include the port in BLTI Oauth request if it's non-standard

Thanks to Gabe O'Brien for the initial patch Change-Id: I0b589e9cceb531607b8609d71f6da3687829a116 Reviewed-on: https://gerrit.instructure.com/5883 Reviewed-by: Zach Wily <zach@instructure.com> Reviewed-by: Brian Palmer <brianp@instructure.com> Tested-by: Hudson <hudson@instructure.com>
2011-09-28 10:21:23 -06:00 · 2011-09-28 10:21:23 -06:00 · 33faf34207
parent 6db73cb3ca
commit 33faf34207
2 changed files with 42 additions and 2 deletions
--- a/lib/basic_lti.rb
+++ b/lib/basic_lti.rb
@ -9,10 +9,18 @@ module BasicLTI
    require 'oauth'
    require 'oauth/consumer'
    uri = URI.parse(url)
+
+    if uri.port == uri.default_port
+      host = uri.host
+    else
+      host = "#{uri.host}:#{uri.port}"
+    end
+
    consumer = OAuth::Consumer.new(key, secret, {
-      :site => "#{uri.scheme}://#{uri.host}",
+      :site => "#{uri.scheme}://#{host}",
      :signature_method => "HMAC-SHA1"
    })
+
    path = uri.path
    path = '/' if path.empty?
    if !uri.query.blank?
@ -81,4 +89,4 @@ module BasicLTI
    hash['oauth_callback'] = 'about:blank'
    generate_params(hash, url, tool.consumer_key, tool.shared_secret)
  end
-end
+end
--- a/spec/lib/basic_lti_spec.rb
+++ b/spec/lib/basic_lti_spec.rb
@ -61,6 +61,38 @@ describe BasicLTI do
      }, 'http://dr-chuck.com/ims/php-simple/tool.php?a=1&b=2', '12345', 'secret')
      res['oauth_signature'].should eql('eCJ7qILcordyJC2/Unhchp6RAcs=')
    end
+    
+    it "should generate a correct signature with a non-standard port" do
+      # signatures generated using http://oauth.googlecode.com/svn/code/javascript/example/signature.html
+      BasicLTI.explicit_signature_settings('1251600739', 'c8350c0e47782d16d2fa48b2090c1d8f')
+      res = BasicLTI.generate_params({
+      }, 'http://dr-chuck.com:123/ims/php-simple/tool.php', '12345', 'secret')
+      res['oauth_signature'].should eql('ghEdPHwN4iJmsM3Nr4AndDx2Kx8=')
+      
+      res = BasicLTI.generate_params({
+      }, 'http://dr-chuck.com/ims/php-simple/tool.php', '12345', 'secret')
+      res['oauth_signature'].should eql('WoSpvCr2HEsLzao6Do0eukxwAsk=')
+      
+      res = BasicLTI.generate_params({
+      }, 'http://dr-chuck.com:80/ims/php-simple/tool.php', '12345', 'secret')
+      res['oauth_signature'].should eql('WoSpvCr2HEsLzao6Do0eukxwAsk=')
+      
+      res = BasicLTI.generate_params({
+      }, 'http://dr-chuck.com:443/ims/php-simple/tool.php', '12345', 'secret')
+      res['oauth_signature'].should eql('KqAV7eIS/+iWIDpvCyDfY8ZpmT4=')
+      
+      res = BasicLTI.generate_params({
+      }, 'https://dr-chuck.com/ims/php-simple/tool.php', '12345', 'secret')
+      res['oauth_signature'].should eql('wFRB/1ZXi/91dop6GwahfboWPvQ=')
+      
+      res = BasicLTI.generate_params({
+      }, 'https://dr-chuck.com:443/ims/php-simple/tool.php', '12345', 'secret')
+      res['oauth_signature'].should eql('wFRB/1ZXi/91dop6GwahfboWPvQ=')
+      
+      res = BasicLTI.generate_params({
+      }, 'https://dr-chuck.com:80/ims/php-simple/tool.php', '12345', 'secret')
+      res['oauth_signature'].should eql('X8Aq2HXSHnr6u/6z/G9zI5aDoR0=')
+    end
  end
  
  describe "generate" do