Commit bf0fa427 authored by munjal@chromium.org's avatar munjal@chromium.org

Set the authorization header when calling an API. Otherwise, no API call will succeed.

Review URL: https://chromiumcodereview.appspot.com/10080016

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@132473 0039d316-1c4b-4281-b951-d872f2087c98
parent e14b4d34
......@@ -8,6 +8,7 @@
#include <vector>
#include "base/basictypes.h"
#include "base/stringprintf.h"
#include "chrome/common/net/gaia/gaia_urls.h"
#include "net/base/escape.h"
#include "net/base/load_flags.h"
......@@ -21,6 +22,15 @@ using net::ResponseCookies;
using net::URLRequestContextGetter;
using net::URLRequestStatus;
namespace {
static const char kAuthorizationHeaderFormat[] =
"Authorization: Bearer %s";
static std::string MakeAuthorizationHeader(const std::string& auth_token) {
return StringPrintf(kAuthorizationHeaderFormat, auth_token.c_str());
}
} // namespace
OAuth2ApiCallFlow::OAuth2ApiCallFlow(
net::URLRequestContextGetter* context,
const std::string& refresh_token,
......@@ -146,6 +156,7 @@ URLFetcher* OAuth2ApiCallFlow::CreateURLFetcher() {
result->SetRequestContext(context_);
result->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
net::LOAD_DO_NOT_SAVE_COOKIES);
result->AddExtraRequestHeader(MakeAuthorizationHeader(access_token_));
if (!empty_body)
result->SetUploadData("application/x-www-form-urlencoded", body);
......
......@@ -88,6 +88,7 @@ class OAuth2ApiCallFlow
};
friend class OAuth2ApiCallFlowTest;
FRIEND_TEST_ALL_PREFIXES(OAuth2ApiCallFlowTest, CreateURLFetcher);
// Helper to create an instance of access token fetcher.
// Caller owns the returned instance.
......
......@@ -18,6 +18,7 @@
#include "content/public/common/url_fetcher_delegate.h"
#include "content/public/common/url_fetcher_factory.h"
#include "content/test/test_url_fetcher_factory.h"
#include "net/http/http_request_headers.h"
#include "net/http/http_status_code.h"
#include "net/url_request/url_request.h"
#include "net/url_request/url_request_status.h"
......@@ -27,11 +28,15 @@
using content::URLFetcher;
using content::URLFetcherDelegate;
using content::URLFetcherFactory;
using net::HttpRequestHeaders;
using net::URLRequestStatus;
using testing::_;
using testing::Return;
namespace {
static std::string CreateBody() {
return "some body";
}
static GURL CreateApiUrl() {
return GURL("https://www.googleapis.com/someapi");
......@@ -48,7 +53,7 @@ static std::vector<std::string> CreateTestScopes() {
class MockUrlFetcherFactory : public ScopedURLFetcherFactory,
public URLFetcherFactory {
public:
public:
MockUrlFetcherFactory()
: ScopedURLFetcherFactory(ALLOW_THIS_IN_INITIALIZER_LIST(this)) {
}
......@@ -145,8 +150,9 @@ class OAuth2ApiCallFlowTest : public testing::Test {
}
TestURLFetcher* SetupApiCall(bool succeeds, net::HttpStatusCode status) {
std::string body(CreateBody());
GURL url(CreateApiUrl());
EXPECT_CALL(*flow_, CreateApiCallBody()).WillOnce(Return(""));
EXPECT_CALL(*flow_, CreateApiCallBody()).WillOnce(Return(body));
EXPECT_CALL(*flow_, CreateApiCallUrl()).WillOnce(Return(url));
TestURLFetcher* url_fetcher = CreateURLFetcher(
url, succeeds, status, "");
......@@ -262,3 +268,22 @@ TEST_F(OAuth2ApiCallFlowTest, EmptyAccessTokenNewTokenGenerationFails) {
flow_->Start();
flow_->OnGetTokenFailure(error);
}
TEST_F(OAuth2ApiCallFlowTest, CreateURLFetcher) {
std::string rt = "refresh_token";
std::string at = "access_token";
std::vector<std::string> scopes(CreateTestScopes());
std::string body = CreateBody();
GURL url(CreateApiUrl());
CreateFlow(rt, at, scopes);
TestURLFetcher* url_fetcher = SetupApiCall(true, net::HTTP_OK);
flow_->CreateURLFetcher();
HttpRequestHeaders headers;
url_fetcher->GetExtraRequestHeaders(&headers);
std::string auth_header;
EXPECT_TRUE(headers.GetHeader("Authorization", &auth_header));
EXPECT_EQ("Bearer access_token", auth_header);
EXPECT_EQ(url, url_fetcher->GetOriginalURL());
EXPECT_EQ(body, url_fetcher->upload_data());
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment