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME);
        makeRequestClient.getBaseArgs().setUseToken(OAuthArguments.UseToken.IF_AVAILABLE);
        return makeRequestClient;
    }

    private MakeRequestClient makeSignedFetchClient(String str, String str2, String str3) throws Exception {
        MakeRequestClient makeRequestClient = new MakeRequestClient(getSecurityToken(str, str2, str3), this.fetcherConfig, this.serviceProvider, null);
        makeRequestClient.setBaseArgs(makeRequestClient.makeSignedFetchArguments());
        return makeRequestClient;
    }

    @Test
    public void testOAuthFlow() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        checkEmptyLog();
    }

    @Test
    public void testOAuthFlow_withCallbackVerifier() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base), this.clock, createRealCallbackGenerator(), false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        checkEmptyLog();
    }

    @Test
    public void testOAuthFlow_badCallbackVerifier() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base), this.clock, createRealCallbackGenerator(), false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        makeNonSocialClient.setReceivedCallbackUrl("nonsense");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertNotNull(sendGet.getMetadata().get("oauthErrorText"));
        makeNonSocialClient.approveToken("user_data=try-again");
        Assert.assertEquals("User data is try-again", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
    }

    @Test
    public void testOAuthFlow_tokenReused() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient("owner", "owner", GADGET_URL).sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
    }

    @Test
    public void testOAuthFlow_unauthUser() throws Exception {
        HttpResponse sendGet = makeNonSocialClient(null, null, GADGET_URL).sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals(-1L, sendGet.getCacheTtl());
        Assert.assertEquals(OAuthError.UNAUTHENTICATED.name(), sendGet.getMetadata().get("oauthError"));
    }

    @Test
    public void testOAuthFlow_noViewer() throws Exception {
        Iterator it = Arrays.asList(true, false).iterator();
        while (it.hasNext()) {
            this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base), this.clock, this.callbackGenerator, ((Boolean) it.next()).booleanValue());
            HttpResponse sendGet = makeNonSocialClient("owner", null, GADGET_URL).sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
            Assert.assertEquals("", sendGet.getResponseAsString());
            Assert.assertEquals(403L, sendGet.getHttpStatusCode());
            Assert.assertEquals(-1L, sendGet.getCacheTtl());
            Assert.assertEquals(OAuthError.UNAUTHENTICATED.name(), sendGet.getMetadata().get("oauthError"));
        }
    }

    @Test
    public void testOAuthFlow_noSpec() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, this.callbackGenerator, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        checkEmptyLog();
    }

    private void setNoSpecOptions(MakeRequestClient makeRequestClient) {
        makeRequestClient.getBaseArgs().setRequestOption("OAUTH_PROGRAMMATIC_CONFIG", "true");
        makeRequestClient.getBaseArgs().setRequestOption("OAUTH_PARAM_LOCATION", "uri-query");
        makeRequestClient.getBaseArgs().setRequestOption("OAUTH_REQUEST_METHOD", "GET");
        makeRequestClient.getBaseArgs().setRequestOption("OAUTH_REQUEST_TOKEN_URL", FakeOAuthServiceProvider.REQUEST_TOKEN_URL);
        makeRequestClient.getBaseArgs().setRequestOption("OAUTH_ACCESS_TOKEN_URL", FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
        makeRequestClient.getBaseArgs().setRequestOption("OAUTH_AUTHORIZATION_URL", FakeOAuthServiceProvider.APPROVAL_URL);
    }

    @Test
    public void testOAuthFlow_noSpecNoRequestTokenUrl() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, (OAuthCallbackGenerator) null, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().removeRequestOption("OAUTH_REQUEST_TOKEN_URL");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals(OAuthError.BAD_OAUTH_TOKEN_URL.name(), sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        Assert.assertNotNull(str);
        checkStringContains("should report no request token url", str, "No request token URL specified");
    }

    @Test
    public void testOAuthFlow_noSpecNoAccessTokenUrl() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, this.callbackGenerator, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().removeRequestOption("OAUTH_ACCESS_TOKEN_URL");
        makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals(OAuthError.BAD_OAUTH_TOKEN_URL.name(), sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        Assert.assertNotNull(str);
        checkStringContains("should report no access token url", str, "No access token URL specified");
    }

    @Test
    public void testOAuthFlow_noSpecNoApprovalUrl() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, this.callbackGenerator, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().removeRequestOption("OAUTH_AUTHORIZATION_URL");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals(OAuthError.BAD_OAUTH_TOKEN_URL.name(), sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        Assert.assertNotNull(str);
        checkStringContains("should report no authorization url", str, "No authorization URL specified");
    }

    @Test
    public void testOAuthFlow_noSpecAuthHeader() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.AUTH_HEADER);
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, this.callbackGenerator, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().setRequestOption("OAUTH_PARAM_LOCATION", "auth-header");
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        checkEmptyLog();
    }

    @Test
    public void testOAuthFlow_noSpecPostBody() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.POST_BODY);
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, this.callbackGenerator, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().setRequestOption("OAUTH_REQUEST_METHOD", "POST");
        makeNonSocialClient.getBaseArgs().setRequestOption("OAUTH_PARAM_LOCATION", "post-body");
        Assert.assertEquals("", makeNonSocialClient.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "").getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "").getResponseAsString());
        checkEmptyLog();
    }

    @Test
    public void testOAuthFlow_noSpecPostBodyAndHeader() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.POST_BODY);
        this.serviceProvider.addParamLocation(AccessorInfo.OAuthParamLocation.AUTH_HEADER);
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, this.callbackGenerator, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().setRequestOption("OAUTH_REQUEST_METHOD", "POST");
        makeNonSocialClient.getBaseArgs().setRequestOption("OAUTH_PARAM_LOCATION", "post-body");
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        checkEmptyLog();
    }

    @Test
    public void testOAuthFlow_noSpecInvalidUrl() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, (OAuthCallbackGenerator) null, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().setRequestOption("OAUTH_REQUEST_TOKEN_URL", "foo");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals(OAuthError.INVALID_URL.name(), sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        Assert.assertNotNull(str);
        checkStringContains("should report invalid url", str, "Invalid URL: foo");
    }

    @Test
    public void testOAuthFlow_noSpecBlankUrl() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base, null), this.clock, (OAuthCallbackGenerator) null, false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        setNoSpecOptions(makeNonSocialClient);
        makeNonSocialClient.getBaseArgs().setRequestOption("OAUTH_REQUEST_TOKEN_URL", "");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals(OAuthError.INVALID_URL.name(), sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        Assert.assertNotNull(str);
        checkStringContains("should report invalid url", str, "Invalid URL: ");
    }

    @Test
    public void testAccessTokenNotUsedForSocialPage() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        HttpResponse sendGet = makeNonSocialClient("owner", "friend", GADGET_URL).sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals(OAuthError.NOT_OWNER.name(), sendGet.getMetadata().get("oauthError"));
    }

    @Test
    public void testAccessTokenOkForSecureOwnerPage() throws Exception {
        this.fetcherConfig = new OAuthFetcherConfig(new BasicBlobCrypter("abcdefghijklmnop".getBytes()), getOAuthStore(this.base), this.clock, this.callbackGenerator, true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals("", makeNonSocialClient("owner", "friend", GADGET_URL).sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(200L, r0.getHttpStatusCode());
    }

    @Test
    public void testParamsInHeader() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.AUTH_HEADER);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL_HEADER);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("User data is hello-oauth", sendGet.getResponseAsString());
        String header = sendGet.getHeader(FakeOAuthServiceProvider.AUTHZ_ECHO_HEADER);
        Assert.assertNotNull(header);
        Assert.assertNotSame("azn header: " + header, Integer.valueOf(header.indexOf("OAuth")), -1);
    }

    @Test
    public void testParamsInBody() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.POST_BODY);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL_BODY);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        HttpResponse sendFormPost = makeNonSocialClient.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "");
        Assert.assertEquals("User data is hello-oauth", sendFormPost.getResponseAsString());
        String header = sendFormPost.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER);
        Assert.assertNotNull(header);
        Assert.assertNotSame("body: " + header, Integer.valueOf(header.indexOf("oauth_consumer_key=")), -1);
    }

    @Test
    public void testParamsInBody_withExtraParams() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.POST_BODY);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL_BODY);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        HttpResponse sendFormPost = makeNonSocialClient.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "foo=bar&foo=baz");
        Assert.assertEquals("User data is hello-oauth", sendFormPost.getResponseAsString());
        String header = sendFormPost.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER);
        Assert.assertNotNull(header);
        Assert.assertNotSame("body: " + header, Integer.valueOf(header.indexOf("oauth_consumer_key=")), -1);
        Assert.assertNotSame("body: " + header, Integer.valueOf(header.indexOf("foo=bar&foo=baz")), -1);
    }

    @Test
    public void testParamsInBody_forGetRequest() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.POST_BODY);
        this.serviceProvider.addParamLocation(AccessorInfo.OAuthParamLocation.AUTH_HEADER);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL_BODY);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("User data is hello-oauth", sendGet.getResponseAsString());
        String header = sendGet.getHeader(FakeOAuthServiceProvider.AUTHZ_ECHO_HEADER);
        Assert.assertNotNull(header);
        Assert.assertNotSame("azn header: " + header, Integer.valueOf(header.indexOf("OAuth")), -1);
    }

    @Test
    public void testParamsInBody_forGetRequestStrictSp() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.POST_BODY);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL_BODY);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals("parameter_absent", sendGet.getMetadata().get("oauthError"));
        Assert.assertNull(sendGet.getMetadata().get("oauthApprovalUrl"));
    }

    @Test
    public void testRevokedAccessToken() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        this.serviceProvider.revokeAllAccessTokens();
        HttpResponse sendGet = makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=2");
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertNotNull(sendGet.getMetadata().get("oauthApprovalUrl"));
        Assert.assertNull("Should not return oauthError for revoked token", sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        Assert.assertNotNull(str);
        checkStringContains("should return original request", str, "GET /data?cachebust=2\n");
        checkStringContains("should return signed request", str, "GET /data?cachebust=2&");
        checkStringContains("should remove secret", str, "oauth_token_secret=REMOVED");
        checkStringContains("should return response", str, "HTTP/1.1 401");
        checkStringContains("should return response", str, "oauth_problem=\"token_revoked\"");
        makeNonSocialClient.approveToken("user_data=reapproved");
        Assert.assertEquals("User data is reapproved", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=3").getResponseAsString());
    }

    @Test
    public void testError401() throws Exception {
        this.serviceProvider.setVagueErrors(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        this.serviceProvider.revokeAllAccessTokens();
        HttpResponse sendGet = makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=2");
        checkLogContains("GET /data?cachebust=2");
        checkLogContains("HTTP/1.1 401");
        Assert.assertEquals("", sendGet.getResponseAsString());
        Assert.assertNotNull(sendGet.getMetadata().get("oauthApprovalUrl"));
        makeNonSocialClient.approveToken("user_data=reapproved");
        Assert.assertEquals("User data is reapproved", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=3").getResponseAsString());
    }

    @Test
    public void testUnknownConsumerKey() throws Exception {
        HttpResponse sendGet = new MakeRequestClient(getSecurityToken("owner", "owner", GADGET_URL_NO_KEY), this.fetcherConfig, this.serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME_NO_KEY).sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Map metadata = sendGet.getMetadata();
        Assert.assertNotNull(metadata);
        Assert.assertEquals("consumer_key_unknown", metadata.get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        checkStringContains("oauthErrorText mismatch", str, "Service provider rejected request");
        checkStringContains("oauthErrorText mismatch", str, "oauth_problem_advice=\"invalid%20consumer%3A%20garbage_key\"");
        checkStringContains("should return original request", str, "GET /data\n");
        checkStringContains("should return request token request", str, "GET /request?param=foo&");
    }

    @Test
    public void testBrokenRequestTokenResponse() throws Exception {
        HttpResponse sendGet = new MakeRequestClient(getSecurityToken("owner", "owner", GADGET_URL_BAD_OAUTH_URL), this.fetcherConfig, this.serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME).sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals("", sendGet.getResponseAsString());
        Map metadata = sendGet.getMetadata();
        Assert.assertNotNull(metadata);
        Assert.assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        checkStringContains("oauthErrorText mismatch", str, "No oauth_token returned from service provider");
        checkStringContains("oauthErrorText mismatch", str, "GET /echo?mary_had_a_little_lamb");
    }

    @Test
    public void testBrokenAccessTokenResponse() throws Exception {
        MakeRequestClient makeRequestClient = new MakeRequestClient(getSecurityToken("owner", "owner", GADGET_URL_BAD_OAUTH_URL), this.fetcherConfig, this.serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME);
        makeRequestClient.getBaseArgs().setRequestToken("reqtoken");
        makeRequestClient.getBaseArgs().setRequestTokenSecret("reqtokensecret");
        HttpResponse sendGet = makeRequestClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals("", sendGet.getResponseAsString());
        Map metadata = sendGet.getMetadata();
        Assert.assertNotNull(metadata);
        Assert.assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        checkStringContains("oauthErrorText mismatch", str, "No oauth_token_secret returned from service provider");
        checkStringContains("oauthErrorText mismatch", str, "with_fleece_as_white_as_snow");
    }

    @Test
    public void testExtraApprovalParams() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL_APPROVAL_PARAMS);
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        String str = (String) sendGet.getMetadata().get("oauthApprovalUrl");
        Assert.assertSame(str, 0, Integer.valueOf(str.indexOf("http://www.example.com/authorize?oauth_callback=foo&oauth_token=")));
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        checkEmptyLog();
    }

    @Test
    public void testError403() throws Exception {
        this.serviceProvider.setVagueErrors(true);
        HttpResponse sendGet = new MakeRequestClient(getSecurityToken("owner", "owner", GADGET_URL_NO_KEY), this.fetcherConfig, this.serviceProvider, FakeGadgetSpecFactory.SERVICE_NAME_NO_KEY).sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertEquals("", sendGet.getResponseAsString());
        Map metadata = sendGet.getMetadata();
        Assert.assertNotNull(metadata);
        Assert.assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError"));
        checkStringContains("oauthErrorText mismatch", (String) metadata.get("oauthErrorText"), "some vague error");
        checkStringContains("oauthErrorText mismatch", (String) metadata.get("oauthErrorText"), "HTTP/1.1 403");
        checkLogContains("HTTP/1.1 403");
        checkLogContains("GET /request");
        checkLogContains("some vague error");
    }

    @Test
    public void testError404() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        Assert.assertEquals("not found", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.NOT_FOUND_URL).getResponseAsString());
        Assert.assertEquals(404L, r0.getHttpStatusCode());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=3").getResponseAsString());
    }

    @Test
    public void testError400() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        Assert.assertEquals("bad request", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.ERROR_400).getResponseAsString());
        Assert.assertEquals(400L, r0.getHttpStatusCode());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=3").getResponseAsString());
    }

    @Test
    public void testConsumerThrottled() throws Exception {
        Assert.assertEquals(0L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getResourceAccessCount());
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getResourceAccessCount());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
        this.serviceProvider.setConsumersThrottled(true);
        HttpResponse sendGet = makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=2");
        Assert.assertEquals("", sendGet.getResponseAsString());
        Map metadata = sendGet.getMetadata();
        Assert.assertNotNull(metadata);
        Assert.assertEquals("consumer_key_refused", metadata.get("oauthError"));
        checkStringContains("oauthErrorText mismatch", (String) metadata.get("oauthErrorText"), "Service provider rejected request");
        checkStringContains("oauthErrorText missing request entry", (String) metadata.get("oauthErrorText"), "GET /data?cachebust=2\n");
        checkStringContains("oauthErrorText missing request entry", (String) metadata.get("oauthErrorText"), "GET /data?cachebust=2&oauth_body_hash=2jm");
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getResourceAccessCount());
        this.serviceProvider.setConsumersThrottled(false);
        makeNonSocialClient.clearState();
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=3").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(4L, this.serviceProvider.getResourceAccessCount());
    }

    @Test
    public void testConsumerThrottled_vagueErrors() throws Exception {
        this.serviceProvider.setVagueErrors(true);
        Assert.assertEquals(0L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getResourceAccessCount());
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getResourceAccessCount());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
        this.serviceProvider.setConsumersThrottled(true);
        HttpResponse sendGet = makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=2");
        Assert.assertEquals(403L, sendGet.getHttpStatusCode());
        Assert.assertEquals("some vague error", sendGet.getResponseAsString());
        Map metadata = sendGet.getMetadata();
        Assert.assertNotNull(metadata);
        Assert.assertNull(metadata.get("oauthError"));
        checkStringContains("oauthErrorText missing request entry", (String) metadata.get("oauthErrorText"), "GET /data?cachebust=2\n");
        checkStringContains("oauthErrorText missing request entry", (String) metadata.get("oauthErrorText"), "GET /data?cachebust=2&oauth_body_hash=2jm");
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getResourceAccessCount());
        this.serviceProvider.setConsumersThrottled(false);
        makeNonSocialClient.clearState();
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=3").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(4L, this.serviceProvider.getResourceAccessCount());
    }

    @Test
    public void testSocialOAuth_tokenRevoked() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        this.serviceProvider.revokeAllAccessTokens();
        Assert.assertEquals(0L, this.base.getAccessTokenRemoveCount());
        Assert.assertEquals("", makeSocialOAuthClient("owner", "owner", GADGET_URL).sendGet("http://www.example.com/data?cb=1").getResponseAsString());
        Assert.assertEquals(1L, this.base.getAccessTokenRemoveCount());
    }

    @Test
    public void testWrongServiceName() throws Exception {
        Map metadata = new MakeRequestClient(getSecurityToken("owner", "owner", GADGET_URL), this.fetcherConfig, this.serviceProvider, "nosuchservice").sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getMetadata();
        Assert.assertNull(metadata.get("oauthApprovalUrl"));
        Assert.assertEquals("BAD_OAUTH_CONFIGURATION", metadata.get("oauthError"));
        String str = (String) metadata.get("oauthErrorText");
        Assert.assertTrue(str, str.startsWith("Failed to retrieve OAuth URLs, spec for gadget does not contain OAuth service nosuchservice.  Known services: testservice"));
    }

    @Test
    public void testPreapprovedToken() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        FakeOAuthServiceProvider.TokenPair preapprovedToken = this.serviceProvider.getPreapprovedToken("preapproved");
        makeNonSocialClient.getBaseArgs().setRequestToken(preapprovedToken.token);
        makeNonSocialClient.getBaseArgs().setRequestTokenSecret(preapprovedToken.secret);
        Assert.assertEquals("User data is preapproved", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(0L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is preapproved", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        Assert.assertEquals(0L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is preapproved", makeNonSocialClient.sendGet("http://www.example.com/data?cachebust=2").getResponseAsString());
        Assert.assertEquals(0L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getResourceAccessCount());
    }

    @Test
    public void testPreapprovedToken_invalid() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        makeNonSocialClient.getBaseArgs().setRequestToken("garbage");
        makeNonSocialClient.getBaseArgs().setRequestTokenSecret("garbage");
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(0L, this.serviceProvider.getResourceAccessCount());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
    }

    @Test
    public void testPreapprovedToken_notUsedIfAccessTokenExists() throws Exception {
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        FakeOAuthServiceProvider.TokenPair preapprovedToken = this.serviceProvider.getPreapprovedToken("preapproved");
        makeNonSocialClient.getBaseArgs().setRequestToken(preapprovedToken.token);
        makeNonSocialClient.getBaseArgs().setRequestTokenSecret(preapprovedToken.secret);
        Assert.assertEquals("User data is preapproved", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(0L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is preapproved", makeNonSocialClient("owner", "owner", GADGET_URL).sendGet("http://www.example.com/data?cachebust=1").getResponseAsString());
        Assert.assertEquals(0L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
    }

    @Test
    public void testSignedFetchParametersSet() throws Exception {
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "opensocial_viewer_id", "v"));
        Assert.assertTrue(contains(decodeForm, "opensocial_app_id", "app"));
        Assert.assertTrue(contains(decodeForm, "oauth_consumer_key", "signedfetch"));
        Assert.assertTrue(contains(decodeForm, "xoauth_signature_publickey", "foo"));
        Assert.assertTrue(contains(decodeForm, "xoauth_public_key", "foo"));
        Assert.assertFalse(contains(decodeForm, "opensocial_proxied_content", "1"));
    }

    @Test
    public void testSignedFetch_authHeader() throws Exception {
        this.serviceProvider.setParamLocation(AccessorInfo.OAuthParamLocation.AUTH_HEADER);
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.getBaseArgs().setRequestOption("OAUTH_PROGRAMMATIC_CONFIG", "true");
        makeSignedFetchClient.getBaseArgs().setRequestOption("OAUTH_PARAM_LOCATION", "auth-header");
        String header = makeSignedFetchClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getHeader(FakeOAuthServiceProvider.AUTHZ_ECHO_HEADER);
        Assert.assertNotNull("Should have echoed authz header", header);
        checkStringContains("should have opensocial params in header", header, "opensocial_owner_id=\"o\"");
    }

    @Test
    public void testSignedFetchParametersSetProxiedContent() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.getBaseArgs().setProxiedContentRequest(true);
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "opensocial_viewer_id", "v"));
        Assert.assertTrue(contains(decodeForm, "opensocial_app_id", "app"));
        Assert.assertTrue(contains(decodeForm, "oauth_consumer_key", "signedfetch"));
        Assert.assertTrue(contains(decodeForm, "xoauth_signature_publickey", "foo"));
        Assert.assertTrue(contains(decodeForm, "xoauth_public_key", "foo"));
        Assert.assertTrue(contains(decodeForm, "opensocial_proxied_content", "1"));
    }

    @Test
    public void testPostBinaryData() throws Exception {
        byte[] bArr = {0, 1, 2, 3, 4, 5};
        HttpResponse sendRawPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, null, bArr);
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(sendRawPost.getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "oauth_consumer_key", "signedfetch"));
        Assert.assertTrue(Arrays.equals(bArr, Base64.decodeBase64(CharsetUtil.getUtf8Bytes(sendRawPost.getHeader(FakeOAuthServiceProvider.RAW_BODY_ECHO_HEADER)))));
    }

    @Test
    public void testPostWeirdContentType() throws Exception {
        byte[] bArr = {0, 1, 2, 3, 4, 5};
        HttpResponse sendRawPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", bArr);
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(sendRawPost.getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "oauth_consumer_key", "signedfetch"));
        Assert.assertTrue(Arrays.equals(bArr, Base64.decodeBase64(CharsetUtil.getUtf8Bytes(sendRawPost.getHeader(FakeOAuthServiceProvider.RAW_BODY_ECHO_HEADER)))));
    }

    @Test
    public void testGetWithFormEncodedBody() throws Exception {
        Assert.assertEquals("war=peace&yes=no", makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "application/x-www-form-urlencoded", "war=peace&yes=no".getBytes()).getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER));
    }

    @Test
    public void testGetWithRawBody() throws Exception {
        HttpResponse sendGetWithBody = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "application/json", "war=peace&yes=no".getBytes());
        Assert.assertEquals("war=peace&yes=no", sendGetWithBody.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER));
        checkContains(OAuth.decodeForm(sendGetWithBody.getResponseAsString()), "oauth_body_hash", "MfhwxPN6ns5CwQAZN9OcJXu3Jv4=");
    }

    @Test
    public void testGetTamperedRawContent() throws Exception {
        byte[] bArr = {0, 1, 2, 3, 4, 5};
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.setNextFetcher(new HttpFetcher() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.4
            public HttpResponse fetch(HttpRequest httpRequest) throws GadgetException {
                httpRequest.setPostBody("yo momma".getBytes());
                return OAuthRequestTest.this.serviceProvider.fetch(httpRequest);
            }
        });
        try {
            makeSignedFetchClient.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", bArr);
            Assert.fail("Should have thrown with oauth_body_hash mismatch");
        } catch (RuntimeException e) {
        }
    }

    @Test(expected = RuntimeException.class)
    public void testGetTamperedFormContent() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.setNextFetcher(new HttpFetcher() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.5
            public HttpResponse fetch(HttpRequest httpRequest) throws GadgetException {
                httpRequest.setPostBody("foo=quux".getBytes());
                return OAuthRequestTest.this.serviceProvider.fetch(httpRequest);
            }
        });
        makeSignedFetchClient.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "application/x-www-form-urlencoded", "foo=bar".getBytes());
        Assert.fail("Should have thrown with oauth signature mismatch");
    }

    @Test(expected = RuntimeException.class)
    public void testGetTamperedRemoveRawContent() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.setNextFetcher(new HttpFetcher() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.6
            public HttpResponse fetch(HttpRequest httpRequest) throws GadgetException {
                httpRequest.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY);
                httpRequest.setHeader("Content-Type", "application/x-www-form-urlencoded");
                return OAuthRequestTest.this.serviceProvider.fetch(httpRequest);
            }
        });
        makeSignedFetchClient.sendGetWithBody(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", new byte[]{0, 1, 2, 3, 4, 5});
        Assert.fail("Should have thrown with body hash in form encoded request");
    }

    @Test(expected = RuntimeException.class)
    public void testPostTamperedRawContent() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.setNextFetcher(new HttpFetcher() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.7
            public HttpResponse fetch(HttpRequest httpRequest) throws GadgetException {
                httpRequest.setPostBody("yo momma".getBytes());
                return OAuthRequestTest.this.serviceProvider.fetch(httpRequest);
            }
        });
        makeSignedFetchClient.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", new byte[]{0, 1, 2, 3, 4, 5});
        Assert.fail("Should have thrown with oauth_body_hash mismatch");
    }

    @Test(expected = RuntimeException.class)
    public void testPostTamperedFormContent() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.setNextFetcher(new HttpFetcher() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.8
            public HttpResponse fetch(HttpRequest httpRequest) throws GadgetException {
                httpRequest.setPostBody("foo=quux".getBytes());
                return OAuthRequestTest.this.serviceProvider.fetch(httpRequest);
            }
        });
        makeSignedFetchClient.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "foo=bar");
        Assert.fail("Should have thrown with oauth signature mismatch");
    }

    @Test(expected = RuntimeException.class)
    public void testPostTamperedRemoveRawContent() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.setNextFetcher(new HttpFetcher() { // from class: org.apache.shindig.gadgets.oauth.OAuthRequestTest.9
            public HttpResponse fetch(HttpRequest httpRequest) throws GadgetException {
                httpRequest.setPostBody(ArrayUtils.EMPTY_BYTE_ARRAY);
                httpRequest.setHeader("Content-Type", "application/x-www-form-urlencoded");
                return OAuthRequestTest.this.serviceProvider.fetch(httpRequest);
            }
        });
        makeSignedFetchClient.sendRawPost(FakeOAuthServiceProvider.RESOURCE_URL, "funky-content", new byte[]{0, 1, 2, 3, 4, 5});
        Assert.fail("Should have thrown with body hash in form encoded request");
    }

    @Test
    public void testSignedFetch_error401() throws Exception {
        Assert.assertEquals(0L, this.base.getAccessTokenRemoveCount());
        this.serviceProvider.setConsumerUnauthorized(true);
        this.serviceProvider.setVagueErrors(true);
        HttpResponse sendGet = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertNull(sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        checkStringContains("Should return sent request", str, "GET /data");
        checkStringContains("Should return response", str, "HTTP/1.1 401");
        checkStringContains("Should return response", str, "some vague error");
        Assert.assertEquals(0L, this.base.getAccessTokenRemoveCount());
    }

    @Test
    public void testSignedFetch_error403() throws Exception {
        Assert.assertEquals(0L, this.base.getAccessTokenRemoveCount());
        this.serviceProvider.setConsumersThrottled(true);
        this.serviceProvider.setVagueErrors(true);
        HttpResponse sendGet = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
        Assert.assertNull(sendGet.getMetadata().get("oauthError"));
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        checkStringContains("Should return sent request", str, "GET /data");
        checkStringContains("Should return response", str, "HTTP/1.1 403");
        checkStringContains("Should return response", str, "some vague error");
        Assert.assertEquals(0L, this.base.getAccessTokenRemoveCount());
    }

    @Test
    public void testSignedFetch_unnamedConsumerKey() throws Exception {
        this.base.setDefaultKey(new BasicOAuthStoreConsumerKeyAndSecret((String) null, FakeOAuthServiceProvider.PRIVATE_KEY_TEXT, BasicOAuthStoreConsumerKeyAndSecret.KeyType.RSA_PRIVATE, "foo", (String) null));
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "opensocial_viewer_id", "v"));
        Assert.assertTrue(contains(decodeForm, "opensocial_app_id", "app"));
        Assert.assertTrue(contains(decodeForm, "oauth_consumer_key", "container.com"));
        Assert.assertTrue(contains(decodeForm, "xoauth_signature_publickey", "foo"));
        Assert.assertTrue(contains(decodeForm, "xoauth_public_key", "foo"));
    }

    @Test
    public void testSignedFetch_extraQueryParameters() throws Exception {
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet("http://www.example.com/data?foo=bar&foo=baz").getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "opensocial_viewer_id", "v"));
        Assert.assertTrue(contains(decodeForm, "opensocial_app_id", "app"));
        Assert.assertTrue(contains(decodeForm, "oauth_consumer_key", "signedfetch"));
        Assert.assertTrue(contains(decodeForm, "xoauth_signature_publickey", "foo"));
        Assert.assertTrue(contains(decodeForm, "xoauth_public_key", "foo"));
    }

    @Test
    public void testNoSignViewer() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.getBaseArgs().setSignViewer(false);
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertFalse(contains(decodeForm, "opensocial_viewer_id", "v"));
    }

    @Test
    public void testNoSignOwner() throws Exception {
        MakeRequestClient makeSignedFetchClient = makeSignedFetchClient("o", "v", "http://www.example.com/app");
        makeSignedFetchClient.getBaseArgs().setSignOwner(false);
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertFalse(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "opensocial_viewer_id", "v"));
    }

    @Test
    public void testTrickyParametersInQuery() throws Exception {
        HttpResponse sendGet = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet("http://www.example.com/data?%6fpensocial_owner_id=gotcha");
        Assert.assertEquals(OAuthError.INVALID_PARAMETER.name(), sendGet.getMetadata().get("oauthError"));
        checkStringContains("Wrong error text", (String) sendGet.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_owner_id, applications may not override oauth, xoauth, or opensocial parameters");
    }

    @Test
    public void testTrickyParametersInBody() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "%6fpensocial_owner_id=gotcha");
        Assert.assertEquals(OAuthError.INVALID_PARAMETER.name(), sendFormPost.getMetadata().get("oauthError"));
        checkStringContains("Wrong error text", (String) sendFormPost.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_owner_id, applications may not override oauth, xoauth, or opensocial parameters");
    }

    @Test
    public void testGetNoQuery() throws Exception {
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "opensocial_owner_id", "o"));
        Assert.assertTrue(contains(decodeForm, "opensocial_viewer_id", "v"));
    }

    @Test
    public void testGetWithQuery() throws Exception {
        Assert.assertTrue(contains(OAuth.decodeForm(makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet("http://www.example.com/data?a=b").getResponseAsString()), "a", "b"));
    }

    @Test
    public void testGetWithQueryMultiParam() throws Exception {
        List<OAuth.Parameter> decodeForm = OAuth.decodeForm(makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet("http://www.example.com/data?a=b&a=c").getResponseAsString());
        Assert.assertTrue(contains(decodeForm, "a", "b"));
        Assert.assertTrue(contains(decodeForm, "a", "c"));
    }

    @Test
    public void testValidParameterCharacters() throws Exception {
        Assert.assertTrue(contains(OAuth.decodeForm(makeSignedFetchClient("o", "v", "http://www.example.com/app").sendGet("http://www.example.com/data?~!@$*()-_[]:,./=foo").getResponseAsString()), "~!@$*()-_[]:,./", "foo"));
    }

    @Test
    public void testPostNoQueryNoData() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, null);
        Assert.assertTrue(contains(OAuth.decodeForm(sendFormPost.getResponseAsString()), "opensocial_owner_id", "o"));
        Assert.assertEquals("", sendFormPost.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER));
    }

    @Test
    public void testPostWithQueryNoData() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost("http://www.example.com/data?name=value", null);
        Assert.assertTrue(contains(OAuth.decodeForm(sendFormPost.getResponseAsString()), "name", "value"));
        Assert.assertEquals("", sendFormPost.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER));
    }

    @Test
    public void testPostNoQueryWithData() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "name=value");
        Assert.assertFalse(contains(OAuth.decodeForm(sendFormPost.getResponseAsString()), "name", "value"));
        Assert.assertEquals("name=value", sendFormPost.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER));
    }

    @Test
    public void testPostWithQueryWithData() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost("http://www.example.com/data?queryName=queryValue", "name=value");
        Assert.assertTrue(contains(OAuth.decodeForm(sendFormPost.getResponseAsString()), "queryName", "queryValue"));
        Assert.assertEquals("name=value", sendFormPost.getHeader(FakeOAuthServiceProvider.BODY_ECHO_HEADER));
    }

    @Test
    public void testStripOpenSocialParamsFromQuery() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost("http://www.example.com/data?opensocial_foo=bar", null);
        Assert.assertEquals(OAuthError.INVALID_PARAMETER.name(), sendFormPost.getMetadata().get("oauthError"));
        checkStringContains("Wrong error text", (String) sendFormPost.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_foo");
    }

    @Test
    public void testStripOAuthParamsFromQuery() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost("http://www.example.com/data?oauth_foo=bar", "name=value");
        Assert.assertEquals(OAuthError.INVALID_PARAMETER.name(), sendFormPost.getMetadata().get("oauthError"));
        checkStringContains("Wrong error text", (String) sendFormPost.getMetadata().get("oauthErrorText"), "Invalid parameter name oauth_foo");
    }

    @Test
    public void testStripOpenSocialParamsFromBody() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "opensocial_foo=bar");
        Assert.assertEquals(OAuthError.INVALID_PARAMETER.name(), sendFormPost.getMetadata().get("oauthError"));
        checkStringContains("Wrong error text", (String) sendFormPost.getMetadata().get("oauthErrorText"), "Invalid parameter name opensocial_foo");
    }

    @Test
    public void testStripOAuthParamsFromBody() throws Exception {
        HttpResponse sendFormPost = makeSignedFetchClient("o", "v", "http://www.example.com/app").sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "oauth_foo=bar");
        Assert.assertEquals(OAuthError.INVALID_PARAMETER.name(), sendFormPost.getMetadata().get("oauthError"));
        checkStringContains("Wrong error text", (String) sendFormPost.getMetadata().get("oauthErrorText"), "Invalid parameter name oauth_foo");
    }

    @Test
    public void testAccessTokenExpires_onClient() throws Exception {
        this.serviceProvider.setSessionExtension(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        this.clock.incrementSeconds(61);
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cb=1").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cb=3").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getResourceAccessCount());
        this.clock.incrementSeconds(61);
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cb=4").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(4L, this.serviceProvider.getResourceAccessCount());
        checkEmptyLog();
    }

    @Test
    public void testAccessTokenExpires_onClientNoPredictedExpiration() throws Exception {
        this.serviceProvider.setSessionExtension(true);
        this.serviceProvider.setReportExpirationTimes(false);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        this.clock.incrementSeconds(61);
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cb=1").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cb=3").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(4L, this.serviceProvider.getResourceAccessCount());
        this.clock.incrementSeconds(61);
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet("http://www.example.com/data?cb=4").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(6L, this.serviceProvider.getResourceAccessCount());
    }

    @Test
    public void testAccessTokenExpires_onServer() throws Exception {
        this.serviceProvider.setSessionExtension(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        MakeRequestClient makeNonSocialClient2 = makeNonSocialClient("owner", "owner", GADGET_URL);
        this.clock.incrementSeconds(61);
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient2.sendGet("http://www.example.com/data?cb=1").getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
    }

    @Test
    public void testAccessTokenExpired_andRevoked() throws Exception {
        this.serviceProvider.setSessionExtension(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        this.clock.incrementSeconds(61);
        this.serviceProvider.revokeAllAccessTokens();
        Assert.assertEquals("", makeNonSocialClient.sendGet("http://www.example.com/data?cb=1").getResponseAsString());
        Assert.assertEquals(2L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        makeNonSocialClient.approveToken("user_data=renewed");
        HttpResponse sendGet = makeNonSocialClient.sendGet("http://www.example.com/data?cb=1");
        Assert.assertEquals(2L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is renewed", sendGet.getResponseAsString());
        checkLogContains("oauth_token_secret=REMOVED");
    }

    @Test
    public void testBadSessionHandle() throws Exception {
        this.serviceProvider.setSessionExtension(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(1L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        this.clock.incrementSeconds(61);
        this.serviceProvider.changeAllSessionHandles();
        Assert.assertEquals("", makeNonSocialClient.sendGet("http://www.example.com/data?cb=1").getResponseAsString());
        Assert.assertEquals(2L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(1L, this.serviceProvider.getResourceAccessCount());
        makeNonSocialClient.approveToken("user_data=renewed");
        HttpResponse sendGet = makeNonSocialClient.sendGet("http://www.example.com/data?cb=1");
        Assert.assertEquals(2L, this.serviceProvider.getRequestTokenCount());
        Assert.assertEquals(3L, this.serviceProvider.getAccessTokenCount());
        Assert.assertEquals(2L, this.serviceProvider.getResourceAccessCount());
        Assert.assertEquals("User data is renewed", sendGet.getResponseAsString());
        checkLogContains("oauth_session_handle=REMOVED");
    }

    @Test
    public void testExtraParamsRejected() throws Exception {
        this.serviceProvider.setRejectExtraParams(true);
        Assert.assertEquals("parameter_rejected", makeNonSocialClient("owner", "owner", GADGET_URL).sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getMetadata().get("oauthError"));
    }

    @Test
    public void testExtraParamsSuppressed() throws Exception {
        this.serviceProvider.setRejectExtraParams(true);
        MakeRequestClient makeStrictNonSocialClient = makeStrictNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeStrictNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeStrictNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeStrictNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
    }

    @Test
    public void testCanRetrieveAccessTokenData() throws Exception {
        this.serviceProvider.setReturnAccessTokenData(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        HttpResponse sendGet = makeNonSocialClient.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
        Assert.assertEquals("application/json; charset=UTF-8", sendGet.getHeader("Content-Type"));
        JSONObject jSONObject = new JSONObject(sendGet.getResponseAsString());
        Assert.assertEquals("userid value", jSONObject.get("userid"));
        Assert.assertEquals("xoauth_stuff value", jSONObject.get("xoauth_stuff"));
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
    }

    @Test
    public void testAccessTokenData_noOAuthParams() throws Exception {
        this.serviceProvider.setReturnAccessTokenData(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        JSONObject jSONObject = new JSONObject(makeNonSocialClient.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL).getResponseAsString());
        Assert.assertEquals("userid value", jSONObject.get("userid"));
        Assert.assertEquals("xoauth_stuff value", jSONObject.get("xoauth_stuff"));
        Assert.assertEquals(2L, jSONObject.length());
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
    }

    @Test(expected = RuntimeException.class)
    public void testAccessTokenData_noDirectRequest() throws Exception {
        this.serviceProvider.setReturnAccessTokenData(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
        Assert.fail("Service provider should have rejected bogus request to access token URL");
    }

    @Test
    public void testNextFetchReturnsNull() throws Exception {
        this.serviceProvider.setReturnNull(true);
        HttpResponse sendGet = makeNonSocialClient("owner", "owner", GADGET_URL).sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
        Assert.assertEquals("MISSING_SERVER_RESPONSE", sendGet.getMetadata().get("oauthError"));
        Assert.assertEquals("", sendGet.getResponseAsString());
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        checkStringContains("should say no response", str, "No response from server");
        checkStringContains("should show request", str, "GET /request?param=foo&opensocial_owner_id=owner");
        checkStringContains("should log empty response", str, "Received response 1:\n\n");
        checkLogContains("No response from server");
        checkLogContains("GET /request?param=foo&opensocial_owner_id=owner");
        checkLogContains("OAuth error [MISSING_SERVER_RESPONSE, No response from server] for application http://www.example.com/gadget.xml");
    }

    @Test
    public void testNextFetchThrowsGadgetException() throws Exception {
        this.serviceProvider.setThrow(new GadgetException(GadgetException.Code.FAILED_TO_RETRIEVE_CONTENT, "mildly wrong"));
        HttpResponse sendGet = makeNonSocialClient("owner", "owner", GADGET_URL).sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
        Assert.assertEquals("MISSING_SERVER_RESPONSE", sendGet.getMetadata().get("oauthError"));
        Assert.assertEquals("", sendGet.getResponseAsString());
        String str = (String) sendGet.getMetadata().get("oauthErrorText");
        checkStringContains("should say no response", str, "No response from server");
        checkStringContains("should show request", str, "GET /request?param=foo&opensocial_owner_id=owner");
        checkStringContains("should log empty response", str, "Received response 1:\n\n");
        checkLogContains("No response from server");
        checkLogContains("GET /request?param=foo&opensocial_owner_id=owner");
        checkLogContains("OAuth error [MISSING_SERVER_RESPONSE, No response from server] for application http://www.example.com/gadget.xml");
        checkLogContains("GadgetException");
        checkLogContains("mildly wrong");
    }

    @Test
    public void testNextFetchThrowsRuntimeException() throws Exception {
        this.serviceProvider.setThrow(new RuntimeException("very, very wrong"));
        try {
            makeNonSocialClient("owner", "owner", GADGET_URL).sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
            Assert.fail("Should have thrown");
        } catch (RuntimeException e) {
        }
        checkLogContains("OAuth fetch unexpected fatal erro");
        checkLogContains("GET /request?param=foo&opensocial_owner_id=owner");
        checkLogContains("OAuth error [very, very wrong] for application http://www.example.com/gadget.xml");
        checkLogContains("RuntimeException");
        checkLogContains("very, very wrong");
    }

    @Test
    public void testTrustedParams() throws Exception {
        this.serviceProvider.setCheckTrustedParams(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        makeNonSocialClient.setTrustedParam("oauth_magic", "foo");
        makeNonSocialClient.setTrustedParam("opensocial_magic", "bar");
        makeNonSocialClient.setTrustedParam("xoauth_magic", "quux");
        makeNonSocialClient.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id");
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(12L, this.serviceProvider.getTrustedParamCount());
    }

    @Test
    public void testTrustedParamsMisc() throws Exception {
        this.serviceProvider.setCheckTrustedParams(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        makeNonSocialClient.setTrustedParam("oauth_magic", "foo");
        makeNonSocialClient.setTrustedParam("opensocial_magic", "bar");
        makeNonSocialClient.setTrustedParam("xoauth_magic", "quux_overridden");
        makeNonSocialClient.setTrustedParam("xoauth_magic", "quux");
        makeNonSocialClient.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id");
        Assert.assertEquals("", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(12L, this.serviceProvider.getTrustedParamCount());
    }

    @Test
    public void testAlwaysAppendTrustedParams() throws Exception {
        this.serviceProvider.setCheckTrustedParams(true);
        MakeRequestClient makeStrictNonSocialClient = makeStrictNonSocialClient("owner", "owner", GADGET_URL);
        makeStrictNonSocialClient.setTrustedParam("oauth_magic", "foo");
        makeStrictNonSocialClient.setTrustedParam("opensocial_magic", "bar");
        makeStrictNonSocialClient.setTrustedParam("xoauth_magic", "quux");
        makeStrictNonSocialClient.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id");
        Assert.assertEquals("", makeStrictNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        makeStrictNonSocialClient.approveToken("user_data=hello-oauth");
        Assert.assertEquals("User data is hello-oauth", makeStrictNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getResponseAsString());
        Assert.assertEquals(12L, this.serviceProvider.getTrustedParamCount());
    }

    @Test
    public void testTrustedParamsInvalidParameter() throws Exception {
        this.serviceProvider.setCheckTrustedParams(true);
        MakeRequestClient makeNonSocialClient = makeNonSocialClient("owner", "owner", GADGET_URL);
        makeNonSocialClient.setTrustedParam("oauth_magic", "foo");
        makeNonSocialClient.setTrustedParam("opensocial_magic", "bar");
        makeNonSocialClient.setTrustedParam("xoauth_magic", "quux");
        makeNonSocialClient.setTrustedParam("opensocial_owner_id", "overridden_opensocial_owner_id");
        makeNonSocialClient.setTrustedParam("invalid_trusted_parameter", "invalid");
        Assert.assertEquals(403L, makeNonSocialClient.sendGet(FakeOAuthServiceProvider.RESOURCE_URL).getHttpStatusCode());
    }

    private boolean contains(List<OAuth.Parameter> list, String str, String str2) {
        for (OAuth.Parameter parameter : list) {
            if (parameter.getKey().equals(str) && parameter.getValue().equals(str2)) {
                return true;
            }
        }
        return false;
    }

    private void checkContains(List<OAuth.Parameter> list, String str, String str2) {
        for (OAuth.Parameter parameter : list) {
            if (parameter.getKey().equals(str)) {
                Assert.assertEquals(str2, parameter.getValue());
                return;
            }
        }
        Assert.fail("List did not contain " + str + '=' + str2 + "; instead was " + list);
    }

    private String getLogText() {
        StringBuilder sb = new StringBuilder();
        for (LogRecord logRecord : this.logRecords) {
            sb.append(logRecord.getMessage());
            if (logRecord.getThrown() != null) {
                StringWriter stringWriter = new StringWriter();
                PrintWriter printWriter = new PrintWriter(stringWriter);
                logRecord.getThrown().printStackTrace(printWriter);
                printWriter.flush();
                sb.append(stringWriter.toString());
            }
        }
        return sb.toString();
    }

    private void checkLogContains(String str) {
        if (this.logger.getLevel() == null || !this.logger.getLevel().equals(Level.OFF)) {
            String logText = getLogText();
            if (logText.contains(str)) {
                return;
            }
            Assert.fail("Should have logged '" + str + "', instead got " + logText);
        }
    }

    private void checkEmptyLog() {
        Assert.assertEquals("", getLogText());
    }

    private void checkStringContains(String str, String str2, String str3) {
        if (str2.contains(str3)) {
            return;
        }
        Assert.fail(str + ", expected [" + str3 + "], got + [" + str2 + ']');
    }
}
